consul/nairobi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Avoid a format validation security warning

Browse Source 
This was actually a false positive, since our new regular expression
does the exact same thing. However, false positives generate noise and
make it harder to deal with real issues, so I'm changing it anyway.

We could add a more advanced regular expression, like
`URI::MailTo::EMAIL_REGEXP`. However, this expression marks emails with
non-English characters as invalid, when in practice it's possible to
have an email address with non-English characters.
This commit is contained in:
Javi Martín
2019-11-10 19:35:54 +01:00
parent 58157beb01
commit d746401862
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/newsletter.rb
View File

@@ -3,7 +3,7 @@ class Newsletter < ApplicationRecord
validates :subject, presence: true validates :subject, presence: true
validates :segment_recipient, presence: true validates :segment_recipient, presence: true
validates :from, presence: true, format: { with: /@/ } validates :from, presence: true, format: { with: /\A.+@.+\Z/ }
validates :body, presence: true validates :body, presence: true
validate :validate_segment_recipient validate :validate_segment_recipient