soc-se-bot
commented
10 months ago Team's Response
While we do see that excluding special non-ASCII characters may cause inconvenience to some users, implementation of this will require highly non-trivial effort for validation, including accounting for possible use by malicious actors for spoofing. Hence we will classify this as NotInScope, and it should also be a FeatureFlaw according to the PE guidelines.
Items for the Tester to Verify
:question: Issue response
Team chose [response.NotInScope]
- [ ] I disagree
Reason for disagreement: [replace this with your explanation]
Latin alphabet with diacritics: Pelé@example.com
To replicate:
addstaff n/John Doe p/98765432 e/Pelé@example.com a/311, Clementi Ave 2, #02-25 t/friends t/owesMoneyI appreciate the effort to consider special characters like +, but it is not comprehensive enough. This is a valid email address and it is very possible that a transaction has a person with this email address, so it is a functionality bug although rare (therefore severity.Low)