[HOLD #17387] [$1000] Group chat created even if there is an invalid email id and Error occurs after sending first message

[kavimuru]

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!

---

Action Performed:

1. Create a new group chat
2. Add an invalid email id (an email id with more than 64 characters for the email - not including the domain) eg ganache-tasacks.0z+randomlongtexttoreachsomecharactersneedsommore@icloud.com
3. Add few more valid emails (eg ganache-tacks.0z+randomlongtexttoreachsomecharactersneedsommore@icloud.com, ganache-tacks.0z+randomlongtexttor3eachsomecharactersneedsomemo_@icloud.com and ganache-tacks.0z+randomlongtexttoreachsomecharactersneedsomemo_@icloud.com)
4. Create group

Expected result:

It should throw an error while creating group.

Actual result:

Group chat is created and error occurs after sending the first message.

Workaround:

Can the user still use Expensify without this being fixed? Have you informed them of the workaround?

Platforms:

Which of our officially supported platforms is this issue occurring on?

• [ ] Android / native
• [ ] Android / Chrome
• [ ] iOS / native
• [ ] iOS / Safari
• [x] MacOS / Chrome / Safari
• [ ] MacOS / Desktop

Version Number: 1.3.8 Reproducible in staging?: y Reproducible in production?: y If this was caught during regression testing, add the test name, ID and link from TestRail: Email or phone of affected tester (no customers): Logs: https://stackoverflow.com/c/expensify/questions/4856 Notes/Photos/Videos: Any additional supporting documentation

https://user-images.githubusercontent.com/43996225/235267411-88b4e1c6-6e47-493a-8c80-7118d5985cf7.mov

https://user-images.githubusercontent.com/43996225/235267422-0cccac63-f134-4e12-8524-18b8864efe33.mp4

Expensify/Expensify Issue URL: Issue reported by: @shivansh9007 Slack conversation: https://expensify.slack.com/archives/C049HHMV9SM/p1682670612672119

View all open jobs on GitHub

Upwork Automation - Do Not Edit

• Upwork Job URL: https://www.upwork.com/jobs/~01e9bb14ea353bc37e
• Upwork Job ID: 1653836331831513088
• Last Price Increase: 2023-05-10

[MelvinBot]

Triggered auto assignment to @adelekennedy (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

[MelvinBot]

Bug0 Triage Checklist (Main S/O)

• [x] This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
• [x] This bug is not a duplicate report (check E/App issues and #expensify-bugs)
  • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
• [x] This bug is reproducible using the reproduction steps in the OP. S/O
  • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
  • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
• [x] This issue is filled out as thoroughly and clearly as possible
  • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
• [x] I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

[jayeshmangwani]

@kavimuru I have reported a similar bug before https://expensify.slack.com/archives/C049HHMV9SM/p168231323463581911, can you please check this

[kavimuru]

@jayeshmangwani I was not able to reproduce your bug. Also it was not mentioned in the bug report that invalid email for one of the user.

[MelvinBot]

@adelekennedy Whoops! This issue is 2 days overdue. Let's get this updated quick!

[MelvinBot]

@adelekennedy Whoops! This issue is 2 days overdue. Let's get this updated quick!

[adelekennedy]

Agree it should throw an error while creating the group - let's make it external

[MelvinBot]

Job added to Upwork: https://www.upwork.com/jobs/~01e9bb14ea353bc37e

[MelvinBot]

Current assignee @adelekennedy is eligible for the External assigner, not assigning anyone new.

[MelvinBot]

Triggered auto assignment to Contributor-plus team member for initial proposal review - @mollfpr (External)

[MelvinBot]

Triggered auto assignment to @Beamanator (External), see https://stackoverflow.com/c/expensify/questions/7972 for more details.

[adelekennedy]

Looks workable to me!

[alexrasla]

Proposal

Please re-state the problem that we are trying to solve in this issue.

In this problem, we are able to add email ids that have more than 64 characters when creating a New Group.

What is the root cause of that problem?

The root cause of the problem is the fact that the isValidEmailfunction in node_modules/expensify-common/lib/str.js does not check for email ids that are > 64 characters. The function only checks that the string parameter has valid email characters and an @ sign through regular expressions.

What changes do you think we should make in order to solve the problem?

The change I would make to solve this is simply checking if the email is less than or equal to 64 characters in the isValidEmail function. This would produce the Invalid email error as shown below so the user would never be able to add the email address to the group.

What alternative solutions did you explore? (Optional)

An alternative solution I explored is checking that all the emails are less than 64 characters within the navigateToAndOpenReport function. However, I believe this solution is worse because email addresses can never be more than 64 characters, as per the accepted email address standards

Reminder: Please use plain English, be brief and avoid jargon. Feel free to use images, charts or pseudo-code if necessary. Do not post large multi-line diffs or write walls of text. Do not create PRs unless you have been hired for this job.

[MelvinBot]

📣 @alexrasla! 📣

Hey, it seems we don’t have your contributor details yet! You'll only have to do this once, and this is how we'll hire you on Upwork. Please follow these steps:

1. Get the email address used to login to your Expensify account. If you don't already have an Expensify account, create one here. If you have multiple accounts (e.g. one for testing), please use your main account email.
2. Get the link to your Upwork profile. It's necessary because we only pay via Upwork. You can access it by logging in, and then clicking on your name. It'll look like this. If you don't already have an account, sign up for one here.
3. Copy the format below and paste it in a comment on this issue. Replace the placeholder text with your actual details.

