From bf9bd9dadeafee13c18f267e05eb61255cff1abc Mon Sep 17 00:00:00 2001 From: John Harrington <84741727+harr1424@users.noreply.github.com> Date: Fri, 27 Feb 2026 09:01:41 -0700 Subject: [PATCH] [PM-32628] Add email validation to email verified auth flow (#19198) * add email validation * implement robust email validation regex --- .../send-access-email.component.html | 1 + .../send-access-email.component.ts | 21 +++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/apps/web/src/app/tools/send/send-access/send-access-email.component.html b/apps/web/src/app/tools/send/send-access/send-access-email.component.html index 03af33ce911..440e72b031f 100644 --- a/apps/web/src/app/tools/send/send-access/send-access-email.component.html +++ b/apps/web/src/app/tools/send/send-access/send-access-email.component.html @@ -10,6 +10,7 @@ type="submit" buttonType="primary" [loading]="loading()" + [disabled]="!validateEmail()" [block]="true" > {{ "sendCode" | i18n }} diff --git a/apps/web/src/app/tools/send/send-access/send-access-email.component.ts b/apps/web/src/app/tools/send/send-access/send-access-email.component.ts index 0915a47e4ad..8ff92eafe69 100644 --- a/apps/web/src/app/tools/send/send-access/send-access-email.component.ts +++ b/apps/web/src/app/tools/send/send-access/send-access-email.component.ts @@ -67,4 +67,25 @@ export class SendAccessEmailComponent implements OnInit, OnDestroy { this.otp.markAsPristine(); } } + + validateEmail(): boolean { + const value: string = this.email.value?.trim() ?? ""; + + if (!value || value.length > 254) { + return false; + } + + // RFC 5321-compliant regex: validates local@domain.tld structure + const EMAIL_REGEX = + /^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\.[a-zA-Z]{2,}$/; + + const [local, ...rest] = value.split("@"); + + // Ensure exactly one "@" and local part ≤ 64 chars (RFC 5321) + if (rest.length !== 1 || local.length > 64) { + return false; + } + + return EMAIL_REGEX.test(value); + } }