My (least) favorite in this category is email addresses. It's astonishing how many developers screw this up by trying to validate an email address by some means other than sending a message to it.
this post was submitted on 03 Jan 2024
66 points (97.1% liked)
Programming
16740 readers
378 users here now
Welcome to the main community in programming.dev! Feel free to post anything relating to programming here!
Cross posting is strongly encouraged in the instance. If you feel your post or another person's post makes sense in another community cross post into it.
Hope you enjoy the instance!
Rules
Rules
- Follow the programming.dev instance rules
- Keep content related to programming in some way
- If you're posting long videos try to add in some form of tldr for those who don't want to watch videos
Wormhole
Follow the wormhole through a path of communities !webdev@programming.dev
founded 1 year ago
MODERATORS
100% agree.
™@tld
user-at-fqdn@domain.tld.
"user with spaces"@domain.tld
"user@notdomain"@domain.tld
endswitha_@domain.tld
user+tag@gmail.com
unicodedomain@🤡.tld
All of those are valid, and the know-it-all developer's shitty regex won't cover most of them.
Except lots of email services won't take a technically correct email anyway.
"Systems that break email already exist, so let's add more to the world."
Please, no.
The problem is that if you send a message just blindly, you can be tricked into sending spam to millions of addresses. I do one thing that prevents that, but does violate the standard, I verify there's only 1 '@' in the address.. this technically prevents people with '@'s in their name, but they probably find it impossible to do anything with that address anyway.
It's all reasonable stuff except maybe:
People’s names are all mapped in Unicode code points.
I don't see how you could avoid this this in software that needs to ask the user their name.
I think it's definitely a good idea to avoid using names wherever possible, and definitely don't try to do anything clever with them.
When necessary, software can just be clear:
- "in unicode, what should I call you?"
- "in unicode, who is making this credit card transaction?'
Users: "I don't speak unicode"
Haha, yeah, I didn't mean literally telling them that. More like giving them a text field that can only contain unicode characters, which is pretty standard.
Programmers: "\u{004A}\u{006F}\u{0068}\u{006E}"
You can do that when you control the frontend UI. Then, you can set up the input field for their name, applying input validation.
But I would rather not rely on telling the user, in hopes they understand and comply. If they have ways to do it wrong, they will.
One of the all-time classics! I think all devs should read this.
It's solid but I've always preferred the similar list about date and time - some of the answers to this list are just "Yea, but what do you want us to call you."