From 63065d59a4992bba8e44b3d55d4e2faf2495558d Mon Sep 17 00:00:00 2001 From: Karen Etheridge Date: Wed, 26 Mar 2025 11:33:57 -0700 Subject: [PATCH] ensure we do not parse email strings permissively e.g. we do not accept the entire "From" line from an email, nor two comma-separated email addresses --- tests/draft-next/optional/format/email.json | 10 ++++++++++ tests/draft2019-09/optional/format/email.json | 10 ++++++++++ tests/draft2020-12/optional/format/email.json | 10 ++++++++++ tests/draft3/optional/format/email.json | 10 ++++++++++ tests/draft4/optional/format/email.json | 10 ++++++++++ tests/draft6/optional/format/email.json | 10 ++++++++++ tests/draft7/optional/format/email.json | 10 ++++++++++ 7 files changed, 70 insertions(+) diff --git a/tests/draft-next/optional/format/email.json b/tests/draft-next/optional/format/email.json index 5948ebd1..70633f18 100644 --- a/tests/draft-next/optional/format/email.json +++ b/tests/draft-next/optional/format/email.json @@ -115,6 +115,16 @@ "description": "an invalid IPv4-address-literal", "data": "joe.bloggs@[127.0.0.300]", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft2019-09/optional/format/email.json b/tests/draft2019-09/optional/format/email.json index e6acc32b..ea161eb2 100644 --- a/tests/draft2019-09/optional/format/email.json +++ b/tests/draft2019-09/optional/format/email.json @@ -80,6 +80,16 @@ "description": "two subsequent dots inside local part are not valid", "data": "te..st@example.com", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft2020-12/optional/format/email.json b/tests/draft2020-12/optional/format/email.json index ee075893..925c2f2e 100644 --- a/tests/draft2020-12/optional/format/email.json +++ b/tests/draft2020-12/optional/format/email.json @@ -115,6 +115,16 @@ "description": "an invalid IPv4-address-literal", "data": "joe.bloggs@[127.0.0.300]", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft3/optional/format/email.json b/tests/draft3/optional/format/email.json index 059615ad..4749100a 100644 --- a/tests/draft3/optional/format/email.json +++ b/tests/draft3/optional/format/email.json @@ -47,6 +47,16 @@ "description": "two subsequent dots inside local part are not valid", "data": "te..st@example.com", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft4/optional/format/email.json b/tests/draft4/optional/format/email.json index d6761a46..84113f8a 100644 --- a/tests/draft4/optional/format/email.json +++ b/tests/draft4/optional/format/email.json @@ -77,6 +77,16 @@ "description": "two subsequent dots inside local part are not valid", "data": "te..st@example.com", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft6/optional/format/email.json b/tests/draft6/optional/format/email.json index d6761a46..84113f8a 100644 --- a/tests/draft6/optional/format/email.json +++ b/tests/draft6/optional/format/email.json @@ -77,6 +77,16 @@ "description": "two subsequent dots inside local part are not valid", "data": "te..st@example.com", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] } diff --git a/tests/draft7/optional/format/email.json b/tests/draft7/optional/format/email.json index d6761a46..84113f8a 100644 --- a/tests/draft7/optional/format/email.json +++ b/tests/draft7/optional/format/email.json @@ -77,6 +77,16 @@ "description": "two subsequent dots inside local part are not valid", "data": "te..st@example.com", "valid": false + }, + { + "description": "two email addresses is not valid", + "data": "user1@oceania.org, user2@oceania.org", + "valid": false + }, + { + "description": "full \"From\" header is invalid", + "data": "\"Winston Smith\" (Records Department)", + "valid": false } ] }