Email address soft check #28
Comments
vkublytskyi
added
core
|
Agree with this task (a configuration option, off by default) (although i would prefer to have a working validator that can recognize also Japanese variations in email addresses). However we should still have some level of validation - eg a newline character cannot be used etc - to avoid abusing functionality as spam generator - we have many reports of create account being used this way with spam content being put in name field. |
|
@piotrekkaminski I understand security issues related to simplifying validation. But I'm not sure that we can make the decision what would be optimal for all users. That's why my proposal is to provide a basic implementation with a possibility to switch email validation strategy (so merchant will be able to take a decision what is more important allow all users to register or have no spam messages) and will also provide explicit extension point for system integrator programmatically implement solution required for particular merchant if basic implementation is not suitable. |
|
ok makes sense |
vkublytskyi
added
the
postponed
In Japan email address not corresponding to ISO are widely used. As they are not valid from the standard point of view Magento does not accept them. Core should provide possibility to disable this check. The same issue with recently added top level domains (e.g. magento/magento2#11945 and magento/magento2#11689).
On of possible approach is to provide a configuration option to admin that will allow "soft email validation" which will validate that email has format
<username with any characters except @>@<domain with any characters except @>. By default this option should be disabled so behaviour will remain the same.The text was updated successfully, but these errors were encountered: