6

I noticed that the built-in browser validation for <input type="email" /> requires a format of xxx@xxx. Only the @ character is required. There is no need to a dot, like email@stackoverflow.com.

It is the same with the popular jQuery.inputmask, the rule of email alias does not require the dot, either.

I am just curious. Is it a standard way to ignore the dot in email validation now? I haven't seen any email address on the root level domain. What is the reason to ignore the dot?

Blaise
  • 21,314
  • 28
  • 108
  • 169
  • 3
    possible duplicate of [Why does HTML5 form-validation allow emails without a dot?](http://stackoverflow.com/questions/20573488/why-does-html5-form-validation-allow-emails-without-a-dot) – JJJ Jan 16 '15 at 21:19
  • emails are complicated, almost anything containing `@` could be an email, even `bill@com`, which is why validating too strict tend to lead to problems. – adeneo Jan 16 '15 at 21:25
  • Thanks, Juhana. It appears to be duplicate. – Blaise Jan 16 '15 at 21:29
  • [Play framework](https://playframework.com/documentation/1.4.1/api/play/data/validation/EmailCheck.html) requires a dot in the domain, unfortunately, since MS userPrincipalName (also based on RFC-822) validates without a dot. – Nati Jan 04 '17 at 20:14

1 Answers1

12

The RFC 822, chapter 6, gives the specification of an address in augmented Backus-Naur Form (BNF):

addr-spec   =  local-part "@" domain
local-part  =  word *("." word)
domain      =  sub-domain *("." sub-domain)

Using this specification a@b is a valid address.

Ortomala Lokni
  • 56,620
  • 24
  • 188
  • 240
  • 5
    The spec is stupid, because every email address in real life has a .com, .net, etc. It is a somewhat common user error to forget that ending, so in real life, following the spec means a lot of faulty email addresses get accepted. – Acyra Mar 10 '16 at 15:44
  • 3
    @Acyra, the spec is not stupid at all, since `user@localhost` is a perfectly valid email, and so is something like `user@com`. An example of the second type, where a TLD can point to something is the domain `uz` as of Oct. 2018. See results for `nslookup uz` if you're curious. – pulsejet Oct 07 '18 at 18:42
  • I was trying to use a built-in validator in .NET and it allows user@localhost like you said. But, I agree with Acyra, it's stupid. That case is very rare. So email validators that are built in to a framework should at least give you the option to require the top-level domain (maybe even default to requiring it and allow for no top level domain as an option). In my code, I don't want to allow localhost or an IP address as the domain. – iPaul Jul 20 '23 at 18:08