Validate Email regex before submitting forms

cgi-bin/form.py

@@ -34,6 +34,9 @@ except IOError:
 
 
 HONEYPOT_FIELD_NAME = "addressline1"
+# This regex merely validates what the in-browser form validation already checks and
+# isn't all too strict.
+EMAIL_REGEX = re.compile(r"^[^ ]+@[^ ]+\.[^ ]+$")
 
 SITE_DIRECTORY = os.environ.get("SITE_DIRECTORY", "")
 request_uri = os.environ.get("REQUEST_URI", "").lower().rstrip("/")
@@ -183,7 +186,11 @@ if not isinstance(hcaptcha_data, Mapping) or not hcaptcha_data.get("success", Fa
 # Extract all the actually provided form data. This is different from form to
 # form (see the match block below).
 contact_name = get_form_value("contactname")
+
 contact_email = get_form_value("contactemail")
+if not EMAIL_REGEX.fullmatch(contact_email):
+	fail("400 Bad Request", "Invalid Email address")
+
 message = get_form_value("message", "[Keine Nachricht hinterlassen]")
 attachment: Optional[tuple[str, bytes]] = None