Through the Edit command, invalid email can be assigned to a student

[lihaoquan]

By using the following command: edit 1 e/e@oe

An invalid email that does not fit the following description:

is able to be assigned to a student as shown:

The email validation mechanism may need to be further strengthened to prevent such email from being assigned to students.

[nus-pe-bot]

Team's Response

This issue is on the error message result being incorrect for email.

The reason why this issue could be rejected, is because e@oe follows the specifications mentioned.

• e is the local part, which contains only alphanumeric characters.
• oe is the domain. oe is a domain label in the domain. It is at least 2 characters long, starts and ends with alphanumeric characters, and consists of alphanumeric characters.
• The domain name is made up of domain labels separated by periods. This means that if there is only one label, then no periods would need to separate the domain name.

It doesn't violate any of the specifications mentioned, so we could reject this.

Moreover, if we are more strict with The domain name is made up of domain labels separated by periods, to imply that there is should be more than one domain label in the domain name, then it is possible that it could be interpreted either way.

Therefore, we put this as very low, as the situation when this occurs is rare, most domains have more than one domain label, so most users would not be bothered by this.

Side note: e@oe is a valid email address when we use a top-level domain as the domain name, so the title of the issue is incorrect. See domain names allowed by RFC5321.

Items for the Tester to Verify

:question: Issue severity

Team chose [severity.VeryLow] Originally [severity.Low]

• [ ] I disagree

Reason for disagreement: [replace this with your explanation]

---