我可以安全地将电子邮件地址视为小写吗?
理论上,电子邮件区分大小写。但是使用电子邮件作为系统登录我希望它们全部小写(即 [email protected] 和 [email protected] 不能是不同的用户)。
对于某些在电子邮件地址中区分大小写的用户来说,这会是一个问题吗? 有人使用它吗?有人使用它吗?
编辑:因为有很多“保存时保留大小写,登录时忽略”答案:如果我真的有两个不同的用户 john@smith 和 John@smith,这个系统就会崩溃,不是吗?
示例:john@smith 和 John@smith 的密码为 123。我如何知道哪一个刚刚通过了身份验证?
In theory emails are case sensitive. But using emails as system login I want them to be all lower case (i.e. [email protected] and [email protected] cannot be different users).
Can this be a problem for some users who use case sensitivity in their email address? Does somebody use it out there?
Edit: Because there are many "preserve case on save, ignore on login" answers: This system would break if I really had two different users john@smith and John@smith, wouldn't it?
Example: john@smith and John@smith have the password 123. How do I know which one just authenticated?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(8)
不要丢弃数据。完全按照收到的电子邮件地址或用户名进行存储,但修剪字符串的两端除外。
发送电子邮件时,请使用用户提供的外壳。仅仅因为区分大小写的情况很少,没有理由不处理它 - 否则用户不会收到邮件,甚至可能无法注册。
验证用户身份时,您可以选择对小写(或大写)字符串进行比较,以便忽略大小写。
因此,通过保留用户输入数据,您突然为自己提供了选择:是否在身份验证上进行区分大小写的比较,以及发送邮件时是否使用区分大小写的电子邮件地址。即使您现在不选择利用它们,保留数据的目的也是为了让您(或其他开发人员)能够在以后做出这些选择。
Don't throw away data. Store the email address or username exactly as you received it, with the exception of trimming both ends of the string.
When sending email, use the case that was supplied by the user. Just because case-sensitivity is rare is no reason to not handle it - otherwise that user gets no mail, and can possibly not even register.
When authenticating a user, you can optionally do a compare on lower case (or upper case) strings, so that the case is disregarded.
So, by preserving the user input data you have suddenly given yourself options: whether to do case-sensitive compares on authentication, and whether to use case-sensitive email addresses when sending mail. Even if you don't choose to avail yourself of them now, the purpose of preserving data is to allow you (or some other developer) to have those choices down the road.
根据 RFC 2821:
邮箱的本地部分必须区分大小写。因此,SMTP 实现必须注意保留邮箱本地部分的大小写。邮箱域不区分大小写。特别是,对于某些主机,用户“smith”与用户“Smith”不同。但是,利用邮箱本地部分的区分大小写会妨碍互操作性,因此不鼓励使用。
因此,虽然您可以区分大小写地对待电子邮件地址,但我们不鼓励您这样做。
According to RFC 2821:
The local-part of a mailbox MUST BE treated as case sensitive. Therefore, SMTP implementations MUST take care to preserve the case of mailbox local-parts. Mailbox domains are not case sensitive. In particular, for some hosts the user "smith" is different from the user "Smith". However, exploiting the case sensitivity of mailbox local-parts impedes interoperability and is discouraged.
So, while you can treat emails addresses with case sensitivity, you are discouraged from doing so.
我会按照用户输入的方式存储和显示地址,不仅因为 RFP 要求您必须尊重大小写,而且因为如果用户有偏好,我们应该尊重该偏好。这是他们的电子邮件地址。我不喜欢系统重新格式化我提供给他们的个人详细信息。例如,您会惊讶地发现有多少系统坚持称我为 Tj,这显然是错误的,而不是 TJ(感谢 SO 的正确称呼)。
因此,如果 John Smith 注册为
[电子邮件受保护],那么这就是 John Smith 希望查看他的电子邮件地址的方式(如果他有偏好的话)。我不会让其他人使用
[电子邮件受保护]
,因为它与其他帐户的地址相同的可能性是巨大的,但我不会关心用户的地址格式或其他详细信息。最多,如果他们对我大喊大叫,询问他们是否不喜欢更……温和的东西,我可能会提示他们。I'd store and display the address the way the user entered it, not only because the RFP says you have to respect case, but because if the user has a preference, we should respect that preference. It's their email address. I'm not a fan of systems reformatting the personal details I provide to them. For example, you'd be surprised how many systems insist on calling me Tj — which is clearly wrong — rather than T.J. (kudos to SO for getting it right).
So if John Smith signs up as
[email protected]
, then that's how John Smith wants to see his email address (if he has a preference). I wouldn't let someone else sign up with[email protected]
, because the odds are overwhelming that it's the same as the other account's address, but I wouldn't muck about with the user's formatting of their address or other details. At most I might prompt them if they give me a lot of ALL CAPS SHOUTING, asking if they wouldn't prefer something more...gentle.有些系统区分大小写。
我建议保留它,但忽略 Windows 文件系统。
即记得 john 注册了 [email protected] 但让他登录[电子邮件受保护],[电子邮件受保护] 或 [电子邮件受保护]。
它不太可能引起冲突,如果有人有区分大小写的电子邮件,我相信他们会意识到这一点。
Some systems are case sensitive.
I'd suggest it be preserved but ignored a la windows filesystems.
i.e. remember john signed up with [email protected] but let him log in as [email protected], [email protected] or [email protected].
It's unlikely to cause conflicts and if anyone has a case-sensitive email I'm sure they'll be aware of it.
是的,这是一个问题。我刚刚在 Linux 上做了一个小测试(运行 exim),只有大小写正确的邮件到达了邮箱...
我认为大多数商业邮件提供商都会规范所有电子邮件地址,但一般来说您必须使用正确的大小写!
Yes, that is a problem. I just made a little test on Linux (running exim) and only the mail with correct case reached the mailbox...
I think that most commercial mail providers normalize all email addresses but in general you have to use the correct case!
此链接表示“几乎没有任何电子邮件服务或 ISP 强制执行大小写敏感电子邮件地址”。
This link says that "hardly any email service or ISP does enforce case sensitive email addresses".
我不知道有什么实现可以区分具有相同字母但大小写不同的电子邮件地址。
我从来没有听说过仅仅因为案例错误而导致消息无法正确传输的情况。
I don't know of any implementation that distincts between email-addresses having the same letters but in different case.
I've never heard of a message not being transmitted correctly only because the cases were wrong.
如果您使用它作为系统登录,则不需要。通常(在谈论登录时),admin 和 Admin 是同一个人……JohnDoe 和 johndoe 也是如此……而且,使用允许区分大小写的电子邮件提供商的人数太少了。
If you're using it as a system login, no need. Usually (when talking about logins), admin and Admin are one and the same person ... so is JohnDoe and johndoe ... also , the number of people who use email providers that allow for case sensitivity is way, way too low.