Invalid email address in report scheduler

[dane_xa]

 Hi Fellow Jasperreports Server Users,

 

I'm having problems with email notification for the report scheduler when the To: email address contains the '+' character.  For example, when I enter yan+7@mydomain.com and click submit, the following appears in red below the form field: Invalid email address yan+7@mydomain.com (screenshot attached).  Also, the same error occurs using the SOAP API.

 

While testing I'm running with validation disabled.  From esapi/security-config.properties ...

security.validation.input.on=false

security.validation.csrf.on=false

security.validation.sql.on=false

 

I've also tried changing regexs (e.g. Validator.Email) in esapi/validation.properties as suggested in this thread:  http://community.jaspersoft.com/questions/541525/error-when-entering-more-one-email-recipient-schedule

 

Any ideas how I can make these email addresses work?

 

Dane

[gdmoreno]

This may sound weird, but try it, just to see. So you've already modified the Validator regex. First try saving a schedule with an email that doesn't have a '+'. Then open it up again, and add the '+" sign back in. Do you still get the error message?

(I'm suggesting this because that's how I dealt with a Validator issue on a different screen, and that worked).

[dane_xa]

Thanks for the suggestion. I created the schedule without the '+', which worked. Then I edited the schedule and changed the email address to yan+7@mydomain.com. But I got the same validation error as before. So no luck with that workaround.

 

Note that I'm running with security validation disabled in esapi/security-config.properties, so there must be something else causing this error.

 

Dane

[dane_xa]

Still no luck changing the email validation rules. It seems there's another validation mechanism, since I've disabled security.validation.input.on. I'd love to learn more about how email validation works in the code.

 

Any kind souls able to point me in the right direction?

[dane_xa]

I've been digging into the source. "Invalid email address" comes from DefaultReportJobValidator.java, and it looks like DEFAULT_EMAIL_PATTERN is hard-coded here.

 

The source I'm looking at is:

http://jasperforge.org/svn/repos/jasperserver/branches/js-4.5.x

 

And the build I'm running in production is:

Product Version: 4.5.0

Build: 20120110_1602

 

Are these the same version?

 

 

One other detail... I see the following in catalina.out:

WARN ValidatorImpl,http-8080-1:518 - Please make sure your web application server is set to URIEncoding=UTF-8.

 

Perhaps this is an encoding issue, not a validation issue. However, I have URIEncoding="UTF-8" set for my connectors in /etc/tomcat6/server.xml:

 

<Connector port="8080" protocol="HTTP/1.1" maxHttpHeaderSize="8192"

maxThreads="150"

enableLookups="false"

redirectPort="8443" acceptCount="100"

URIEncoding="UTF-8"

connectionTimeout="20000"

disableUploadTimeout="true" />

 

 

[gdmoreno]

Dane, what you found makes sense with what I found as well, some security checks are configurable, while others are hard-coded. The DefaultReportJobValidator class gets used by the defaultReportJobValidator bean in a Spring configuration file (applicationContext-report-scheduling.xml), so I suppose it would be straightforward enough to create your own validator class and swap out the one that's currently there. 

[dane_xa]

I think I've found root cause, and it strikes me as a bug. DEFAULT_EMAIL_PATTERN in DefaultReportJobValidator.java wrongly excludes lots of characters that are valid email address characters.

 

public static final String DEFAULT_EMAIL_PATTERN = "^[^\\~\\`\\(\\)\\[\\]\\{\\}\\:\"\\;\'/\\?\\<\\>\\+\\=\\\\|\\!\\@\\#\\$\\%\\^\\&\\*]+@([\\w+\\-]+\\.)+(\\w+)";

 

 

Of course, the authority on this matter is likely one or more RFCs, which I must dig up, but here's a summary from Wikipedia: http://en.wikipedia.org/wiki/E-mail_address#Local_part

 

Looks like I need to patch the source and do a custom build. And perhaps file a bug?

 

Dane