ext_258478 ([identity profile] hudebnik.livejournal.com) wrote in [personal profile] jducoeur 2013-12-19 04:37 pm (UTC)

Not a real security geek, and don't even play one on TV, but... I think any approach based on blacklisting will demand constant updating, and you'll never really have confidence in it. I would lean instead towards an encoding system that turns any user-specified name into a clean sequence of letters and numbers, no matter what characters were in the original name. Or do these URL's have to be human-memorable?
(14 comments)

Post a comment in response:

(will be screened)
(will be screened if not validated)
If you don't have an account you can create one now.
HTML doesn't work in the subject.
More info about formatting
 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.