[buddypress-trac] [BuddyPress] #3407: Limit the length of display names
buddypress-trac
noreply at wordpress.org
Tue Mar 12 14:06:44 UTC 2013
#3407: Limit the length of display names
-------------------------+-----------------------------
Reporter: r-a-y | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Core | Version: 1.2
Severity: minor | Resolution:
Keywords: needs-patch |
-------------------------+-----------------------------
Changes (by boonebgorges):
* keywords: close => needs-patch
Comment:
> However, if we limit display names, we should limit username length
I don't know about this. BP display names are clearly under BP
jurisdiction, and if we can prevent one vector of attack, I think we
should go ahead and do so. (Note that the user_login and user_nicename for
the testbp.org spammer above isn't long anyway.) So I tend to agree with
your initial assessment that we can do a lot of good by doing this check
in BP core.
Two concerns:
- Our length check should be multibyte-friendly for non-latin languages
- We should not hardcode the upper limit - at the very least, we should
have a filter on it
--
Ticket URL: <https://buddypress.trac.wordpress.org/ticket/3407#comment:3>
BuddyPress <http://buddypress.org/>
BuddyPress
More information about the buddypress-trac
mailing list