5 Jun
2012
5 Jun
'12
12:34 p.m.
On Mon, Jun 04, 2012 at 10:31:10PM +0200, Stefan Winter wrote:
Hi,
In that case though, I would be inclined to write a validation regexp which fully matches the ABNF in RFC 2486.
Elsewhere in the thread I presented arguments why a full check is a bad idea.
Do you have arguments to back up your "inclinedness" or is it just a gut feeling?
Only a gut feeling of "either enforce RFC 2486, or don't". Anything else seems to be a kludge to me. Has anyone actually *measured* what proportion of their failed logins are due to usernames containing two dots, or realms which start or end with a dot, or the other things the OP's regexp tests rejected?