“ethics aside” truly a starter for a qa
Ask Robert’); DROP TABLE Students; 's mum how it went.
Ah, little Bobby Tables we call him
I have an apostrophe and it’s super annoying as some companies see it as a SQL injection hack and sanitize it.
So I’ve received ID with Mc%20dole or they add a space in it. Or I’ll get a work email with an apostrophe but I cant use it anywhere because sites have it disabled. And I’ve missed my flight because I changed my ticket once to add the apostrophe and the system just broke at the gate.
Worse yet many flight companies have “you will not be able to board if your ID doesn’t exactly reflect your details” but their form doesn’t allow it. Even most forms for card payments don’t allow it even though it’s the name on my card.
%20 is encoded space if I remember right, so even then they were already incorrect
Yep, the apostrophe would be %27
So Mc%27dole
It sounds like maybe they sanitized the apostrophe to a space and then encoded it
I have an apostrophe and it’s super annoying as some companies see it as a SQL injection hack and sanitize it.
My surname contains a character that’s only present in the Polish alphabet. Writing my full name as is broke lots of systems, encoding, printed paperwork and even British naturalisation application on Home Office website. My surname was part of my username back at uni, and everytime I tried to login on Windows, it would crash underlying LDAP server, logging everyone in the classroom out and forcing ICT to restart the server.
everytime I tried to login on Windows, it would crash underlying LDAP server, logging everyone in the classroom out and forcing ICT to restart the server.
Now that’s the way to do it! Make it everybody’s problem, not just yours.
Always worth posting this classic.
There’s also the version with examples if you want to know exactly what and why it breaks.
And the git that collects all of these in one place, if you want to really nerd out.
Been there, seen that, had to deal with it. Now add the problem that there are people who don’t know their birth date or not even the f-ing year they were born in. And I’m not talking about someone from a lost tribe at the Amazonas.
Also relevant: https://www.wired.com/2015/11/null/
This is going to be bobby tables isn’t it?
Edit: It wasn’t?!
Lol I went through the exact same process.
Same shit with American custom forms. On the one hand, they threaten you with Armageddon if you fill out the form incorrectly, on the other hand, they only allow plain letters, numbers, and a handful of special characters. Nobody there has the capacity of the mind that maybe a name cannot be correctly represented with that tiny subset of characters. So it is simply impossible to fill out that form without breaking the law. And it is a customs form, so they should know that people filling it out are most likely foreigners.
you will not be able to board if your ID doesn’t exactly reflect your details"
Do they care about an apostrophe though? I can see any punctuation being a problem for systems.
I had to convince people to let me on board a plane because my name contain a swedish letter (å). Their computer system translated it into “aa”, which then didn’t match my passport.
That one I can actually see, having an extra letter that doesn’t match. Dropped punctuation or symbols (whatever the flair is called) though personally I wouldn’t care.
That’s the wrong way of looking at an å.
It’s not just an a with decoration. It actually has different pronunciation and is typically replaced with aa if no å is available. (I’m neither Swedish nor Norwegian, so not 100% sure, but it’s what happened to Erling Haaland).
Similarly, you would replace a German ä with ae. So if my name was Bäcker, it would be wrong to spell it Backer on a ticket. Baecker would be the way.
Yes I’m aware it’s not an a with decoration jfc. I’m saying for computer entries that garble things, I wouldn’t care about matching it up so perfectly (with dropped whatever those things are called) as to not allow someone to board a plane.
“Diacritics” is the word you are looking for.
And unfortunately the kind of people who decide whether people get to board a plane do care about that stuff.
Your name is transliterated in your passport? That’s on the Swedish authorities then.
No, my passport has my real name of course, with “å”. In the airport system and on the boarding pass my name was spelled with “aa”.
I’m amazed that none of your family members have run into the same problem. If I were you I would compare passports with my family.
I have an apostrophe
Scottish/Irish?
some companies see it as a SQL injection hack and sanitize it.
Which kind of apostrophe?
A straight apostrophe, fine - that can and does get used in valid SQL injection attacks. I would be disgusted at any input form that didn’t sanitize that.
But a curly apostrophe? Nothing should be filtering a curly apostrophe, as it has no function or use within SQL. So if you learn how to bring that up in alt codes (Windows, specifically), Key combos (Mac) or dead keys (Linux), as well as direct Unicode codes for most any Win/Mac/*Nix platform, you should be golden.
Unless the developer of that input form was a complete moron and made extra-tight validation.
Plus, knowing the inputs for a lot of extended UTF-8 characters not found on a normal keyboard is also a wee bit of a typing superpower.
Spent lots of effort to get names for my kids that avoid this. Swedish/French. It’s harder than it sounds.
… why are you putting an apostrophe in McDole? The O-apostrophe in Irish names is an anglicisation of Ó, eg. Ó Briain becomes O’Brien. Mac Dól would become MacDole/McDole.
Yeah fuck this guy for spelling his name the way it was given to him what an asshole
Probably some bureaucrat decades ago making an incorrect assumption that passed down through generations. Happened to my family. No Irish roots whatsoever, yet somehow we ended up with the annoying form-breaking apostrophe in our ‘legal’ name just because it begins with the letter ‘o’.
“Oscar??? Surely, you’re mistaken. I hereby decree your name to be O’Scar!” ~Arsehole circa 1937
Yep also happened to my family. There is a y in my family name, but that’s very uncommon in the Netherlands, my last name is of French origin. So some bureaucrat changed it to a Dutch y which is an ij and there was no time to correct it since my grandparents had to catch the boat to flee the former Dutch colony. Now my last name is constantly pronounced wrong. I’m probably going to change it in the future but in the Netherlands you are not allowed to change your name except for a few exceptions. And applying for a name change cost a lot of money and you won’t get it back if they reject it. So I probably have to get a lawyer to do it.
