Opened 42 hours ago
Last modified 28 hours ago
#36017 new Bug
Urlize email address allows punctuation in domains
| Reported by: | Mike Edmunds | Owned by: | |
|---|---|---|---|
| Component: | Utilities | Version: | 5.1 |
| Severity: | Normal | Keywords: | |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | no | UI/UX: | no |
Description
The urlize template filter incorrectly recognizes domains in email addresses, linkifying punctuation that shouldn't be included in the address:
# Django 5.1.4, Python 3.12.4 from django.template.defaultfilters import urlize urlize("email me@example.com,then I'll respond") 'email <a href="mailto:me@example.com,then">me@example.com,then</a> I'll respond' urlize("test@example?;+!.com") '<a href="mailto:test@example?;+!.com">test@example?;+!.com</a>'
The first example should probably stop before the comma. The second example probably shouldn't linkify at all.
See also #36012.
Note:
See TracTickets
for help on using tickets.