-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PIN-4810 clear tenant mail address #985
base: main
Are you sure you want to change the base?
Conversation
|
||
// Here I am removing strange characters or special symbols | ||
const sanitizedMail = removeExtraSpace | ||
.replace(/[^\w.@-_]/g, "") |
Check warning
Code scanning / CodeQL
Overly permissive regular expression range Medium
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 5 hours ago
To fix the problem, we need to adjust the regular expression to avoid the overly permissive range. Specifically, we should remove the redundant underscore _
from the range and ensure that only the intended characters are included.
- General Fix: Replace the problematic character range with a more precise set of characters.
- Detailed Fix: Modify the regular expression on line 1758 to remove the redundant underscore and ensure that only the intended characters are included.
- Specific Changes: Update the regular expression in the
validateAddress
function to use a more precise character set. - Requirements: No additional methods, imports, or definitions are needed to implement this change.
-
Copy modified line R1758
@@ -1757,3 +1757,3 @@ | ||
const sanitizedMail = removeExtraSpace | ||
.replace(/[^\w.@-_]/g, "") | ||
.replace(/[^\w.@-]/g, "") | ||
.replace(/\^/g, ""); |
@@ -1751,4 +1740,51 @@ async function revokeCertifiedAttribute( | |||
} satisfies Tenant; | |||
} | |||
|
|||
function validateAddress(address: string): string { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IMHO there are too many steps in order to validate a mail, are these really necessary?
With the regex we don't need the extra steps of removing characters and spaces since it's already included.
I suggest to use this one: ^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,}$
(taken from here)? Note: the regex must be case insensitive for it to work properly.
There's no perfect regex for validating a mail, but this one is simpler and covers most of the cases.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer to leave emailPattern
as it is so that it is aligned with the frontend as well, since it is the same pattern they use
No description provided.