Issue with Email Addresses Getting pulled In

Question

Issue with Email Addresses Getting pulled In

JimmyGalar opened this issue 3 years ago · 4 comments

So we allow our end users to send test strings out and those strings can contain a mix of urls and email addresses. We are using a email regex function to pull out all email addresses and validate those emails against a white list that we have. We also do the same for urls using url-regex-safe to pull out URLs from the string and validate against a different white list.

The issue I am encountering is that url-regex-safe is pulling in portions of the email or the email domain.

For example: This is a test of our notification system, for any questions please go to www.test.com/info for further details. To get further information on the process please email test@test.com, or Bob.Smith@test.com.

What url-regex-safe will do is get www.test.com/info, test.com, and Bob.Sm to be evaluated.

Can anything be done to exclude email addresses from the urlRegexSafe function?

Answer 1 · 2021-08-19T22:26:21.000Z

You could first parse out emails, and then parse out URLS. that's what I do in https://spamscanner.net (open source on GitHub too)

…

On Thu, Aug 19, 2021 at 2:01 PM JimmyGalar ***@***.***> wrote: So we allow our end users to send test strings out and those strings can contain a mix of urls and email addresses. We are using a email regex function to pull out all email addresses and validate those emails against a white list that we have. We also do the same for urls using url-regex-safe to pull out URLs from the string and validate against a different white list. The issue I am encountering is that url-regex-safe is pulling in portions of the email or the email domain. For example: This is a test of our notification system, for any questions please go to www.test.com/info for further details. To get further information on the process please email ***@***.***, or ***@***.*** What url-regex-safe will do is get www.test.com/info, test.com, and Bob.Sm to be evaluated. Can anything be done to exclude email addresses from the urlRegexSafe function? — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#13>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAD7XBOAH2ZF3RXC4M6NOTTT5VIKNANCNFSM5CO2POTA> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&utm_campaign=notification-email> .

Answer 2 · 2021-08-23T19:07:53.000Z

Am doing that to get around what I found above, just was hoping there was a way to tweak url-regex-safe to just exclude the emails versus the parsing am doing.

Answer 3 · 2021-09-22T23:20:17.000Z

I just had a few cases that has both emails and URLs in them. Everything worked fine and email addresses were left alone. I did use it like urlRegexSafe({ strict: true }). This should disregard emails.

Answer 4 · 2021-11-23T20:33:21.000Z

If you had tests to add that fail please add!