Don't rely on the IDNA library for checking valid hyphens, use our own checks

Including invalid RFC 5890 R-LDH labels (e.g. '??--' other than 'xn--'), see #92.

The IDNA library will check this but its error messages are not friendly, and for future proofing it's better to not assume it does any general syntax checks.

Author: JoshData

email_validator/syntax.py

@@ -130,16 +130,27 @@ def validate_email_domain_part(domain, test_environment=False, globally_delivera
     except idna.IDNAError as e:
         raise EmailSyntaxError("The part after the @-sign contains invalid characters ({}).".format(str(e)))
 
-    # Now we can perform basic checks on the use of periods (since equivalent
-    # symbols have been mapped to periods). These checks are needed because the
-    # IDNA library doesn't handle well domains that have empty labels (i.e. initial
-    # dot, trailing dot, or two dots in a row).
+    # The domain part is made up period-separated "labels." Each label must
+    # have at least one character and cannot start or end with dashes, which
+    # means there are some surprising restrictions on periods and dashes.
+    # Check that before we do IDNA encoding because the IDNA library gives
+    # unfriendly errors for these cases, but after UTS-46 normalization because
+    # it can insert periods and hyphens (from fullwidth characters).
     if domain.endswith("."):
         raise EmailSyntaxError("An email address cannot end with a period.")
     if domain.startswith("."):
         raise EmailSyntaxError("An email address cannot have a period immediately after the @-sign.")
     if ".." in domain:
         raise EmailSyntaxError("An email address cannot have two periods in a row.")
+    if domain.endswith("-"):
+        raise EmailSyntaxError("An email address cannot end with a hyphen.")
+    if domain.startswith("-"):
+        raise EmailSyntaxError("An email address cannot have a hyphen immediately after the @-sign.")
+    if ".-" in domain or "-." in domain:
+        raise EmailSyntaxError("An email address cannot have a period and a hyphen next to each other.")
+    for label in domain.split("."):
+        if re.match(r"(?!xn)..--", label, re.I):  # RFC 5890 invalid R-LDH labels
+            raise EmailSyntaxError("An email address cannot have two letters followed by two dashes immediately after the @-sign or after a period, except Punycode.")
 
     if DOT_ATOM_TEXT_HOSTNAME.match(domain):
         ascii_domain = domain

tests/test_syntax.py

@@ -210,15 +210,21 @@ def test_email_valid(email_input, output):
     [
         ('my@localhost', 'The part after the @-sign is not valid. It should have a period.'),
         ('my@.leadingdot.com', 'An email address cannot have a period immediately after the @-sign.'),
-        ('my@．．leadingfwdot.com', 'An email address cannot have a period immediately after the @-sign.'),
-        ('my@..twodots.com', 'An email address cannot have a period immediately after the @-sign.'),
+        ('my@．leadingfwdot.com', 'An email address cannot have a period immediately after the @-sign.'),
         ('my@twodots..com', 'An email address cannot have two periods in a row.'),
-        ('my@baddash.-.com',
-         'The part after the @-sign contains invalid characters (Label must not start or end with a hyphen).'),
-        ('my@baddash.-a.com',
-         'The part after the @-sign contains invalid characters (Label must not start or end with a hyphen).'),
-        ('my@baddash.b-.com',
-         'The part after the @-sign contains invalid characters (Label must not start or end with a hyphen).'),
+        ('my@twofwdots．．.com', 'An email address cannot have two periods in a row.'),
+        ('my@trailingdot.com.', 'An email address cannot end with a period.'),
+        ('my@trailingfwdot.com．', 'An email address cannot end with a period.'),
+        ('me@-leadingdash', 'An email address cannot have a hyphen immediately after the @-sign.'),
+        ('me@－leadingdashfw', 'An email address cannot have a hyphen immediately after the @-sign.'),
+        ('me@trailingdash-', 'An email address cannot end with a hyphen.'),
+        ('me@trailingdashfw－', 'An email address cannot end with a hyphen.'),
+        ('my@baddash.-.com', 'An email address cannot have a period and a hyphen next to each other.'),
+        ('my@baddash.-a.com', 'An email address cannot have a period and a hyphen next to each other.'),
+        ('my@baddash.b-.com', 'An email address cannot have a period and a hyphen next to each other.'),
+        ('my@baddashfw.－.com', 'An email address cannot have a period and a hyphen next to each other.'),
+        ('my@baddashfw.－a.com', 'An email address cannot have a period and a hyphen next to each other.'),
+        ('my@baddashfw.b－.com', 'An email address cannot have a period and a hyphen next to each other.'),
         ('my@example.com\n',
          'The part after the @-sign contains invalid characters (Codepoint U+000A at position 4 of '
          '\'com\\n\' not allowed).'),
@@ -247,10 +253,10 @@ def test_email_valid(email_input, output):
         ('my.λong.address@1111111111222222222233333333334444444444555555555.6666666666777777777788888888889999999999000000000.1111111111222222222233333333334444444444555555555.6666666666777777777788888888889999999999000000000.1111111111222222222233333333334444.info', 'The email address is too long (at least 1 character too many).'),
         ('me@bad-tld-1', 'The part after the @-sign is not valid. It should have a period.'),
         ('me@bad.tld-2', 'The part after the @-sign is not valid. It is not within a valid top-level domain.'),
-        ('me@-', 'The part after the @-sign contains invalid characters (Label must not start or end with a hyphen).'),
         ('me@x!', 'The part after the @-sign contains invalid characters (Codepoint U+0021 at position 2 of \'x!\' not allowed).'),
-        ('me@xn--', 'The part after the @-sign contains invalid characters (Malformed A-label, no Punycode eligible content found).'),
-        ('me@yy--', 'The part after the @-sign contains invalid characters (Label has disallowed hyphens in 3rd and 4th position).'),
+        ('me@xn--0.tld', 'The part after the @-sign is not valid IDNA (Invalid A-label).'),
+        ('me@yy--0.tld', 'An email address cannot have two letters followed by two dashes immediately after the @-sign or after a period, except Punycode.'),
+        ('me@yy－－0.tld', 'An email address cannot have two letters followed by two dashes immediately after the @-sign or after a period, except Punycode.'),
     ],
 )
 def test_email_invalid_syntax(email_input, error_msg):