Login email regex, long domain extension

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
This thread is closed to new posts. You must sign in to post in the forums.
9/23/2015 1:45:16 PM
Gravatar
Total Posts 6

Login email regex, long domain extension

Hi Joe,

Thanks in advance.  I have a user with a .engineering top level domain.  I was able to update the registration regex from {2,9} to {2,20} to accommodate the additional characters but I can't find where the login control regex is stored.

thanks,

john

 

 

 

 

9/23/2015 2:51:22 PM
Gravatar
Total Posts 18444

Re: Login email regex, long domain extension

what version of mojoPortal?

what and where specifically did you change for registration?

9/23/2015 3:03:28 PM
Gravatar
Total Posts 6

Re: Login email regex, long domain extension

This is mojo version 2.4.0.0

I modified /secure/registration.aspx

changing the email validation expression to:

ValidationExpression="^([0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*@(([0-9a-zA-Z])+([-\w]*[0-9a-zA-Z])*\.)+[a-zA-Z]{2,20})$"

9/23/2015 3:21:24 PM
Gravatar
Total Posts 18444

Re: Login email regex, long domain extension

I really have no idea since that is a fairly old version.

What I can tell you is in March of 2014 a new EmailValidator control was added in mojoPortal code and is currently used on both the login and registration.

This was added because there are some known issues with denial of service that can be worked against server side regex validation.

So this new EmailValidator inherits from RegularExpressionValidator but overrides the EvaluateIsValidMethod

Since it inherits from RegularExpressionValidator it does use regex client side but by default it uses a different method server side to validate email. What it does is new up a new instance of System.Net.MailAddress using the provided string an if an exception is trapped it is not valid.

There is a new configuration setting which can override this and make it use regex server side.

<add key="ForceRegexOnEmailValidator" value="true" />

but it still uses regex in client side validation no matter what.

There is also a new config setting that could possibly be used to override the regex expression:

<add key="CustomEmailRegex" value="" />

if that has anything other than empty string it will use that as the regex expression. However, I don't know if this has been actually tested. My worry would be that regex expressions may possibly have characters that need to be escaped in xml when adding the setting. I don't know if that is a problem or not.

now all of this information is based on reviewing the latest code. I really have no idea or suggestions for older versions. I don't know how long that CustomEmailRegex setting has been there, it might have been there for quite a while but it might also have been added around the same time as the EmailValidator control.

9/23/2015 3:35:18 PM
Gravatar
Total Posts 6

Re: Login email regex, long domain extension

Thank you very much for the prompt and thorough explanation.   

You must sign in to post in the forums. This thread is closed to new posts.