View Issue Details

IDProjectCategoryView StatusLast Update
0026811mantisbtauthenticationpublic2020-03-25 06:12
Reporterrealitix Assigned Tocommunity  
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version2.24.0 
Target Version2.25.0Fixed in Version2.25.0 
Summary0026811: Username regex is too strict by default
Description

The regex used to validate username limits the extension dns name to 4 chars.
However, lot of domains exceed this rule.
The following python code give the longest dns suffix:

import urllib2

def is_ascii(s):
return all(ord(c) < 128 for c in s)

data = urllib2.urlopen("https://publicsuffix.org/list/public_suffix_list.dat&quot;)
nb_char = 0
longest_domain = None
for line in data:
if not line.startswith('//') and '.' not in line and is_ascii(line):
d = line.strip()
if len(d) > nb_char:
nb_char = len(d)
longest_domain = d

print("Longest domain {} with {} chars".format(longest_domain, nb_char))
The longest dns name is 18 chars

TagsNo tags attached.

Activities

realitix

realitix

2020-03-24 09:49

reporter   ~0063789

Here the pull request: https://github.com/mantisbt/mantisbt/pull/1634

Related Changesets

MantisBT: master e6e5a878

2020-03-25 06:11:33

realitix


Committer: community Details Diff
Increase TLD max length when validating usernames

The regex used to validate usernames limits the top-level domain part
to 4 chars. However, a lot of domains exceed this rule. The longest
one is currently 18 chars.

Fixes 0026811

The following python code returns the longest domain:

``` python
import urllib2

def is_ascii(s):
return all(ord(c) < 128 for c in s)

data = urllib2.urlopen("https://publicsuffix.org/list/public_suffix_list.dat")
nb_char = 0
longest_domain = None
for line in data:
if not line.startswith('//') and '.' not in line and is_ascii(line):
d = line.strip()
if len(d) > nb_char:
nb_char = len(d)
longest_domain = d
```
Affected Issues
0026811
mod - config_defaults_inc.php Diff File

Issue History

Date Modified Username Field Change
2020-03-24 09:49 realitix New Issue
2020-03-24 09:49 realitix Note Added: 0063789
2020-03-24 10:42 atrol Assigned To => community
2020-03-24 10:42 atrol Status new => assigned
2020-03-25 06:05 dregad Fixed in Version => 2.25.0
2020-03-25 06:11 community Changeset attached => MantisBT master e6e5a878
2020-03-25 06:11 community Status assigned => resolved
2020-03-25 06:11 community Resolution open => fixed
2020-03-25 06:12 dregad Target Version => 2.25.0