[#39270] - J4 com_user - Add option to disallow URLs in Username and Name
- New
- Medium
- Build: 4.2-dev
- # 39270
Is your feature request related to a problem? Please describe.
Despite Captcha on, I get User registrations with valid emails but with scam in the username so that the valid email gets a spam mail from my Website.
Describe the solution you'd like
I would like to have an option to shorten the name and Username to max. 20 characters (or any custom value) and to add a blacklist for those fields and disallow any URLs in there.
joomla-cms-bot
- | Labels |
Added:
No Code Attached Yet
|
||
chmst
- | Title |
|
||||||
That's right but an URL filter would make sense and additional length limit to prohibit long text in those fields
username is already limited to 30 characters
It's a serious security issue for me :-( please bring the PR back @laoneo @GeraintEdwards
username is already limited to 30 characters
But name isn't- I have lots of russian spam there
yes it is
joomla-cms/components/com_users/forms/registration.xml
Lines 11 to 17 in b53b47c
As stated by @laoneo in the other PR there are extensions available. I just quickly tested one that was the first match on the JED and it worked fine https://github.com/Spudley/plg_user_restrictusername
Security should be a core setting :-(
This isnt security.
@brianteeman than what it is if not securiy?
Having said that this is not security, how will comment on this comment made by you?
Hackwar
- | Labels |
Added:
?
|
||
A max character limit wouldn't work thanks to utilities like bit.ly.