Registration does not accept valid email addresses
Closed, WontfixPublic

Description

Importing a large database of existing users, I found two email addresses for which phabricator does not accept the local part (domain part masked to protect the innocent):

=@example.com
{^_^}@example.com

Both are valid according to RFC822 and various email address validators (for RFC822 compliance). I apologize for having users who like to break things!

Version info

Steps to reproduce

/opt/phacility/phabricator$ bin/accountadmin 
Enter a username to create a new account or edit an existing account.

Enter a username: test1
There is no existing user account 'test1'.


    Do you want to create a new 'test1' account? [Y/n] y



    Enter user real name: Test1 User


    Enter user email address: =@example.com


    Enter a password for this user [blank to leave unchanged]: 

    Is this user a bot? [y/N] 



    Should this user be an administrator? [y/N] 



ACCOUNT SUMMARY

               OLD VALUE                        NEW VALUE                     
    Username                                    test1                         
   Real Name                                    Test1 User                    
       Email                                    =@example.com                 
    Password                                    Unchanged                     
         Bot   N                                N                             
       Admin   N                                N                             



    Save these changes? [Y/n] 

[2017-03-06 20:08:01] EXCEPTION: (Exception) Email addresses should be in the form 'user@domain.com'. The maximum length of an email address is 128 character(s). at [<phabricator>/src/applications/people/editor/PhabricatorUserEditor.php:687]
arcanist(head=stable, ref.master=3b6b523c2b23, ref.stable=822bc53ca306), phabricator(head=stable, ref.master=5fad7eb1f902, ref.stable=216f6be11ece), phutil(head=stable, ref.master=81494451f9be, ref.stable=76983f49b179)
  #0 PhabricatorUserEditor::willAddEmail(PhabricatorUserEmail) called at [<phabricator>/src/applications/people/editor/PhabricatorUserEditor.php:60]
  #1 PhabricatorUserEditor::createNewUser(PhabricatorUser, PhabricatorUserEmail) called at [<phabricator>/scripts/user/account_admin.php:209]
PHP Fatal error:  Uncaught Exception: Process exited with an open transaction! The transaction will be implicitly rolled back. Calls to openTransaction() must always be paired with a call to saveTransaction() or killTransaction(). in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php:78
Stack trace:
#0 [internal function]: AphrontDatabaseTransactionState->__destruct()
#1 {main}
  thrown in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php on line 78

Fatal error: Uncaught Exception: Process exited with an open transaction! The transaction will be implicitly rolled back. Calls to openTransaction() must always be paired with a call to saveTransaction() or killTransaction(). in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php:78
Stack trace:
#0 [internal function]: AphrontDatabaseTransactionState->__destruct()
#1 {main}
  thrown in /opt/phacility/libphutil/src/aphront/storage/connection/AphrontDatabaseTransactionState.php on line 78
lambdafu created this task.Mar 6 2017, 8:13 PM
lambdafu updated the task description. (Show Details)Mar 6 2017, 8:17 PM
epriestley closed this task as Wontfix.Mar 6 2017, 8:24 PM
epriestley claimed this task.
epriestley added a subscriber: epriestley.

You can adjust the validation here:

https://secure.phabricator.com/source/phabricator/browse/master/src/applications/people/storage/PhabricatorUserEmail.php;814c28d39a81bf300296caf534038a6ddc7228d1$72

I think addresses in the form =@domain.com are far more likely to be mistakes than clever, technically-valid email addresses (we have ~45K registered users on this install without encountering any of these) and don't plan to change our validation.

I am sure these email addresses are valid, but they are from people who run their own mailserver and can easily add a reasonable address for themselves, so I agree with your conclusion. More importantly, I want to thank you for your quick response, for phabricator, and your passion!

I know someone who has a normalname@domain.horse address and frequently finds services which won't accept it (since they're hard-coded for 3-letter TLDs) so I'd guess users with ={^_^}=@nekoneko.com addresses run into more frequent problems. We should handle .horse, .technology, etc., properly.