From 86911d817fbcd177c295b13d7ca0fdff87341191 Mon Sep 17 00:00:00 2001 From: Wei Kang Date: Thu, 21 Nov 2024 15:18:17 +0800 Subject: [PATCH] feat(isEmail): allow regexp in host_whitelist and host_blacklist (#2494) * enhance isEmail to have regexp for host_whitelist * update README.md * refactor code * update test name * fix code logic for checkHost --------- Co-authored-by: Rubin Bhandari --- README.md | 2 +- src/lib/isEmail.js | 6 +++--- src/lib/isURL.js | 15 +-------------- src/lib/util/checkHost.js | 13 +++++++++++++ test/validators.test.js | 38 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 56 insertions(+), 18 deletions(-) create mode 100644 src/lib/util/checkHost.js diff --git a/README.md b/README.md index c7518fd41..791fb53c5 100644 --- a/README.md +++ b/README.md @@ -106,7 +106,7 @@ Validator | Description **isDecimal(str [, options])** | check if the string represents a decimal number, such as 0.1, .3, 1.1, 1.00003, 4.0, etc.

`options` is an object which defaults to `{force_decimal: false, decimal_digits: '1,', locale: 'en-US'}`.

`locale` determines the decimal separator and is one of `['ar', 'ar-AE', 'ar-BH', 'ar-DZ', 'ar-EG', 'ar-IQ', 'ar-JO', 'ar-KW', 'ar-LB', 'ar-LY', 'ar-MA', 'ar-QA', 'ar-QM', 'ar-SA', 'ar-SD', 'ar-SY', 'ar-TN', 'ar-YE', 'bg-BG', 'cs-CZ', 'da-DK', 'de-DE', 'el-GR', 'en-AU', 'en-GB', 'en-HK', 'en-IN', 'en-NZ', 'en-US', 'en-ZA', 'en-ZM', 'eo', 'es-ES', 'fa', 'fa-AF', 'fa-IR', 'fr-FR', 'fr-CA', 'hu-HU', 'id-ID', 'it-IT', 'ku-IQ', 'nb-NO', 'nl-NL', 'nn-NO', 'pl-PL', 'pl-Pl', 'pt-BR', 'pt-PT', 'ru-RU', 'sl-SI', 'sr-RS', 'sr-RS@latin', 'sv-SE', 'tr-TR', 'uk-UA', 'vi-VN']`.
**Note:** `decimal_digits` is given as a range like '1,3', a specific value like '3' or min like '1,'. **isDivisibleBy(str, number)** | check if the string is a number that is divisible by another. **isEAN(str)** | check if the string is an [EAN (European Article Number)][European Article Number]. -**isEmail(str [, options])** | check if the string is an email.

`options` is an object which defaults to `{ allow_display_name: false, require_display_name: false, allow_utf8_local_part: true, require_tld: true, allow_ip_domain: false, allow_underscores: false, domain_specific_validation: false, blacklisted_chars: '', host_blacklist: [] }`. If `allow_display_name` is set to true, the validator will also match `Display Name `. If `require_display_name` is set to true, the validator will reject strings without the format `Display Name `. If `allow_utf8_local_part` is set to false, the validator will not allow any non-English UTF8 character in email address' local part. If `require_tld` is set to false, email addresses without a TLD in their domain will also be matched. If `ignore_max_length` is set to true, the validator will not check for the standard max length of an email. If `allow_ip_domain` is set to true, the validator will allow IP addresses in the host part. If `domain_specific_validation` is true, some additional validation will be enabled, e.g. disallowing certain syntactically valid email addresses that are rejected by Gmail. If `blacklisted_chars` receives a string, then the validator will reject emails that include any of the characters in the string, in the name part. If `host_blacklist` is set to an array of strings and the part of the email after the `@` symbol matches one of the strings defined in it, the validation fails. If `host_whitelist` is set to an array of strings and the part of the email after the `@` symbol matches none of the strings defined in it, the validation fails. +**isEmail(str [, options])** | check if the string is an email.

`options` is an object which defaults to `{ allow_display_name: false, require_display_name: false, allow_utf8_local_part: true, require_tld: true, allow_ip_domain: false, allow_underscores: false, domain_specific_validation: false, blacklisted_chars: '', host_blacklist: [] }`. If `allow_display_name` is set to true, the validator will also match `Display Name `. If `require_display_name` is set to true, the validator will reject strings without the format `Display Name `. If `allow_utf8_local_part` is set to false, the validator will not allow any non-English UTF8 character in email address' local part. If `require_tld` is set to false, email addresses without a TLD in their domain will also be matched. If `ignore_max_length` is set to true, the validator will not check for the standard max length of an email. If `allow_ip_domain` is set to true, the validator will allow IP addresses in the host part. If `domain_specific_validation` is true, some additional validation will be enabled, e.g. disallowing certain syntactically valid email addresses that are rejected by Gmail. If `blacklisted_chars` receives a string, then the validator will reject emails that include any of the characters in the string, in the name part. If `host_blacklist` is set to an array of strings or regexp, and the part of the email after the `@` symbol matches one of the strings defined in it, the validation fails. If `host_whitelist` is set to an array of strings or regexp, and the part of the email after the `@` symbol matches none of the strings defined in it, the validation fails. **isEmpty(str [, options])** | check if the string has a length of zero.

`options` is an object which defaults to `{ ignore_whitespace: false }`. **isEthereumAddress(str)** | check if the string is an [Ethereum][Ethereum] address. Does not validate address checksums. **isFloat(str [, options])** | check if the string is a float.

