id summary reporter owner description type status component version severity resolution keywords cc stage has_patch needs_docs needs_tests needs_better_patch easy ui_ux 17386 Validation & Unicode Character 'ZERO WIDTH SPACE' (U+200B) Raymond Penners nobody "Once in a while users somehow manage to inject e-mail addresses into the system containing unicode zero width space characters. I am not sure how they do it -- it probably happens when copy/pasting from a document of some sorts. Nevertheless, form validation does not reject such e-mail addresses: {{{ >>> from django.core.validators import validate_email >>> email=u'test@hotmail.co\u200bm' >>> validate_email(email) >>> # No ValidationError ? }}} These e-mail addresses get accepted and cause trouble later on (try sending mail to them, or hashing them for gravatar uses). Either: a) Raise a ValidationError for such e-mail addresses, or b) Automatically strip this character Downside of a) is that the user is most likely unaware of this invisible character. He wouldn't know what character to remove where, even if instructed by an error message. " Uncategorized closed Forms 1.3 Normal wontfix Unreviewed 0 0 0 0 0 0