isEmail.js 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174
  1. import assertString from './util/assertString';
  2. import merge from './util/merge';
  3. import isByteLength from './isByteLength';
  4. import isFQDN from './isFQDN';
  5. import isIP from './isIP';
  6. var default_email_options = {
  7. allow_display_name: false,
  8. require_display_name: false,
  9. allow_utf8_local_part: true,
  10. require_tld: true,
  11. blacklisted_chars: '',
  12. ignore_max_length: false
  13. };
  14. /* eslint-disable max-len */
  15. /* eslint-disable no-control-regex */
  16. var splitNameAddress = /^([^\x00-\x1F\x7F-\x9F\cX]+)</i;
  17. var emailUserPart = /^[a-z\d!#\$%&'\*\+\-\/=\?\^_`{\|}~]+$/i;
  18. var gmailUserPart = /^[a-z\d]+$/;
  19. var quotedEmailUser = /^([\s\x01-\x08\x0b\x0c\x0e-\x1f\x7f\x21\x23-\x5b\x5d-\x7e]|(\\[\x01-\x09\x0b\x0c\x0d-\x7f]))*$/i;
  20. var emailUserUtf8Part = /^[a-z\d!#\$%&'\*\+\-\/=\?\^_`{\|}~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+$/i;
  21. var quotedEmailUserUtf8 = /^([\s\x01-\x08\x0b\x0c\x0e-\x1f\x7f\x21\x23-\x5b\x5d-\x7e\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]|(\\[\x01-\x09\x0b\x0c\x0d-\x7f\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]))*$/i;
  22. var defaultMaxEmailLength = 254;
  23. /* eslint-enable max-len */
  24. /* eslint-enable no-control-regex */
  25. /**
  26. * Validate display name according to the RFC2822: https://tools.ietf.org/html/rfc2822#appendix-A.1.2
  27. * @param {String} display_name
  28. */
  29. function validateDisplayName(display_name) {
  30. var display_name_without_quotes = display_name.replace(/^"(.+)"$/, '$1'); // display name with only spaces is not valid
  31. if (!display_name_without_quotes.trim()) {
  32. return false;
  33. } // check whether display name contains illegal character
  34. var contains_illegal = /[\.";<>]/.test(display_name_without_quotes);
  35. if (contains_illegal) {
  36. // if contains illegal characters,
  37. // must to be enclosed in double-quotes, otherwise it's not a valid display name
  38. if (display_name_without_quotes === display_name) {
  39. return false;
  40. } // the quotes in display name must start with character symbol \
  41. var all_start_with_back_slash = display_name_without_quotes.split('"').length === display_name_without_quotes.split('\\"').length;
  42. if (!all_start_with_back_slash) {
  43. return false;
  44. }
  45. }
  46. return true;
  47. }
  48. export default function isEmail(str, options) {
  49. assertString(str);
  50. options = merge(options, default_email_options);
  51. if (options.require_display_name || options.allow_display_name) {
  52. var display_email = str.match(splitNameAddress);
  53. if (display_email) {
  54. var display_name = display_email[1]; // Remove display name and angle brackets to get email address
  55. // Can be done in the regex but will introduce a ReDOS (See #1597 for more info)
  56. str = str.replace(display_name, '').replace(/(^<|>$)/g, ''); // sometimes need to trim the last space to get the display name
  57. // because there may be a space between display name and email address
  58. // eg. myname <address@gmail.com>
  59. // the display name is `myname` instead of `myname `, so need to trim the last space
  60. if (display_name.endsWith(' ')) {
  61. display_name = display_name.substr(0, display_name.length - 1);
  62. }
  63. if (!validateDisplayName(display_name)) {
  64. return false;
  65. }
  66. } else if (options.require_display_name) {
  67. return false;
  68. }
  69. }
  70. if (!options.ignore_max_length && str.length > defaultMaxEmailLength) {
  71. return false;
  72. }
  73. var parts = str.split('@');
  74. var domain = parts.pop();
  75. var user = parts.join('@');
  76. var lower_domain = domain.toLowerCase();
  77. if (options.domain_specific_validation && (lower_domain === 'gmail.com' || lower_domain === 'googlemail.com')) {
  78. /*
  79. Previously we removed dots for gmail addresses before validating.
  80. This was removed because it allows `multiple..dots@gmail.com`
  81. to be reported as valid, but it is not.
  82. Gmail only normalizes single dots, removing them from here is pointless,
  83. should be done in normalizeEmail
  84. */
  85. user = user.toLowerCase(); // Removing sub-address from username before gmail validation
  86. var username = user.split('+')[0]; // Dots are not included in gmail length restriction
  87. if (!isByteLength(username.replace('.', ''), {
  88. min: 6,
  89. max: 30
  90. })) {
  91. return false;
  92. }
  93. var _user_parts = username.split('.');
  94. for (var i = 0; i < _user_parts.length; i++) {
  95. if (!gmailUserPart.test(_user_parts[i])) {
  96. return false;
  97. }
  98. }
  99. }
  100. if (options.ignore_max_length === false && (!isByteLength(user, {
  101. max: 64
  102. }) || !isByteLength(domain, {
  103. max: 254
  104. }))) {
  105. return false;
  106. }
  107. if (!isFQDN(domain, {
  108. require_tld: options.require_tld
  109. })) {
  110. if (!options.allow_ip_domain) {
  111. return false;
  112. }
  113. if (!isIP(domain)) {
  114. if (!domain.startsWith('[') || !domain.endsWith(']')) {
  115. return false;
  116. }
  117. var noBracketdomain = domain.substr(1, domain.length - 2);
  118. if (noBracketdomain.length === 0 || !isIP(noBracketdomain)) {
  119. return false;
  120. }
  121. }
  122. }
  123. if (user[0] === '"') {
  124. user = user.slice(1, user.length - 1);
  125. return options.allow_utf8_local_part ? quotedEmailUserUtf8.test(user) : quotedEmailUser.test(user);
  126. }
  127. var pattern = options.allow_utf8_local_part ? emailUserUtf8Part : emailUserPart;
  128. var user_parts = user.split('.');
  129. for (var _i = 0; _i < user_parts.length; _i++) {
  130. if (!pattern.test(user_parts[_i])) {
  131. return false;
  132. }
  133. }
  134. if (options.blacklisted_chars) {
  135. if (user.search(new RegExp("[".concat(options.blacklisted_chars, "]+"), 'g')) !== -1) return false;
  136. }
  137. return true;
  138. }