Moonrise2473 to Software Gore@lemmy.world · 11 months agoThis is why you shouldn't allow URLs as a person nameimagemessage-square52fedilinkarrow-up1226arrow-down110file-text
arrow-up1216arrow-down1imageThis is why you shouldn't allow URLs as a person nameMoonrise2473 to Software Gore@lemmy.world · 11 months agomessage-square52fedilinkfile-text
minus-squareBjörn Tantau@swg-empire.delinkfedilinkarrow-up46·11 months agoI mean, allowing arbitrary characters in the name is one thing. I think I would do that as well, as there are many weird names out there. But then actually parsing it out (or not escaping it properly), that’s the real sin.
minus-squaretowerful@programming.devlinkfedilinkarrow-up33·11 months agoMight be the mail client being helpful and going “hey! Thats a URL. Let me make it a link”
minus-squarejol@discuss.tchncs.delinkfedilinkarrow-up2·11 months agoAt the very least remove slashes and periods from the name…
I mean, allowing arbitrary characters in the name is one thing. I think I would do that as well, as there are many weird names out there.
But then actually parsing it out (or not escaping it properly), that’s the real sin.
Might be the mail client being helpful and going “hey! Thats a URL. Let me make it a link”
At the very least remove slashes and periods from the name…