Registration does not accept valid email addresses
Closed, WontfixPublic

Description

Importing a large database of existing users, I found two email addresses for which phabricator does not accept the local part (domain part masked to protect the innocent):

=@example.com
{^_^}@example.com

Both are valid according to RFC822 and various email address validators (for RFC822 compliance). I apologize for having users who like to break things!

Version info

Steps to reproduce

/opt/phacility/phabricator$ bin/accountadmin 
Enter a username to create a new account or edit an existing account.

Enter a username: test1
There is no existing user account 'test1'.


    Do you want to create a new 'test1' account? [Y/n] y



    Enter user real name: Test1 User


    Enter user email address: =@example.com


    Enter a password for this user [blank to leave unchanged]: 

    Is this user a bot? [y/N] 



    Should this user be an administrator? [y/N] 



ACCOUNT SUMMARY

               OLD VALUE                        NEW VALUE                     
    Username                                    test1                         
   Real Name                                    Test1 User                    
       Email                                    =@example.com                 
    Password                                    Unchanged                     
         Bot   N                                N                             
       Admin   N                                N                             



    Save these changes? [Y/n] 

[2017-03-06 20:08:01] EXCEPTION: (Exception) Email addresses should be in the form 'user@domain.com'. The maximum length of an email address is 128 character(s). at [<phabricator>/src/applications/people/editor/PhabricatorUserEditor.php:687]
arcanist(head=stable, ref.master=3b6b523c2b23, ref.stable=822bc53ca306), phabricator(head=stable, ref.master=5fad7eb1f902, ref.stable=216f6be11ece), phutil(head=stable, ref.master=81494451f9be, ref.stable=76983f49b179)
  #0 PhabricatorUserEditor::willAddEmail(PhabricatorUserEmail) called at [<phabricator>/src/applications/people/editor/PhabricatorUserEditor.php:60]
  #1 PhabricatorUserEditor::createNewUser(PhabricatorUser, PhabricatorUserEmail) called at [<phabricator>/scripts/user/account_admin.php:209]
PHP Fatal error:  Uncaught Exception: Process exited with an open transaction! The transaction will be implicitly rolled back. Calls to openTransaction() must always be paired with a call to saveTransaction() or killTransaction(). in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php:78
Stack trace:
#0 [internal function]: AphrontDatabaseTransactionState->__destruct()
#1 {main}
  thrown in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php on line 78

Fatal error: Uncaught Exception: Process exited with an open transaction! The transaction will be implicitly rolled back. Calls to openTransaction() must always be paired with a call to saveTransaction() or killTransaction(). in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php:78
Stack trace:
#0 [internal function]: AphrontDatabaseTransactionState->__destruct()
#1 {main}
  thrown in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php on line 78
lambdafu created this task.Mar 6 2017, 8:13 PM
lambdafu updated the task description. (Show Details)Mar 6 2017, 8:17 PM
epriestley closed this task as Wontfix.Mar 6 2017, 8:24 PM
epriestley claimed this task.
epriestley added a subscriber: epriestley.

You can adjust the validation here:

https://secure.phabricator.com/source/phabricator/browse/master/src/applications/people/storage/PhabricatorUserEmail.php;814c28d39a81bf300296caf534038a6ddc7228d1$72

I think addresses in the form =@domain.com are far more likely to be mistakes than clever, technically-valid email addresses (we have ~45K registered users on this install without encountering any of these) and don't plan to change our validation.

I am sure these email addresses are valid, but they are from people who run their own mailserver and can easily add a reasonable address for themselves, so I agree with your conclusion. More importantly, I want to thank you for your quick response, for phabricator, and your passion!

I know someone who has a normalname@domain.horse address and frequently finds services which won't accept it (since they're hard-coded for 3-letter TLDs) so I'd guess users with ={^_^}=@nekoneko.com addresses run into more frequent problems. We should handle .horse, .technology, etc., properly.

We have also found legitimate users who have valid email addresses (Irish users) that are not accepted.

For those visiting from the future via search, I have decided to publish an unofficial bug patch in a github repo, as it breaks once in awhile due to upstream changes.

https://github.com/ofbeaton/phabricator-rfcemail

Support requests in how to use it should be directed at the github issues page.