nus-se-script
commented
2 months ago [IMPORTANT!: Please do not edit or reply to this comment using the GitHub UI. You can respond to it using CATcher during the next phase of the PE]
Team's Response
Currently, we check if the email is alphanumeric and contains "@". Currently, our features completed do not include checking for proper domain as proper domain check will require online APIs. It is not entirely incorrect, especially when we consider the fact that even if we check for the "." after the "@", users can still put non proper domains such as jacson@.gmail, the only way around this without an online API would be hardcoding certain domains such as "gmail.com" which is not desirable.
Items for the Tester to Verify
:question: Issue response
Team chose [response.NotInScope]
- [ ] I disagree
Reason for disagreement: [replace this with your reason]
Lacking proper data validation for email. jacson@gmail was allowed. There should be a check for . after @ to ensure its a proper domain