Skip to content

Commit

Permalink
Disallow single-letter TLDs in emails
Browse files Browse the repository at this point in the history
  • Loading branch information
@N2D4
N2D4 committed Dec 12, 2024
1 parent 62989f9 commit 2bbd9b0
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions packages/stack-shared/src/schema-fields.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -215,13 +215,14 @@ export const base64Schema = yupString().test("is-base64", (params) => `${params.
export const passwordSchema = yupString().max(70);

/**
* A stricter email schema that does some additional checks for UX input.
* A stricter email schema that does some additional checks for UX input. (Some emails are allowed by the spec, for
* example `test@localhost` or `abc@gmail`, but almost certainly a user input error.)
*
* Note that some users in the DB have an email that doesn't match this regex, so most of the time you should use
* `emailSchema` instead until we do the DB migration.
*/
// eslint-disable-next-line no-restricted-syntax
export const strictEmailSchema = (message: string | undefined) => yupString().email(message).matches(/^.*@.*\..*$/, message);
export const strictEmailSchema = (message: string | undefined) => yupString().email(message).matches(/^.*@.*\.[^.][^.]+$/, message);
// eslint-disable-next-line no-restricted-syntax
export const emailSchema = yupString().email();

Expand Down

0 comments on commit 2bbd9b0

Please sign in to comment.