From 618e2bb640c3db69c8532187e8db6eba789239e6 Mon Sep 17 00:00:00 2001
From: Nikita Levchuk <code@levch.uk>
Date: Wed, 6 Nov 2024 15:08:47 +0100
Subject: [PATCH 1/2] lib/uri/mailto.rb (EMAIL_REGEXP): the local part should
 not contain leading or trailing dots

---
 lib/uri/mailto.rb       | 2 +-
 test/uri/test_mailto.rb | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/uri/mailto.rb b/lib/uri/mailto.rb
index cb8024f..c5a5e4a 100644
--- a/lib/uri/mailto.rb
+++ b/lib/uri/mailto.rb
@@ -52,7 +52,7 @@ class MailTo < Generic
     HEADER_REGEXP  = /\A(?<hfield>(?:%\h\h|[!$'-.0-;@-Z_a-z~])*=(?:%\h\h|[!$'-.0-;@-Z_a-z~])*)(?:&\g<hfield>)*\z/
     # practical regexp for email address
     # https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address
-    EMAIL_REGEXP = /\A[a-zA-Z0-9.!\#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\z/
+    EMAIL_REGEXP = /\A[^.][a-zA-Z0-9.!\#$%&'*+\/=?^_`{|}~-]+[^.]@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\z/
     # :startdoc:
 
     #
diff --git a/test/uri/test_mailto.rb b/test/uri/test_mailto.rb
index e7d3142..d2e9648 100644
--- a/test/uri/test_mailto.rb
+++ b/test/uri/test_mailto.rb
@@ -148,6 +148,14 @@ def test_check_to
     assert_raise(URI::InvalidComponentError) do
       u.to = '@invalid.email'
     end
+
+    assert_raise(URI::InvalidComponentError) do
+      u.to = '.hello@invalid.email'
+    end
+
+    assert_raise(URI::InvalidComponentError) do
+      u.to = 'hello.@invalid.email'
+    end
   end
 
   def test_to_s

From 2d7d2d9988c2a2438a47525ad48ee2481e344eb8 Mon Sep 17 00:00:00 2001
From: Nikita Levchuk <code@levch.uk>
Date: Fri, 6 Dec 2024 11:56:03 +0100
Subject: [PATCH 2/2] lib/uri/mailto.rb (EMAIL_REGEXP): use assertions
 surrounding the local part instead of a character class

---
 lib/uri/mailto.rb       | 2 +-
 test/uri/test_mailto.rb | 9 +++++++++
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/lib/uri/mailto.rb b/lib/uri/mailto.rb
index c5a5e4a..a15d2f0 100644
--- a/lib/uri/mailto.rb
+++ b/lib/uri/mailto.rb
@@ -52,7 +52,7 @@ class MailTo < Generic
     HEADER_REGEXP  = /\A(?<hfield>(?:%\h\h|[!$'-.0-;@-Z_a-z~])*=(?:%\h\h|[!$'-.0-;@-Z_a-z~])*)(?:&\g<hfield>)*\z/
     # practical regexp for email address
     # https://html.spec.whatwg.org/multipage/input.html#valid-e-mail-address
-    EMAIL_REGEXP = /\A[^.][a-zA-Z0-9.!\#$%&'*+\/=?^_`{|}~-]+[^.]@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\z/
+    EMAIL_REGEXP = /\A(?!\.)[a-zA-Z0-9.!\#$%&'*+\/=?^_`{|}~-]+(?<!\.)@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*\z/
     # :startdoc:
 
     #
diff --git a/test/uri/test_mailto.rb b/test/uri/test_mailto.rb
index d2e9648..e7c04ef 100644
--- a/test/uri/test_mailto.rb
+++ b/test/uri/test_mailto.rb
@@ -141,6 +141,11 @@ def test_initializer
   def test_check_to
     u = URI::MailTo.build(['joe@example.com', 'subject=Ruby'])
 
+    # Valid emails
+    u.to = 'a@valid.com'
+    assert_equal(u.to, 'a@valid.com')
+
+    # Invalid emails
     assert_raise(URI::InvalidComponentError) do
       u.to = '#1@mail.com'
     end
@@ -156,6 +161,10 @@ def test_check_to
     assert_raise(URI::InvalidComponentError) do
       u.to = 'hello.@invalid.email'
     end
+
+    assert_raise(URI::InvalidComponentError) do
+      u.to = 'n.@invalid.email'
+    end
   end
 
   def test_to_s