Limit length of accepted email addresses (#9855)

author: Erik Johnston <erik@matrix.org> 2021-04-22 17:49:11 +0100
committer: GitHub <noreply@github.com> 2021-04-22 17:49:11 +0100
commit: 177dae270420ee4b4c8fa5e2c74c5081d98da320 (patch)
tree: 8c46c0b63e869f8b1db5a67ce3eb6ea22a26292f /tests/rest/client/v2_alpha/test_register.py
parent: Clear the resync bit after resyncing device lists (#9867) (diff)
download: synapse-177dae270420ee4b4c8fa5e2c74c5081d98da320.tar.xz
1 files changed, 51 insertions, 0 deletions
diff --git a/tests/rest/client/v2_alpha/test_register.py b/tests/rest/client/v2_alpha/test_register.py
index 98695b05d5..1cad5f00eb 100644
--- a/tests/rest/client/v2_alpha/test_register.py
+++ b/tests/rest/client/v2_alpha/test_register.py
@@ -310,6 +310,57 @@ class RegisterRestServletTestCase(unittest.HomeserverTestCase):
 
         self.assertIsNotNone(channel.json_body.get("sid"))
 
+    @unittest.override_config(
+        {
+            "public_baseurl": "https://test_server",
+            "email": {
+                "smtp_host": "mail_server",
+                "smtp_port": 2525,
+                "notif_from": "sender@host",
+            },
+        }
+    )
+    def test_reject_invalid_email(self):
+        """Check that bad emails are rejected"""
+
+        # Test for email with multiple @
+        channel = self.make_request(
+            "POST",
+            b"register/email/requestToken",
+            {"client_secret": "foobar", "email": "email@@email", "send_attempt": 1},
+        )
+        self.assertEquals(400, channel.code, channel.result)
+        # Check error to ensure that we're not erroring due to a bug in the test.
+        self.assertEquals(
+            channel.json_body,
+            {"errcode": "M_UNKNOWN", "error": "Unable to parse email address"},
+        )
+
+        # Test for email with no @
+        channel = self.make_request(
+            "POST",
+            b"register/email/requestToken",
+            {"client_secret": "foobar", "email": "email", "send_attempt": 1},
+        )
+        self.assertEquals(400, channel.code, channel.result)
+        self.assertEquals(
+            channel.json_body,
+            {"errcode": "M_UNKNOWN", "error": "Unable to parse email address"},
+        )
+
+        # Test for super long email
+        email = "a@" + "a" * 1000
+        channel = self.make_request(
+            "POST",
+            b"register/email/requestToken",
+            {"client_secret": "foobar", "email": email, "send_attempt": 1},
+        )
+        self.assertEquals(400, channel.code, channel.result)
+        self.assertEquals(
+            channel.json_body,
+            {"errcode": "M_UNKNOWN", "error": "Unable to parse email address"},
+        )
+
 
 class AccountValidityTestCase(unittest.HomeserverTestCase):
author	Erik Johnston <erik@matrix.org>	2021-04-22 17:49:11 +0100
committer	GitHub <noreply@github.com>	2021-04-22 17:49:11 +0100
commit	177dae270420ee4b4c8fa5e2c74c5081d98da320 (patch)
tree	8c46c0b63e869f8b1db5a67ce3eb6ea22a26292f /tests/rest/client/v2_alpha/test_register.py
parent	Clear the resync bit after resyncing device lists (#9867) (diff)
download	synapse-177dae270420ee4b4c8fa5e2c74c5081d98da320.tar.xz