Closed
Bug 726549
Opened 12 years ago
Closed 12 years ago
check usernames against blacklist
Categories
(support.mozilla.org :: Users and Groups, task, P4)
support.mozilla.org
Users and Groups
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: atopal, Unassigned)
References
Details
bug 682818 only checks for exact matches of usernames, so adding any character to the usernames circumvents the check. Please check for substrings instead, so any username that includes one of the names on the blacklist should be blocked.
Comment 1•12 years ago
|
||
This is a clbuttic[1,2] error that ends up frustrating users. Lots of words match substrings, including plenty of names. Assumption, Cockburn, Scunthorpe, Penistone (for some reason, lots and lots of place names from the UK) shitake, Libshitz, and more. I'd strongly advise against chasing this further than the existing blacklist. [1] http://thedailywtf.com/Articles/The-Clbuttic-Mistake-.aspx [2] http://en.wikipedia.org/wiki/Scunthorpe_problem
Reporter | ||
Comment 2•12 years ago
|
||
This is not for long form text input, but usernames only, and was the original intention in bug 682818.
Reporter | ||
Updated•12 years ago
|
Priority: -- → P4
Comment 3•12 years ago
|
||
(In reply to Kadir Topal [:atopal] from comment #2) > This is not for long form text input, but usernames only, and was the > original intention in bug 682818. I am pretty sure we didn't do this because it is not possible to do without blocking valid usernames. Malicious users will always figure out how to get around whatever rule we have.
Comment 4•12 years ago
|
||
(In reply to Kadir Topal [:atopal] from comment #2) > This is not for long form text input, but usernames only, and was the > original intention in bug 682818. I understand that and still deeply recommend against doing this. It will frustrate legitimate users and do nothing to stop already angry ones. W3_C4N7_570P_3V3RY7TH1N6.
Reporter | ||
Updated•12 years ago
|
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → WONTFIX
Reporter | ||
Updated•12 years ago
|
Whiteboard: u=contributor c=user s=2012.4 p=
You need to log in
before you can comment on or make changes to this bug.
Description
•