WingNews logo WingNews GitHub [2]
top | item 15569100

Reserved-usernames: Usernames to prevent url collision with resource paths

23 points| edward | 8 years ago |github.com | reply

16 comments

order
[+] djsumdog|8 years ago|reply
I'm confused. What is the purpose for this? Is this for sites that have exmaple.com/username so you know ahead of time what paths you most likely want to reserve?

Seems silly. You should either put users at example.com/user/{username} or you should put all non-user profiles under a reserved base like example.com/res/settings.

[+] adambrenecki|8 years ago|reply
I agree. Even if you think /user/ or /res/ is too long or unsightly, you could have shorter prefixes like (in an example.com/username system) example.com/.settings or example.com/_settings, or (in an example.com/settings system) example.com/@username or example.com/~username.

That said, it might still be a good idea to blacklist these anyway, as you might end up with someone registering the username 'reset-password' (which isn't on this list yet) trying to phish your users, or 'support' trying to masquerade as your support, depending on what your app does.

[+] Aloha|8 years ago|reply
I guess if you have usernames in a shared namespace with system components this'd make sense - it's not something I'd consider a feature.

consider:

website.org/aloha

website.org/contact

website.org/u/aloha

website.org/users/aloha

users.website.org/aloha

u.website.org/aloha

aloha.website.org

with the first two examples, yes, there is a potential for collision - so you'd want something like this.

I consider the next four examples to be best - the final example I consider potentially administratively painful depending on implementation.

[+] ljoshua|8 years ago|reply
Twitter, for example, will place the username at the first level (twitter.com/username). Most of the other interactions occur under a small group of other addresses, such as /i/ and /settings/. However, I can still see this being a helpful resource so that you don't have to think about all possibilities from the outset.
[+] twhb|8 years ago|reply
Certainly doing this is introducing technical challenges easily avoided. But it’s also a win for reading, typing, and remembering URLs. Don’t confuse back-end elegance with elegance in communication with humans.
[+] everdev|8 years ago|reply
I could see a profanity list being more useful. How many people really try to register with the username "projects"?

As other people have mentioned, namespaces for user URLs solves this better.

[+] nikolay|8 years ago|reply
There used to be sane times where usernames were prefixed by a tilde in profile URLs...
[+] unquietcode|8 years ago|reply
Or: Why you should not put things like usernames at the top level of your domain. sheesh...
[+] katastic|8 years ago|reply
Look at reddit.

    reddit.com/r/subreddit

    reddit.com/user/my_user_name   (Why not u? I don't know.)
Pretty straight forward. There are also ones like subreddit statistics and they're all... after the name.

    reddit.com/r/subreddit/about/traffic
(Note: Public viewable stats are only turned on if the mods turn it on.)

[edit] Wait. Reddit removed user access site-wide to those pages? Morons. Well, the URL point still stands.

[+] _kst_|8 years ago|reply
The CSV version (with one field per line) is identical to the plain text version.
[+] soneil|8 years ago|reply
Interesting. I assumed it was just a generic parser, and the url fragments don’t contain anything that’d require any effort - but adding quoting, commas, tabs resulted in identical output too.