Make WordPress Core

Opened 12 months ago

Last modified 12 months ago

#40249 new defect (bug)

period as last character in username breaks activation link

Reported by: ilikewordpress Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 4.7.3
Component: Login and Registration Keywords:
Focuses: Cc:


Many browsers and mail clients are converting text-URLs to clickable links.

If a user chooses an username with a period at the end, the activation link in the mail could be incorrect, because the mail client thinks, the period is a punctuation character.

See this (non-working) URL for an example:

The period at the end is part of the username but not part of the URL.

Don't use the username as last parameter. Instead use a defined parameter, which won't have periods as value (i.e. 2action" or "key")

Change History (1)

#1 @ilikewordpress
12 months ago

  • Type changed from enhancement to defect (bug)
Note: See TracTickets for help on using tickets.