U4-11145 - Email validation is too strict on password reset screen

Created by Daniel Symonds-Lloyd 23 Mar 2018, 06:42:51 Updated by Sebastiaan Janssen 31 Aug 2018, 17:44:16

Tags: Up For Grabs

When going to the login screen

Clicking Forgotten password

Enter an email address with a new TLD eg user@company.solutions

Press Submit button

What did you expect to happen? Form to be submitted

What actually happened? Email address validation failed in angular app, with no error message displayed too.

HTML generated is: ``


Currently using version 7.9.2


Sebastiaan Janssen 23 Mar 2018, 08:04:47

Oh no! You seem to have researched this already, if you have an idea of how to fix it, we'd love to see some code, care to submit a pull request? https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/CONTRIBUTING.md

Daniel Symonds-Lloyd 23 Mar 2018, 08:40:40

I could look at it later on, I assume it should match whatever validation is done server side for email addresses. Is being less restrictive in this scenario acceptable, validating just one character before an @, then one afterwards with a dot and then one character?

Daniel Symonds-Lloyd 23 Mar 2018, 09:42:11

I have found the source of the issue, but it's in the lib\1.1.5\angular-scenario.js file in the angular library.

Line 21840 var EMAIL_REGEXP = /^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}$/;

It looks part of the default angular validation library for email addresses.

Changing the regex to be as per below fixes the validation var EMAIL_REGEXP = /^[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,64}$/;

Marcel van Helmont 29 Aug 2018, 13:33:38

No need to change angular files, umbraco has a email validation directive that we can use.

PR: https://github.com/umbraco/Umbraco-CMS/pull/2883

Priority: Normal

Type: Bug

State: Fixed


Difficulty: Normal


Backwards Compatible: True

Fix Submitted:

Affected versions: 7.9.2

Due in version: 7.12.2


Story Points: