Stricter whitelist rules (#2213)

* Stricter whitelist rules * Linting * Added spec for blacklisting * Test subdomain blacklist on domain whitelist * No need to split * Change spec name
2017-04-26 01:22:51 +02:00 · 2017-04-26 01:22:51 +02:00 · 7177e37b99
commit 7177e37b99
parent fbc5099402
2 changed files with 33 additions and 2 deletions
--- a/app/validators/email_validator.rb
+++ b/app/validators/email_validator.rb
@ -15,7 +15,7 @@ class EmailValidator < ActiveModel::EachValidator
    return false if Rails.configuration.x.email_domains_blacklist.blank?

    domains = Rails.configuration.x.email_domains_blacklist.gsub('.', '\.')
-    regexp  = Regexp.new("@(.+\\.)?(#{domains})", true)
+    regexp = Regexp.new("@(.+\\.)?(#{domains})", true)

    value =~ regexp
  end
@ -24,7 +24,7 @@ class EmailValidator < ActiveModel::EachValidator
    return false if Rails.configuration.x.email_domains_whitelist.blank?

    domains = Rails.configuration.x.email_domains_whitelist.gsub('.', '\.')
-    regexp  = Regexp.new("@(.+\\.)?(#{domains})", true)
+    regexp = Regexp.new("@(.+\\.)?(#{domains})$", true)

    value !~ regexp
  end