A cohort of mine sent an email to chess.com after some odd registration issues, inquiring why they consider the use of the '+' to be invalid.
Special characters are valid on the net on all mail servers, the + being one of the major ones in use today. By default, ALL mail programs allow use of the + and many other special characters.
The following is their response (note; no explanation as to why not the use of + and the ticket is closed, with no allowance for rebuttal)
show details 5:48 AM (14 hours ago) |
xxxxxxx
I'm sorry, but we won't be using or allowing the use of + in email addresses.
The only special characters permitted are dash, underscore or dot.
- Kohai
Chess.com Support
www.Chess.com
I'm sorry, but we won't be using or allowing the use of + in email addresses.
The only special characters permitted are dash, underscore or dot.
- Kohai
Chess.com Support
www.Chess.com
She apologizes that chess.com won't be following any web standards? Only those 3 characters? Even if the issue was that of using the email as username (not needed at chess.com, as you can sign in with your nickname), there would be no reason - security or otherwise - to disallow, by deliberate choice by the way, the use of any standard special character in emails. In fact, the disallowing of the + character is itself more of a security risk to the user of chess.com than ever chess.com servers. Using the + can actually prevent spam on servers, in both directions (as whatever comes after the plus is used as an effective spam mask - you know exactly where the original email would have come from)
Obviously, I don't need to say anymore here. As usual, I must defer to the wisdom of Steve Gibson at grc.com
So for now, stay FAR away from chess.com -
I recommend instead, redhotpawn.com
No comments:
Post a Comment