✨[feature Request]: Security enhancements and vulnerabilities in popup.js

[SamparkBhol]

Is there an existing issue for this?

• I have searched the existing issues

Feature Description

Current popup.js has several critical security vulnerabilities in its email handling system:

Insufficient Email Validation

1. Current regex pattern is too permissive
2. No maximum length restrictions on email input
3. Missing checks for malicious patterns
4. Special characters aren't properly filtered

Unsafe Form Data Handling

1. Direct use of raw user input without proper sanitization
2. No protection against script injection
3. Missing input validation before processing
4. Unsecured data display in alert messages

Missing Rate Limiting

1. No protection against rapid-fire form submissions
2. Potential for email spam attacks
3. Missing cooldown period between submissions
4. No limit on failed attempts

Use Case

• Protect against malicious email inputs
• Prevent form submission abuse
• Secure user data handling
• Maintain system integrity

Benefits

1. Enhanced Security:

• Protected against common email-based attacks
• Secured form submission process
• Safe data display methods

2. System Protection:

• Spam prevention
• Resource protection
• Improved system stability

Add ScreenShots

No response

Priority

High

Record

• I have read the Contributing Guidelines
• I'm a GSSOC'24EXTD contributor
• I have starred the repository

[github-actions]

Hi there! Thanks for opening this issue @SamparkBhol!. We appreciate your contribution to this open-source project. We aim to respond or assign your issue as soon as possible.