[zanata-bugs] [Bug 978622] New: No validation on username in Administration user management
bugzilla at redhat.com
bugzilla at redhat.com
Thu Jun 27 00:22:31 UTC 2013
https://bugzilla.redhat.com/show_bug.cgi?id=978622
Bug ID: 978622
Summary: No validation on username in Administration user
management
Product: Zanata
Version: development
Component: Authentication-Internal
Severity: medium
Priority: unspecified
Assignee: irooskov at redhat.com
Reporter: djansen at redhat.com
QA Contact: dchen at redhat.com
CC: zanata-bugs at redhat.com
Description of problem:
The registration form for Zanata has input validation, i.e. restricts to
lowercase letters and digits. The Account Details management form does not, and
allows the saving of any characters as part of the username.
Version-Release number of selected component (if applicable):
Dev
How reproducible:
Easily, Always
Steps to Reproduce:
1. Click menu More, then Register
2. Enter user+++== in the username field
3. Note the error displayed
4. Log in as an administrator
5. Select menu More, Administration, Manage Users
6. Click Edit on a user
7. Enter user+++== in the username field
8. No validation message
9. Click Save
10. user+++== is saved
Actual results:
Username is accepted, bad characters and all
Expected results:
Username rejected
Additional info:
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=32xpgNxMyo&a=cc_unsubscribe
More information about the zanata-bugs
mailing list