Help save net neutrality! Learn more.

username allowable characters

  • Jonathan Ellis

    Jonathan Ellis - 2003-02-27

    validateUserId restricts usernames to alphanumeric chars.  Is there any reason not to extend this to, say, the characters IRC allows?  [alphanumeric + {'\', '^', '`', '|', '[', ']', '{', '}', '_', '-'}]  How about additionally parentheses and apostrophes?

    • Maarten van Hoof

      Actually the underscore and hyphen are allowed. As for the others, I do not see any reason why they shouldn't be allowed.

    • Anonymous - 2003-03-02

      I see a reason, from the security point of view, I think it's not advisable to allow any character that are used by an operation system for special cases (e.g. '`' and '\' ).

    • Jonathan Ellis

      Jonathan Ellis - 2003-03-03

      since neither client nor server passes strings out to the OS, and there are techniques to un-taint such strings if some (client) developer ever wants to, I don't see this as a very compelling reason.


Log in to post a comment.