My (least) favorite in this category is email addresses. It’s astonishing how many developers screw this up by trying to validate an email address by some means other than sending a message to it.
100% agree.
™@tld
user-at-fqdn@domain.tld.
"user with spaces" .tld
"user@notdomain"@domain.tld
endswitha_@domain.tld
user+tag@gmail.com
unicodedomain@🤡.tld
All of those are valid, and the know-it-all developer’s shitty regex won’t cover most of them.
Except lots of email services won’t take a technically correct email anyway.
“Systems that break email already exist, so let’s add more to the world.”
Please, no.
The problem is that if you send a message just blindly, you can be tricked into sending spam to millions of addresses. I do one thing that prevents that, but does violate the standard, I verify there’s only 1 ‘@’ in the address… this technically prevents people with '@'s in their name, but they probably find it impossible to do anything with that address anyway.
One of the all-time classics! I think all devs should read this.
It’s all reasonable stuff except maybe:
People’s names are all mapped in Unicode code points.
I don’t see how you could avoid this this in software that needs to ask the user their name.
I think it’s definitely a good idea to avoid using names wherever possible, and definitely don’t try to do anything clever with them.
When necessary, software can just be clear:
- “in unicode, what should I call you?”
- "in unicode, who is making this credit card transaction?’
Users: “I don’t speak unicode”
Haha, yeah, I didn’t mean literally telling them that. More like giving them a text field that can only contain unicode characters, which is pretty standard.
And the others it spawned : https://github.com/kdeldycke/awesome-falsehood