If spammers can abuse something, they gonna abuse it

  • Björn Tantau@swg-empire.de
    link
    fedilink
    arrow-up
    46
    ·
    11 months ago

    I mean, allowing arbitrary characters in the name is one thing. I think I would do that as well, as there are many weird names out there.

    But then actually parsing it out (or not escaping it properly), that’s the real sin.

    • jol
      link
      fedilink
      arrow-up
      2
      ·
      11 months ago

      At the very least remove slashes and periods from the name…