Be more lenient on email adresses

[Mathnerd314]

GMail ignores all .'s in the address, so both of the following will go to the same address:
example@gmail.com
exa.mple@gmail.com

But the following will as well:
.example@gmail.com
example...@gmail.com
example..example@gmail.com

The above do not match the dot-address form specified by RFC 5322 and (I would guess for that reason) are rejected when attempting to sign up. (And due to #3000 in a rather obtuse way) Considering that there are sites that do accept such emails (e.g., MDN before it switched to Persona), there appears to be no reason to reject them.

[callahad]

I believe we're currently tracking the HTML5 email format, which is "a willful violation of RFC 5322."

The reference regex in that spec does match the example addresses:

> re  = /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/
/^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*$/
> re.test('.example@gmail.com')
true
> re.test('example...@gmail.com')
true
> re.test('example..eample@gmail.com')
true

Which tells me that we should probably be accepting these.

[shane-tomlinson]

@callhad - we are using a different regexp on the front end than the one you show there. What do you think, should we change it over? If not, should this issue stay open?

[callahad]

If the HTML5 spec thinks those are valid addresses, we should probably adjust the regex. Either using that one, or gerv's version.

[jaredhirsch]

Counterpoint: Gmail will soon be treated as a primary, and no other email vendor (that I'm aware of) ignores/allows dots in the user part of the name. So, maybe we close this one as 'wontfix' pending Gmail identity bridging?

[seanmonstar]

I've seen addresses from personal businesses that use dots, to separate their first and last name. I wouldn't close this simply because Gmail is getting an IdP.

Though, reading the subject and summary, I'm not quite sure what exactly this issue wants to do. Make all those emails equal to each other? That's dependent on each IdP, and so I don't think we should be clever there. Simply allow someone to enter those emails into the dialog? Seems like a good idea.

Whatever the goal, can we update the title to be clear of what needs to happen?

[callahad]

Though, reading the subject and summary, I'm not quite sure what exactly this issue wants to do.

How is this for a concrete goal:

The address .foo@example.com should not be rejected as invalid, because it is not an invalid address per the HTML5 specification.

[seanmonstar]

If it currently is rejected, then yes! That sounds actionable.

[callahad]

They're accepted by the front-end, but rejected by the back-end:

//$ curl https://login.persona.org/wsapi/address_info?email=.foo@example.com
{"success":false,"reason":"email: Error: Invalid email"}

[jedp]

Is this really a four-star bug? I'm venturing to demote it to three stars. Please correct and reassign if I'm wrong.

[callahad]

Evidently, it's currently locking people out of MDN that had signed up prior to its switch to Persona, but the absolute number of affected users is small. I'm fine with demoting.

[callahad]

Also tagging as good first bug -- this should be trivial once someone gets the time to dig into it.

[callahad]

Hi! To help us better focus, I'm "closing" all issues that have been open for more than six months. These have been tagged "cleanup-2014" so that we can go back and review them in the future.

For more information, check out this thread: http://thread.gmane.org/gmane.comp.mozilla.identity.devel/7394

If you believe this bug is still a major issue for you, please comment, submit a pull request, or discuss it on our mailing list: https://lists.mozilla.org/listinfo/dev-identity

Sorry for GitHub notification spam!

[Mathnerd314]

This still hasn't been fixed, and it was tagged "good first bug" (by @callahad), so according to the guidelines in the email it should probably stick around. (There was an earlier attempt but that seems to have failed due to abandonment rather than that the bug was too hard)

[djc]

Sounds okay, reopening.