fix: @IsEmail() accepting !@gmail.com and #@gmail.com #1839

[reddyakanksha98]

Describe the bug If I'm passing an email with only exclamation or with hash, it's still accepting the value, and not throwing any error.

Examples @ApiProperty({ description: 'User email', example: 'akanksha@gmail.com', }) @IsDefined() @IsNotEmpty() @IsEmail() email: string;

{ "email": "!@gmail.com" }

Expected behavior It should not accept the above email, as it doesn't have any alphanumeric characters, and it's not checking the min length of an email also.

Actual behavior It's accepting the values without throwing any error.

And if possible, please share what's the allowed characters of this @IsEmail( ) decorator.

Additional context Validator.js version: 0.13.2 Node.js version: 16.14.2 OS platform: [windows]

[pano9000]

Hello,

thanks for reporting this. I quickly checked this on the latest version, and there running isEmail("!@gmail.com") returns false for me, as expected. Are you running it with any special additional options?

Can you double-check which version you are running? Your report says 0.13.2, but as far as I can see, there never was such a version for this project. Just so that I can try to reproduce with the same version as you

Thanks

[reddyakanksha98]

https://www.npmjs.com/package/class-validator/v/0.13.2

This was the version of validator which I shared, please check and let me know what's the version you tested with?

Thank you

[pano9000]

thanks for confirming. ok, looks like that package depends internally on validator.js 13.7 I'll test this again with that version this evening, when I get home, and I'll report back

[reddyakanksha98]

Hello there, thanks for the reply. Could you also share what are the options we have in @IsEmail( ) decorator, and what are the allowed characters for this, like alpha-numeric, and special symbols.. if possible?

@IsEmail(options?: IsEmail Options)

[WikiRik]

Could you point us to a reference that mentions that these are invalid emails? I see your examples are @gmail.com. Do you have the domain specific validation enabled? That changes the RegExp for checking.

The README provides information about the options for the validator What is possible for the decorator is something you need to ask in the class-validator repo.

[reddyakanksha98]

I checked on class-validator repo, they redirected me here.

And I didn't enable any domain specific validation. I don't have any reference for invalid emails. What I'm expecting is, while creating a Gmail account or so, it'll look for alphanumeric and special characters validations right, so I'm exploring that, is it possible to do with a decorator in validator or do we need to add those separately using a regex or so?

[WikiRik]

Using isEmail() is indeed possible for this, and @IsEmail() from class-validator a decorator for that.

In regular email addresses, a lot is possible. See the following RegExp for the part before the @; https://github.com/validatorjs/validator.js/blob/47ee5ad64cf5c684c841b59110af4e221b74945c/src/lib/isEmail.js#L21

When you enable domain specific validation for Gmail, you can only use; https://github.com/validatorjs/validator.js/blob/47ee5ad64cf5c684c841b59110af4e221b74945c/src/lib/isEmail.js#L22

Further length validation can also be found in the source file; https://github.com/validatorjs/validator.js/blob/47ee5ad64cf5c684c841b59110af4e221b74945c/src/lib/isEmail.js