talktalktalk icon indicating copy to clipboard operation
talktalktalk copied to clipboard

Published 20 hours ago verified publisher icon josephernest

Let usernames have funnier char than just alphanumeric

Open josephernest opened this issue 8 years ago • 1 comments
trafficstars

Because of many malicious utf8 characters such as this one: http://unicode-table.com/fr/200D/

or even things like this in username: 
 (see http://code.cside.com/3rdpage/us/newLine.html)

I had to ban everything else than alphanumeric characters https://github.com/josephernest/talktalktalk/blob/master/talktalktalk.py#L49

username = re.sub(r'\W+', '', username)

Would be cool to allow more UTF8 characters (even ❤ ☀ ☆ ☂ ☻ ♞ ☯ ).

Which ones to allow, which ones to ban?

josephernest avatar Nov 22 '16 20:11 josephernest

Here's a great list: http://apps.timwhitlock.info/emoji/tables/unicode

These are basically the ones built into iOS, which you know have been scrutinized for safety and appropriateness. Some sort of regex whitelist might be available somewhere.

dangayle avatar Nov 23 '16 20:11 dangayle