On Tuesday, March 15, 2016 at 12:29:42 AM UTC+1, Josh Smeaton wrote: > > +1. I don't think we need strict email validation. "looks vaguely like an > email address" is enough for validation purposes in forms. Are there any > security concerns we need to be aware of though? >
Absolutely, the crazier the regex, the more likely the chance of catastrophic backtracing. And emails are usually confirmed by sending an email anyways, everything else is not useful anyways -- validation is ment to prevent (some) stupid typos imo, not more. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at https://groups.google.com/group/django-developers. To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/44e113b6-36d0-4166-b5de-6dca0d83577c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.