Merge commit from fork

* Disallow some special characters in e-mail addresses

* Add size limit to email columns

Author: ClearlyClaire

app/models/user.rb

@@ -97,7 +97,7 @@ class User < ApplicationRecord
 
   has_one :custom_css, inverse_of: :user, dependent: :destroy
 
-  validates :email, presence: true, email_address: true
+  validates :email, presence: true, email_address: true, length: { maximum: 320 }
 
   validates_with UserEmailValidator, if: -> { ENV['EMAIL_DOMAIN_LISTS_APPLY_AFTER_CONFIRMATION'] == 'true' || !confirmed? }
   validates_with EmailMxValidator, if: :validate_email_dns?

app/validators/email_address_validator.rb

@@ -11,8 +11,14 @@ def validate_each(record, attribute, value)
     value = value.strip
 
     address = Mail::Address.new(value)
-    record.errors.add(attribute, :invalid) if address.address != value
+    record.errors.add(attribute, :invalid) if address.address != value || contains_disallowed_characters?(value)
   rescue Mail::Field::FieldError
     record.errors.add(attribute, :invalid)
   end
+
+  private
+
+  def contains_disallowed_characters?(value)
+    value.include?('%') || value.include?(',') || value.include?('"')
+  end
 end