Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

1 Letter TLD should not be valid #26

Closed
vincentdh opened this issue Jun 14, 2021 · 4 comments
Closed

1 Letter TLD should not be valid #26

vincentdh opened this issue Jun 14, 2021 · 4 comments
Labels
wontfix This will not be worked on

Comments

@vincentdh
Copy link

Hi,

The validate function return TRUE for an address like "user@domain.t" but a 1 letter TLD isn't a valid TLD

Thanks
@fredeil
Copy link
Owner

fredeil commented Jun 15, 2021

While in practise it is theoretically possible that TLDs are single letters (according to some RFCs), they are avoided in general.
I agree with you and I don't see any use cases for allowing single letter TLDs right now @vincentdh

@vincentdh
Copy link
Author

After further reading, you are right. The RFCs allows the use of a single letter as TLD however none have been registered with the IANA.

I don't know how this can be implementated, but maybe the TLD should be verified with the list of TLD from the IANA?

@vincentdh vincentdh mentioned this issue Jun 22, 2021
Open
@LeonardCModoran
Copy link

@vincentdh I think your PR does not solve the problem. Nice, you did it, but ultimately you add something which firstly means validation goes away from RFC's. You added the entire hardcoded list inside a file, with no way to know when IANA will update it. We could have a temporal zone where you protect for 1 letter domain now but with that hardcoded file we are missing validation on a newly added 4 letters TLD. That file needs to be added with the build pipeline where you do a GET and put it in the last merge. You still will be dependant on a PR, and since this package has everything inside and unlikely that we will see daily builds, we are in the same bad temporal zone.

I think the users should fix it with something like:

final bool _isEmailValid = EmailValidator.validate(_emailController.text, false, true);
final bool _noOneLetterDomain = _emailController.text.split('.').last.length > 1;
if(_isEmailValid && _noOneLetterDomain) {
  ...
}

not an expert on all, but will be nice to have with your PR a build runner that automatically downloads the new file from IANA. Not sure if even possible. Something to run with flutter pub run build_runner build. So we put the responsibility on the developer's side to add to their builds?

@RandalSchwartz
Copy link

The problem is:

does this package merely verify correct syntax according to the RFC, or does it start down the slippery slope of semantically valid?

It's a slippery slope because once we decline validation on 1-character domains, what's next... domains not currently in use? Email addresses never encountered in the field? Non-current email addresses?

Just where do you draw the line?

@fredeil fredeil added the wontfix This will not be worked on label Aug 22, 2023
@fredeil fredeil closed this as completed Nov 9, 2023
@fredeil fredeil mentioned this issue Oct 9, 2024
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@RandalSchwartz @vincentdh @LeonardCModoran @fredeil