`options` is an object which can contain the keys `min`, `max`, `gt`, and/or `lt` to validate the float is within boundaries (e.g. `{ min: 7.22, max: 9.55 }`) it also has `locale` as an option.

`min` and `max` are equivalent to 'greater or equal' and 'less or equal', respectively while `gt` and `lt` are their strict counterparts.

`locale` determines the decimal separator and is one of `['ar', 'ar-AE', 'ar-BH', 'ar-DZ', 'ar-EG', 'ar-IQ', 'ar-JO', 'ar-KW', 'ar-LB', 'ar-LY', 'ar-MA', 'ar-QA', 'ar-QM', 'ar-SA', 'ar-SD', 'ar-SY', 'ar-TN', 'ar-YE', 'bg-BG', 'cs-CZ', 'da-DK', 'de-DE', 'en-AU', 'en-GB', 'en-HK', 'en-IN', 'en-NZ', 'en-US', 'en-ZA', 'en-ZM', 'eo', 'es-ES', 'fr-CA', 'fr-FR', 'hu-HU', 'it-IT', 'nb-NO', 'nl-NL', 'nn-NO', 'pl-PL', 'pt-BR', 'pt-PT', 'ru-RU', 'sl-SI', 'sr-RS', 'sr-RS@latin', 'sv-SE', 'tr-TR', 'uk-UA']`. Locale list is `validator.isFloatLocales`. diff --git a/src/lib/isEmail.js b/src/lib/isEmail.js index 1aceca3cf..abe465052 100644 --- a/src/lib/isEmail.js +++ b/src/lib/isEmail.js @@ -1,4 +1,5 @@ import assertString from './util/assertString'; +import checkHost from './util/checkHost'; import isByteLength from './isByteLength'; import isFQDN from './isFQDN'; @@ -60,7 +61,6 @@ function validateDisplayName(display_name) { return true; } - export default function isEmail(str, options) { assertString(str); options = merge(options, default_email_options); @@ -97,11 +97,11 @@ export default function isEmail(str, options) { const domain = parts.pop(); const lower_domain = domain.toLowerCase(); - if (options.host_blacklist.includes(lower_domain)) { + if (options.host_blacklist.length > 0 && checkHost(lower_domain, options.host_blacklist)) { return false; } - if (options.host_whitelist.length > 0 && !options.host_whitelist.includes(lower_domain)) { + if (options.host_whitelist.length > 0 && !checkHost(lower_domain, options.host_whitelist)) { return false; } diff --git a/src/lib/isURL.js b/src/lib/isURL.js index 7529f4bde..9bfafbf0c 100644 --- a/src/lib/isURL.js +++ b/src/lib/isURL.js @@ -1,4 +1,5 @@ import assertString from './util/assertString'; +import checkHost from './util/checkHost'; import isFQDN from './isFQDN'; import isIP from './isIP'; @@ -38,20 +39,6 @@ const default_url_options = { const wrapped_ipv6 = /^\[([^\]]+)\](?::([0-9]+))?$/; -function isRegExp(obj) { - return Object.prototype.toString.call(obj) === '[object RegExp]'; -} - -function checkHost(host, matches) { - for (let i = 0; i < matches.length; i++) { - let match = matches[i]; - if (host === match || (isRegExp(match) && match.test(host))) { - return true; - } - } - return false; -} - export default function isURL(url, options) { assertString(url); if (!url || /[\s<>]/.test(url)) { diff --git a/src/lib/util/checkHost.js b/src/lib/util/checkHost.js new file mode 100644 index 000000000..ed1dddefe --- /dev/null +++ b/src/lib/util/checkHost.js @@ -0,0 +1,13 @@ +function isRegExp(obj) { + return Object.prototype.toString.call(obj) === '[object RegExp]'; +} + +export default function checkHost(host, matches) { + for (let i = 0; i < matches.length; i++) { + let match = matches[i]; + if (host === match || (isRegExp(match) && match.test(host))) { + return true; + } + } + return false; +} diff --git a/test/validators.test.js b/test/validators.test.js index af170bf69..aa13906b0 100644 --- a/test/validators.test.js +++ b/test/validators.test.js @@ -325,6 +325,25 @@ describe('Validators', () => { }); }); + it('should allow regular expressions in the host blacklist of isEmail', () => { + test({ + validator: 'isEmail', + args: [{ + host_blacklist: ['bar.com', 'foo.com', /\.foo\.com$/], + }], + valid: [ + 'email@foobar.com', + 'email@foo.bar.com', + 'email@qux.com', + ], + invalid: [ + 'email@bar.com', + 'email@foo.com', + 'email@a.b.c.foo.com', + ], + }); + }); + it('should validate only email addresses with whitelisted domains', () => { test({ validator: 'isEmail', @@ -341,6 +360,25 @@ describe('Validators', () => { }); }); + it('should allow regular expressions in the host whitelist of isEmail', () => { + test({ + validator: 'isEmail', + args: [{ + host_whitelist: ['bar.com', 'foo.com', /\.foo\.com$/], + }], + valid: [ + 'email@bar.com', + 'email@foo.com', + 'email@a.b.c.foo.com', + ], + invalid: [ + 'email@foobar.com', + 'email@foo.bar.com', + 'email@qux.com', + ], + }); + }); + it('should validate URLs', () => { test({ validator: 'isURL',