diff --git a/django/utils/html.py b/django/utils/html.py
index 0d107a0da9..49bfef0cf6 100644
--- a/django/utils/html.py
+++ b/django/utils/html.py
@@ -8,7 +8,8 @@ from collections.abc import Mapping
from html.parser import HTMLParser
from urllib.parse import parse_qsl, quote, unquote, urlencode, urlsplit, urlunsplit
-from django.core.exceptions import SuspiciousOperation
+from django.core.exceptions import SuspiciousOperation, ValidationError
+from django.core.validators import validate_email
from django.utils.deprecation import RemovedInDjango60Warning
from django.utils.encoding import punycode
from django.utils.functional import Promise, cached_property, keep_lazy, keep_lazy_text
@@ -476,6 +477,10 @@ class Urlizer:
# Dot must be in p2 (e.g. example.com)
if "." not in p2 or p2.startswith("."):
return False
+ try:
+ validate_email(value)
+ except ValidationError:
+ return False
return True
diff --git a/tests/utils_tests/test_html.py b/tests/utils_tests/test_html.py
index 0beaf98bff..341e211c96 100644
--- a/tests/utils_tests/test_html.py
+++ b/tests/utils_tests/test_html.py
@@ -379,15 +379,9 @@ class TestUtilsHtml(SimpleTestCase):
(
# RFC 6068 requires a mailto URI to percent-encode a number of
# characters that can appear in .
- "yes;this=is&a%valid!email@example.com",
- 'yes;this=is&a%valid!email@example.com",
- ),
- (
- # Urlizer shouldn't urlize the "?org" part of this. But since
- # it does, RFC 6068 requires percent encoding the "?".
- "test@example.com?org",
- 'test@example.com?org',
+ "yes+this=is&a%valid!email@example.com",
+ 'yes+this=is&a%valid!email@example.com",
),
)
for value, output in tests:
@@ -407,6 +401,8 @@ class TestUtilsHtml(SimpleTestCase):
"foo@.example.com",
"foo@localhost",
"foo@localhost.",
+ "test@example?;+!.com",
+ "email me@example.com,then I'll respond",
# trim_punctuation catastrophic tests
"(" * 100_000 + ":" + ")" * 100_000,
"(" * 100_000 + "&:" + ")" * 100_000,