Improve email address and general URL normalization

PlaidWeb · Aug 27, 2020 · d433544 · d433544
1 parent da35bf0
commit d433544
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/authl/__init__.py b/authl/__init__.py
@@ -70,6 +70,8 @@ def get_handler_for_url(self, url: str) -> typing.Tuple[typing.Optional[handlers
 
         """
 
+        url = url.strip()
+
         # If webfinger detects profiles for this address, try all of those first
         for profile in webfinger.get_profiles(url):
             LOGGER.debug("Checking profile %s", profile)

diff --git a/tests/handlers/test_emailaddr.py b/tests/handlers/test_emailaddr.py
@@ -21,24 +21,35 @@ def test_basics():
 
     assert handler.handles_url('foo@bar.baz') == 'mailto:foo@bar.baz'
     assert handler.handles_url('mailto:foo@bar.baz') == 'mailto:foo@bar.baz'
+
+    # email addresses must be well-formed
     assert not handler.handles_url('mailto:foobar.baz')
+
+    # don't support other schemas
+    assert not handler.handles_url('email:foo@bar.baz')
     assert not handler.handles_url('@foo@bar.baz')
     assert not handler.handles_url('https://example.com/')
 
+    # handle leading/trailing spaces correctly
     assert handler.handles_url('  foo@bar.baz') == 'mailto:foo@bar.baz'
     assert handler.handles_url('mailto:  foo@bar.baz') == 'mailto:foo@bar.baz'
     assert handler.handles_url('mailto:foo@bar.baz  ') == 'mailto:foo@bar.baz'
 
+    # but don't allow embedded spaces
     assert not handler.handles_url('   foo @bar.baz')
 
+    # email address must be valid
     assert not handler.handles_url(' asdf[]@poiu_foo.baz!')
 
+    # don't allow bang-paths
     assert not handler.handles_url('bang!path!is!fun!bob')
     assert not handler.handles_url('bang.com!path!is!fun!bob')
     assert not handler.handles_url('bang!path!is!fun!bob@example.com')
 
+    # strip out non-email-address components
     assert handler.handles_url('mailto:foo@example.com?subject=pwned') == 'mailto:foo@example.com'
 
+    # handle case correctly
     assert handler.handles_url('MailtO:Foo@Example.Com') == 'mailto:foo@example.com'
 
 

diff --git a/tests/test_main.py b/tests/test_main.py
@@ -71,6 +71,8 @@ def test_get_handler_for_url(requests_mock):
     assert instance.get_handler_for_url('test://bar') == (handler_2, 'b', 'test://bar')
     assert instance.get_handler_for_url('test://baz') == (None, '', '')
 
+    assert instance.get_handler_for_url(' test://foo ') == (handler_1, 'a', 'test://foo')
+
     assert instance.get_handler_for_url('http://moo/link') == \
         (handler_3, 'c', 'http://moo/link')
     assert instance.get_handler_for_url('http://moo/header') == \