Closed davisjam closed 6 years ago
The email regex /^\S+@\S+$/ is vulnerable to REDOS on very long emails. Emails should not be longer than 300 characters per the RFC errata. Reject emails longer than this.
The email regex /^\S+@\S+$/ is vulnerable to REDOS on very long emails. Emails should not be longer than 300 characters per the RFC errata. Reject emails longer than this.