Format:

Contributor details
Your Expensify account email: <REPLACE EMAIL HERE>
Upwork Profile Link: <REPLACE LINK HERE>

[alexrasla]

Contributor details Your Expensify account email: alex.rasla@me.com Upwork Profile Link: https://www.upwork.com/freelancers/~0197c9436d4d7508f2

[MelvinBot]

✅ Contributor details stored successfully. Thank you for contributing to Expensify!

[mollfpr]

Thanks @alexrasla, for the proposal. To catch that email limit character, I'd prefer to fix the regex CONST.REG_EXP.EMAIL. The standard limited the username to 64 characters and the domain name to 255 characters. So not just limit the string before the domain, but also limit the character after the domain name.

[aimane-chnaif]

We're going to fix all email validation inconsistency issues (frontend vs backend, chat vs search vs login vs contact, etc) in one GH - https://github.com/Expensify/App/issues/17387#issuecomment-1534783224

[alexrasla]

Should I edit my proposal and submit it there then, or has a proposal already been accepted for that issue?

[alexrasla]

Proposal

Please re-state the problem that we are trying to solve in this issue.

In this problem, we are able to add email ids that have more than 64 characters when creating a New Group.

What is the root cause of that problem?

The root cause of the problem is the fact that the EMAIL_BASE_REGEX regular expression constant in node_modules/expensify-common/lib/CONST.jsx does not check for character limits for email ids and domains. The constant only checks that the compared string has valid email characters and an @ sign through regular expressions.

What changes do you think we should make in order to solve the problem?

The change I would make to solve this is simply changing the EMAIL_BASE_REGEX to check if the email id is less than or equal to 64 characters in the regular expression. This would produce the Invalid email error as shown below so the user would never be able to add the email address to the group. The values of the length of the domain before and after the . are standards that I found online, but those can be easily changed to just have a 255 limit for the entire part after the @

What alternative solutions did you explore? (Optional)

Reminder: Please use plain English, be brief and avoid jargon. Feel free to use images, charts or pseudo-code if necessary. Do not post large multi-line diffs or write walls of text. Do not create PRs unless you have been hired for this job.

[chiragxarora]

@mollfpr I had looked at various sources before reporting the original bug here, that the limit of email address is not 320 but 254. The standards had been revised in past which corrected it from 320 to 254. reference: https://stackoverflow.com/questions/386294/what-is-the-maximum-length-of-a-valid-email-address

[Beamanator]

Not overdue, proposals still being reviewed 👍

[mollfpr]

@Beamanator We could fix the email validation issue all in one place like @aimane-chnaif says https://github.com/Expensify/App/issues/18181#issuecomment-1535013276.

[Beamanator]

Oooooooo that's delightful 👍 So do you think that means we can close this one out?

[mollfpr]

@Beamanator Yes, but let's wait a little bit longer. The new GH issue still needs to be created.

[melvin-bot[bot]]

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸

[adelekennedy]

Are we still waiting for the new GH issue?

[mollfpr]

@adelekennedy Yes!

[melvin-bot[bot]]

@Beamanator @mollfpr @adelekennedy this issue was created 2 weeks ago. Are we close to approving a proposal? If not, what's blocking us from getting this issue assigned? Don't hesitate to create a thread in #expensify-open-source to align faster in real time. Thanks!

[chiragxarora]

Aren't we fixing all email validation errors in other issue?

[aimane-chnaif]

All email validation issues are handled in https://github.com/Expensify/App/issues/17387

[chiragxarora]

was wondering why this issue is still open and which new GH are we waiting for

Are we still waiting for the new GH issue?

[mollfpr]

@adelekennedy @Beamanator Could one of you add HOLD to the title? We can validate again this issue after mentioned issue.

[Beamanator]

Thanks @mollfpr ! Put on hold for https://github.com/Expensify/App/issues/17387 👍

[adelekennedy]

not overdue - this is on hold

[adelekennedy]

on hold - not reassigning

[mollfpr]

Still on hold

[mollfpr]

Still on hold

[adelekennedy]

still on hold!

[adelekennedy]

Still on hold

[melvin-bot[bot]]

@Beamanator, @mollfpr, @adelekennedy Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

[adelekennedy]

Still holding

[adelekennedy]

Still on hold!

[adelekennedy]

hold

[Beamanator]

still on hold but seems like issue we're holding on has some progress

[adelekennedy]

still holdin on!

[Beamanator]

held issue is closed! can we close this one out too??

[Beamanator]

I think we can close this out 👍

[melvin-bot[bot]]

📣 @shivansh-nathani! 📣 Hey, it seems we don’t have your contributor details yet! You'll only have to do this once, and this is how we'll hire you on Upwork. Please follow these steps:

1. Make sure you've read and understood the contributing guidelines.
2. Get the email address used to login to your Expensify account. If you don't already have an Expensify account, create one here. If you have multiple accounts (e.g. one for testing), please use your main account email.
3. Get the link to your Upwork profile. It's necessary because we only pay via Upwork. You can access it by logging in, and then clicking on your name. It'll look like this. If you don't already have an account, sign up for one here.
4. Copy the format below and paste it in a comment on this issue. Replace the placeholder text with your actual details. Format:

   Contributor details
   Your Expensify account email: <REPLACE EMAIL HERE>
   Upwork Profile Link: <REPLACE LINK HERE>