I know Elias had proposed adding a config property which is essentially a regex that would be used to determine if a username is okay. then site admins can alter that property as desired if they want to.
Personally, I have mixed emotions about the prospect of letting app owners alter the username and password restrictions. I can see that it would be a nice feature, but at the same time it really shouldn't be all that necessary as long as we pick a good standard. Anyone know of any open standards for username character restrictions? Elias is correct that we should at least open up the username restrictions to allow for '@' and '.' characters so that email addresses are valid. -- Allen On Tue, 2005-08-23 at 06:31, Dave Johnson wrote: > Yes, this is still an open issue in 2.0. It's on my list. > > Do we have a proposed solution? > > - Dave > > > On Aug 21, 2005, at 10:25 PM, Elias Torres wrote: > > > BTW, I don't think I have double-checked this, but handle in create > > weblog form does not seem to restrict any characters (as found in > > Roller_2.0 branch). Therefore, I guess we need to resolve this so we > > are not being inconsistent. Sorry for being such a pest on this. > > > > Elias > > > > On 8/16/05, Lance Lavandowska <[EMAIL PROTECTED]> wrote: > >> Due to Jaap's > >> <http://rollerweblogger.org/wiki/Wiki.jsp?page=JaapVanDerMolen> > >> work > >> <http://rollerweblogger.org/wiki/Wiki.jsp?page=InstallationGuide#ref- > >> InstallationGuide-6> > >> "websafe" shouldn't be necessary. But Anil indicated there were some > >> issues with Tomcat not supporting non-ISO-8859-1 usernames. > >> > >> Lance > >> > >> On 8/16/05, Dave Johnson <[EMAIL PROTECTED]> wrote: > >>> > >>> What we really need is a algorithm for determining if a username (or > >>> in > >>> 2.0 a webloghandle) is safe to use in a URL. Any pointers? > >>> > >>> - Dave > >> > > >
