Don't allow quoted-string email format.

[colinmollenhour]

I'm all for full RFC compliance and support, but in this case I think it is worth deviating from. The Zend_Validate_EmailAddress supports quoted-string style email addresses which I have never seen anyone use for legitimate purposes. Already this quoted-string format is not allowed by frontend validation so legitimate users can't use it anyway. The only use it has is to try to inject scripts into people's databases/pages and for this reason I think it should be dis-allowed.

Specifically, this block here could be disabled/removed: https://github.com/OpenMage/magento-lts/blob/1.9.3.x/lib/Zend/Validate/EmailAddress.php#L426

[sreichel]

Already this quoted-string format is not allowed by frontend validation so legitimate users can't use it anyway.

This one?

# js\prototype\validation.js
return Validation.get('IsEmpty').test(v) || /^([a-z0-9,!\#\$%&'\*\+\/=\?\^_`\{\|\}~-]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z0-9,!\#\$%&'\*\+\/=\?\^_`\{\|\}~-]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*@([a-z0-9-]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+(\.([a-z0-9-]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])+)*\.(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]){2,})$/i.test(v)

+1 to remove.

[colinmollenhour]

Created PR #432