diff options
author | Erik Johnston <erik@matrix.org> | 2021-04-22 17:49:11 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-04-22 17:49:11 +0100 |
commit | 177dae270420ee4b4c8fa5e2c74c5081d98da320 (patch) | |
tree | 8c46c0b63e869f8b1db5a67ce3eb6ea22a26292f /synapse/util/threepids.py | |
parent | Clear the resync bit after resyncing device lists (#9867) (diff) | |
download | synapse-177dae270420ee4b4c8fa5e2c74c5081d98da320.tar.xz |
Limit length of accepted email addresses (#9855)
Diffstat (limited to 'synapse/util/threepids.py')
-rw-r--r-- | synapse/util/threepids.py | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/synapse/util/threepids.py b/synapse/util/threepids.py index 281c5be4fb..a1cf1960b0 100644 --- a/synapse/util/threepids.py +++ b/synapse/util/threepids.py @@ -18,6 +18,16 @@ import re logger = logging.getLogger(__name__) +# it's unclear what the maximum length of an email address is. RFC3696 (as corrected +# by errata) says: +# the upper limit on address lengths should normally be considered to be 254. +# +# In practice, mail servers appear to be more tolerant and allow 400 characters +# or so. Let's allow 500, which should be plenty for everyone. +# +MAX_EMAIL_ADDRESS_LENGTH = 500 + + def check_3pid_allowed(hs, medium, address): """Checks whether a given format of 3PID is allowed to be used on this HS @@ -70,3 +80,23 @@ def canonicalise_email(address: str) -> str: raise ValueError("Unable to parse email address") return parts[0].casefold() + "@" + parts[1].lower() + + +def validate_email(address: str) -> str: + """Does some basic validation on an email address. + + Returns the canonicalised email, as returned by `canonicalise_email`. + + Raises a ValueError if the email is invalid. + """ + # First we try canonicalising in case that fails + address = canonicalise_email(address) + + # Email addresses have to be at least 3 characters. + if len(address) < 3: + raise ValueError("Unable to parse email address") + + if len(address) > MAX_EMAIL_ADDRESS_LENGTH: + raise ValueError("Unable to parse email address") + + return address |