locked
EmailAddressAttribute not working correctly RRS feed

  • Question

  • Below code doesn't check correctly. If condition results to true

    var emailChecker = new EmailAddressAttribute();
    if (!emailChecker.IsValid("sam@samplem1ansamplem1an%&/(.com"))
    {
    return "Not a Valid Email Address";
    }


    Sunday, May 31, 2020 9:16 PM

All replies

  • Hi Tech Aspirant,

    Thank you for posting here.

    This will happen if your .NET Framework version is 4.7.2 or later.

    The comments in the source code are explained as follows: Disable RegEx by default for DataAnotationAttributes in .NET 4.7.2.

    This helps to reduce security vulnerability such as avoiding the possibility of a Denial of Service attack using specific regular expressions.

    So for the newer .NET Framework, as long as the string contains "@" and it is not at the beginning or end, it will return True.

    If you want to restore it to the same as before, you can update the value set by "dataAnnotations: dataTypeAttribute: disableRegEx" to false.

    <configuration>
        <startup> 
            <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.7.2"/>
        </startup>
        <appSettings>
          <add key="dataAnnotations:dataTypeAttribute:disableRegEx" value="false"/>
        </appSettings>
    </configuration>

    Below is the relevant source code.

    class EmailAddressAttribute

    class AppSettings

    Hope this could be helpful.

    Best Regards,

    Timon


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Monday, June 1, 2020 2:29 AM
  • I am having dot net core 3.0 application.Is it the same case in dot net core as well where it just checks @ in the string and returns true.
    Monday, June 1, 2020 8:22 AM
  • If this is being done against a property you could use something like this.

    [Required(ErrorMessage = "Please Enter Email Address"), 
     RegularExpression("^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$", 
         ErrorMessage = "Please Enter Correct {0} Email Address")]
    public string Email
    {
        get => _email;
        set
        {
            if (value == _email) return;
            _email = value;
            OnPropertyChanged();
        }
    }
    


    Please remember to mark the replies as answers if they help and unmarked them if they provide no help, this will help others who are looking for solutions to the same or similar problem. Contact via my Twitter (Karen Payne) or Facebook (Karen Payne) via my MSDN profile but will not answer coding question on either.

    NuGet BaseConnectionLibrary for database connections.

    StackOverFlow
    profile for Karen Payne on Stack Exchange

    Monday, June 1, 2020 9:32 AM
  • Yes this was changed because of .NET Core (https://github.com/dotnet/runtime/issues/15903).

    Michael Taylor http://www.michaeltaylorp3.net

    Monday, June 1, 2020 8:54 PM
  • Hi,

    We can find many codes for verifying mailboxes on the Internet, this is an example:

     public static bool IsValidEmail(string email)
            {
                if (string.IsNullOrWhiteSpace(email))
                    return false;
    
                try
                {
                    // Normalize the domain
                    email = Regex.Replace(email, @"(@)(.+)$", DomainMapper,
                                          RegexOptions.None, TimeSpan.FromMilliseconds(200));
    
                    // Examines the domain part of the email and normalizes it.
                    string DomainMapper(Match match)
                    {
                        // Use IdnMapping class to convert Unicode domain names.
                        var idn = new IdnMapping();
    
                        // Pull out and process domain name (throws ArgumentException on invalid)
                        var domainName = idn.GetAscii(match.Groups[2].Value);
    
                        return match.Groups[1].Value + domainName;
                    }
                }
                catch (RegexMatchTimeoutException e)
                {
                    return false;
                }
                catch (ArgumentException e)
                {
                    return false;
                }
    
                try
                {
                    return Regex.IsMatch(email,
                        @"^(?("")("".+?(?<!\\)""@)|(([0-9a-z]((\.(?!\.))|[-!#\$%&'\*\+/=\?\^`\{\}\|~\w])*)(?<=[0-9a-z])@))" +
                        @"(?(\[)(\[(\d{1,3}\.){3}\d{1,3}\])|(([0-9a-z][-0-9a-z]*[0-9a-z]*\.)+[a-z0-9][\-a-z0-9]{0,22}[a-z0-9]))$",
                        RegexOptions.IgnoreCase, TimeSpan.FromMilliseconds(250));
                }
                catch (RegexMatchTimeoutException)
                {
                    return false;
                }
            }
        }

    Best Regards,

    Timon


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com.

    Tuesday, June 2, 2020 5:24 AM