[OpenStreetMap] #4143: Case sensitivity regarding email in sign-up and password recovery
OpenStreetMap
trac at openstreetmap.org
Mon Dec 12 10:41:35 GMT 2011
#4143: Case sensitivity regarding email in sign-up and password recovery
-------------------------+--------------------------------------------------
Reporter: rasher | Owner: rails-dev@…
Type: enhancement | Status: new
Priority: minor | Milestone:
Component: website | Version:
Keywords: |
-------------------------+--------------------------------------------------
I recently talked to a mapper who was having trouble recovering his
password so he could accept ODbL. It turned out when he signed up, he had
used a different case than usual when entering his email address, and the
password recovery process is case sensitive.
I've found that signup is also case-sensitive. I managed to signup for two
accounts on the api06.dev using RASHER at gmail and rasher at gmail.
Now, email is by standard case-sensitive on the local name part, so you
could say we're following the standard, and be done with it. However, this
is rarely - if ever - the case on mail servers in "the real world", and I
suspect most users don't expect it, so I think there's still room to
question whether this is a good idea.
A few possible things to do:
* Make sign-up case-insensitive. This could probably be done without
other harm than offending the standards, I suspect.
* Make password-recovery case-insensitive. This becomes problematic if
there are already accounts in the db using the same email with different
case for the local name part.
* Make password-recovery as case-insensitive as possible. Look up
accounts matching the entered email address case-insensitively. If there's
a single match, we act case-insensitively. If there are more than one
match, require a case sensitive match as well. This gets around the
problem of existing "double" accounts, at the cost of somewhat unexpected
behaviour for those users.
--
Ticket URL: <https://trac.openstreetmap.org/ticket/4143>
OpenStreetMap <http://www.openstreetmap.org/>
OpenStreetMap is a free editable map of the whole world
More information about the rails-dev
mailing list