-
-
Notifications
You must be signed in to change notification settings - Fork 9.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Validator] #18156 In "strict" mode, email validator inaccurately cla… #18428
Conversation
…ely claims certain valid emails are invalid Email validation can now occur in one of four different modes/profiles: - Basic regex - HTML5 regex - RFC-compliant (non-strict; informational warnings raised during validation are ignored) - RFC-compliant (strict; warnings will cause an otherwise-valid email to be considered invalid)
0d4e089
to
f69769d
Compare
* @param string $profile If the constraint does not define a validation | ||
* profile, this will specify which profile to use. | ||
*/ | ||
public function __construct($strict = false, $profile = Email::PROFILE_BASIC_REGX) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
$profile should default to null
, use $strict only if $profile is null
. so strict can be ignored, if profile is given.
public function __construct($strict = false, $profile = null)
{
$this->isStrict = $strict;
$this->defaultProfile = $profile === null
? $strict
? Email::PROFILE_RFC_DISALLOW_WARNINGS
: Email::PROFILE_BASIC_REGX
: $profile;
}
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is much better, as my original implementation would have misbehaved in the edge case situation with both config options set (strict_email = TRUE, and email_profile='html5'). Thanks for catching that!
I'm not quite sure why the new tests are failing under Travis CI's PHP 7. They don't contain any controversial code, and they pass without any problems in my local PHP 7 environment. |
…ely claims certain valid emails are invalid Changes from code review.
@natechicago I guess the failure is related to the minimal allowed version of the validation library (which will be used in the PHP 7 build) and the fact that you use addresses with parentheses/brackets (there have been some recent changes in the validator library fixing issues with them). Would it be possible to choose other example data for the tests that will pass with older versions of the library? |
…ely claims certain valid emails are invalid Changes from code review.
@xabbuh thanks for pointing me in the right direction! The tests are now compliant with the minimal allowed version of the |
if (!class_exists('\Egulias\EmailValidator\EmailValidator')) { | ||
throw new RuntimeException( | ||
'Standards-compliant email validation requires egulias/email-validator' | ||
); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
should be on one line
…ely claims certain valid emails are invalid Changes from code review.
the failing test is unrelated to this ticket, can someone review? |
types "basic regex" and "RFC (disallow warnings)". The desired mode of | ||
validation can be specified using the `Email` constraint's new `profile` | ||
option. The constraint's `strict` option (equivalent to the 'rfc-no-warn' | ||
profile) has been deprecated and will be removed in Symfony 4.0. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The removal of the strict
option must be documented in the UPGRADE_4.0.md
file.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And we will need to trigger deprecations.
What about custom profiles? Perhaps implement |
What about a |
@ro0NL i think thats too much overengineering |
@backbone87 agree 👍 custom validation can be done with an additional constraint anyways. Still.. the |
I'm -1 to this proposal. My reasons:
In #18177 I proposed an alternative solution:
|
I upvoted #18177 :-) Do you agree on profiles as a nice to have or should symfony force you with simple regex validation only, and "hey.. build something to send a confirmation email" or use a custom callback/regexp/whatever constraint additionally. I personally favor a simple regex by default, i.e. the basic profile ( Edit: even the basic profile is to restricted on the dot part imho... =/ Edit 2: my point is.. even if we use the HTML5 regex as you proposed in #18177 than the |
Hello again.
@ro0NL the initial idea was to be technically correct , with v2 I'm aiming to be both. |
I'm also 👎 on adding "email validation strategies". We decided to rely on an external library for email validation and we should stick with whatever they provide. In any case, someone can create their own email validator if that makes sense in their use case, no need to change Symfony's internal one. |
Email validation can now occur in one of four different modes/profiles:
The legacy "strict" mode has been marked as deprecated, but for now is still fully supported.