Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-5681

Remove special character validation on email

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: CA GUI
    • Issue discovered during:
      Customer

      Description

      When adding or editing end entities in the AdminGUI, EJBCA verifies that the email address does not contain "illegal" characters with a javascript function. Maybe it is time to revisit that function and what it does and decide whether we are disallowing the right characters.

      EJBCA defines the illegal characters as anything that is not a letter, a number, _(under score), ( dash), .(dot), '(single quote) and anything between \u00a1 \ud7ff and \ue000-\uffff. We don't do further verification deeper inside EJBCA and emails with "illegal characters" are allowed if the end entity is created or edited somewhere other than the AdminGUI (for example the RAGUI) and the certificate is generated correctly. The javascript function was added in an early version of EJBCA 3.x.

      The disallowed characters are a very small subset of what we allow (which is almost all existing characters), which makes it look like a very strange selection. Was there a reason to disallow those specific characters?

      Related current issue: A customer wants to use the '&' character (which is currently illegal). They can create the end entity in the RA GUI no problem, but need to edit the end entity in the AdminGUI (there is no "edit end entity" functionality in the RA GUI). Disabling javascript renders the Edit End Entity page unusable. See SUPPORT-1388.

      Helpful info:

      • The regEx we use: ^\u0041-\u005a\u0061-\u007a\u00a1-\ud7ff\ue000-\uffff_0-9\.-\'
      • A helpful website to test reqEx: www.regexr.com
      • The function EJBCA uses is located in ejbcajslib.js

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            aveen Aveen Ismail (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:

                Time Tracking

                Estimated:
                Original Estimate - 1 day
                1d
                Remaining:
                Remaining Estimate - 1 day
                1d
                Logged:
                Time Spent - Not Specified
                Not Specified