> Russell raises my biggest concern with this proposal. There are > a lot of smart folks in the Django-Developers end of things that > can cobble together a pretty legit regexp that covers the > majority of cases with no horrific DOS cases (e.g. last security > issue). > ... > My initial candidate is ticket #12005, though it merely > re.VERBOSE's the original and tweaks the domain portion to meet > an internal need. Some changes on the stuff before the "@" might > make it more "relaxed" (if not RFC-compliant-ish) while keeping > out some of the badness. >
Of course it would also be possible to use a non-regex approach. There are libraries by Dominic Sayers [1] and Cal Henderson [2] with a ton of tests. Unfortunately they are written in PHP but shouldn't be to hard to translate to Python. As a bonus the authors claim these libraries to validate fully RFC compliant. Ulrich [1] http://www.dominicsayers.com/isemail/ [2] http://code.iamcal.com/php/rfc822/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---