From aceb9bb03183ff9c8b5868191ca28cef72c5740f Mon Sep 17 00:00:00 2001
From: Rostislav Wolny <rostislav.wolny@sygictravel.com>
Date: Mon, 5 Mar 2018 07:20:04 +0100
Subject: [PATCH] Hardened UI email address check MAILPOET-1288

---
 views/layout.html | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/views/layout.html b/views/layout.html
index f95db7b5d6..d29b584ff1 100644
--- a/views/layout.html
+++ b/views/layout.html
@@ -48,8 +48,8 @@ jQuery('.toplevel_page_mailpoet-newsletters.menu-top-last')
   var mailpoet_premium_version = <%= json_encode(mailpoet_premium_version()) %>;
   var mailpoet_analytics_enabled = <%= is_analytics_enabled() | json_encode %>;
   var mailpoet_analytics_data = <%= json_encode(get_analytics_data()) %>;
-  // RFC 5322 standard; http://emailregex.com/
-  var mailpoet_email_regex = /^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,}))$/;
+  // RFC 5322 standard; http://emailregex.com/ combined with https://google.github.io/closure-library/api/goog.format.EmailAddress.html#isValid
+  var mailpoet_email_regex = /(?=^[+a-zA-Z0-9_.!#$%&'*\/=?^`{|}~-]+@([a-zA-Z0-9-]+\.)+[a-zA-Z0-9]{2,63}$)(?=^(([^<>()\[\]\\.,;:\s@"]+(\.[^<>()\[\]\\.,;:\s@"]+)*)|(".+"))@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}])|(([a-zA-Z\-0-9]+\.)+[a-zA-Z]{2,})))/;
 </script>
 
 <!-- javascripts -->