X-Git-Url: https://git.openstreetmap.org/rails.git/blobdiff_plain/2cfd5b97a83ab27f51e2d44ab832194f098d1eb7..c9f9ade96fef0e058704bd8583eb44dddff9965e:/app/helpers/browse_tags_helper.rb?ds=sidebyside

diff --git a/app/helpers/browse_tags_helper.rb b/app/helpers/browse_tags_helper.rb
index d4294daaa..fc25325a4 100644
--- a/app/helpers/browse_tags_helper.rb
+++ b/app/helpers/browse_tags_helper.rb
@@ -21,12 +21,8 @@ module BrowseTagsHelper
       link_to h(wmc[:title]), wmc[:url], :title => t("browse.tag_details.wikimedia_commons_link", :page => wmc[:title])
     elsif url = wiki_link("tag", "#{key}=#{value}")
       link_to h(value), url, :title => t("browse.tag_details.wiki_link.tag", :key => key, :value => value)
-    elsif emails = email_links(key, value)
-      # similarly, email_links() returns an array of emails
-      emails = emails.map do |e|
-        link_to(h(e[:email]), e[:url], :title => t("browse.tag_details.email_link", :email => e[:email]))
-      end
-      safe_join(emails, "; ")
+    elsif email = email_link(key, value)
+      link_to(h(email[:email]), email[:url], :title => t("browse.tag_details.email_link", :email => email[:email]))
     elsif phones = telephone_links(key, value)
       # similarly, telephone_links() returns an array of phone numbers
       phones = phones.map do |p|
@@ -129,26 +125,22 @@ module BrowseTagsHelper
     nil
   end
 
-  def email_links(_key, value)
-    # Does value look like an email? eg "someone@domain.tld"
-    # or a list of alternate emails separated by ;
-
-    # Uses WHATWG implementation of email validation, which follows RFC 1123
-    # but is a willful violation of RFC 5322.
-    #  (see: https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address)
-    if value.match?(%r{^\s*[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+
-                          @[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\s*
-                      (;\s*[a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+
-                          @[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\s*)*$
-                    }x)
-      return value.split(";").map do |email|
-        # remove any leading or trailing whitespace if present
-        email = email.strip
-
-        # add 'mailto:'' prefix
-        { :email => email, :url => "mailto:#{email}" }
-      end
+  def email_link(_key, value)
+    # Does the value look like an email? eg "someone@domain.tld"
+
+    #  Uses Ruby built-in regexp to validate email.
+    #  This will not catch certain valid emails containing comments, whitespace characters,
+    #  and quoted strings.
+    #    (see: https://github.com/ruby/ruby/blob/master/lib/uri/mailto.rb)
+
+    # remove any leading and trailing whitespace
+    email = value.strip
+
+    if email.match?(URI::MailTo::EMAIL_REGEXP)
+      # add 'mailto:'' prefix
+      return { :email => email, :url => "mailto:#{email}" }
     end
+
     nil
   end
 
@@ -163,7 +155,7 @@ module BrowseTagsHelper
     #
     # Also accepting / as a visual separator although not given in RFC 3966,
     # because it is used as a visual separator in OSM data in some countries.
-    if value.match?(%r{^\s*\+[\d\s\(\)/\.-]{6,25}\s*(;\s*\+[\d\s\(\)/\.-]{6,25}\s*)*$})
+    if value.match?(%r{^\s*\+[\d\s()/.-]{6,25}\s*(;\s*\+[\d\s()/.-]{6,25}\s*)*$})
       return value.split(";").map do |phone_number|
         # for display, remove leading and trailing whitespace
         phone_number = phone_number.strip