Closed
Description
Symfony version(s) affected
Symfony Validator 6.0.6
Description
HTML5 validation within the symfony validator currently uses the following pattern for HTML5 email validation:
/^[a-zA-Z0-9.!#$%&\'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+$/
This is not actually valid as emails such as name@example are not accepted, whereas they are accepted using actual HTML5 form validation.
How to reproduce
$validator = $context->getValidator();
$emailConstraint = new Assert\Email();
$emailConstraint->mode = 'html5';
$result = $validator->validate("name@example", $emailConstraint);
//email is marked as invalid
The problematic code can be reproduced as:
<?php
$SYMFONY_PATTERN_HTML5 = '/^[a-zA-Z0-9.!#$%&\'*+\\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+$/';
$example1 = "name@example";
$example2 = "name@example.com";
echo preg_match($SYMFONY_PATTERN_HTML5, $value1); //0
echo preg_match($SYMFONY_PATTERN_HTML5, $value2); //1
//both these emails should be valid under HTML5
For reasoning, please see: https://stackoverflow.com/a/20573649
Possible Solution
The top level domain delimiter (dot) should be optional.
^[a-zA-Z0-9.!#$%&\'*+\\=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.?[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)+$
Additional Context
No response