Yeah, I’ve considered a name change myself. Decided not to bother as it would mean every time I need to prove my identity to a government organisation I’d need to provide additional change of name documentation.
Government is hard enough to deal with as it is without adding an extra thing that needs to be assessed.
Hey Militant Left, just because every question directed at you assumes you are an asshole, doesn’t mean the same applies to questions to other people
Mc’Dole is what they said, not McDo’le.
Once I was tasked with doing QA testing for an app which was planned to initially go live in the states of Georgia and Tenessee. One of the required fields was the user’s legal name. I therefore looked up the laws on baby names in those two states.
Georgia has simple rules where a child’s forename must be a sequence of the 26 regular Latin letters.
Tenessee seemed to only require that a child’s name was writable under some writing system, which would imply any unicode code point is permissible.
At the time, I logged a bug that a hypothetical user born in Tenessee with a name consisting of a single emoji couldn’t enter their legal name. I reckon it would also be legal to call a Tenessee baby 'John '.
Sounds like you did a thorough job as a QA tester. As a software engineer, I love to see it.
By the time the app was due to go live, we’d only reported bugs with the signup and login flows. This was misinterpreted as there only being issues with the signup and login flows, and the app launched on time. In reality, it was impossible to get past the login screen.
And then let me guess… Of course the QA testers get the blame, when in reality it’s either management or marketing that wanted to pushe the app out.
Blaming us would be too close to root-cause analysis for them even to consider. We weren’t normally QA testers, but they’d left it until too late to hire internal QA, so roped in the developers (us) from a SaaS vendor their app replied on as emergency QA.
im sure the devs tasked at fixing that bug loved u ;-)
“We call her Carrie, because of the carriage return.”
You can also try to give the child NULL as middle name for additional fun.
someone tried that with their license plate, it turned out well: https://www.wired.com/story/null-license-plate-landed-one-hacker-ticket-hell/
edit: archive link
I just realized that the shitty software on the other side of the divide is casting
null
to ”null", which absolutely explains that issue. What a clusterYeah, I love to rag on languages with weak typing, because of the potential for a bug, but seeing it play out in reality, directly with user input, that’s certainly something else.
shudders in NodeJS
He is being too nice. He needs to get a lawyer and sue that shitty company for harassment and whatever else.
ETA: The US isn’t overly litigious. We are under litigious if anything.
Large corporations are overly litigious. Individuals can’t afford to be litigious enough.
Oh no, it gets worse:
Prank or not, Tartaro was playing with fire by going with NULL in the first place. “He had it coming,” says Christopher Null, a journalist who has written previously for WIRED about the challenges his last name presents. “All you ever get is errors and crashes and headaches.”
Archive link: https://archive.ph/o/Foe1r/https://www.wired.com/2015/11/null/
they should have just used rust smh
Yeah, this is his daughter
Hey “java.lang.NullPointerException” can I borrow your pen?
Ca\r\rie
Frontend devs hates this guy.
Still better than Jennifer Null I guess
C programmers would ask whether a null-terminated name would be acceptable
asking questions like this is how i found out that one of the allowed characters in names in my country is ÿ, which is fine in Latin-1 but in 7-bit ASCII is
DEL
.This sounds like it would create a whole list of fun and irritating edge conditions for some poor bugger to debug. Love it.
If someone else has to debug the problems caused by a parent naming their child with a special character, does that make the parent the bugger? 🤔
I can tell you that buggering is not how you become a parent.
How about featuring?
that’s amazing! Aren’t codecs fun
No, cause “John\nDoe” messes up my regex. Sorry, out of the question. I’m not good with regex.
no one is “good” with regex.
Then who’s coming up with all the bits that I copy/paste off the internet? The regex dragon?
they likely aren’t good regex’s ;P … anything with more than, say, 6 operators is probably missing an edge case or will be outdated in a year (and then it’s impossible to determine its original intention)
From what I’ve seen, it’s Cthulhu.
There was only one, we’re all still copying from him or her.
Apparently no-one did it yet, so I’ll name my child +++ATH0
Little Bobby Tables
It’s impossible to represent that on paper. It could be misrepresented as a specific number of spaces. Depending on the position on the paper, it may also be hard to tell if the carriage return comes with the line feed. Unless you want the document to be in ASCII or EBCDIC hex, it’s like writing an ambiguous math problem where the answer is different depending on how you were taught about the order of operations. Don’t do this to your kid, Abcde.
Not legal in Canada. Your legal name must use Latin characters only. This is a sore point for indigenous people.
Hello my name is JohnDoe. My name only contains Latin characters, no spaces allowed.
Ah, but you see, “John” and “Doe” are two names - first and last - and when you say “My name is”, you’re really listing out your names, with spaces inbetween!
But then there’s hyphenated names, and I have no idea how those are treated.
"John Doe"
vs["John", "Doe"]
vs{"firstName":"John", "lastName":"Doe"}
console.log(Object.values(name).join("\n"));
Could be…“Jondo” like, a mononym hahaha.
The Romans also had spaces in between words
But did they have lowercase?
EDIT: Hello my name is JOHN DOE. Only latin characters allowed
But did they have
lowercaseenglish language?Salve! John Doe nomen meum est.
Only latin
charactersallowed(That’s all the latin I remember from school back then)
I was under the impression that that was actually a medieval invention
This comment made me learn. Thank you.
What was used to delineate words before the space character, then?
The inscription on the Pantheon has dots between the words.
M·AGRIPPA·L·F·COS·TERTIVM·FECIT
Nothing but understanding of words and sentences. It was kind of a whole thing. The space character was revolutionary to increasing the spread of literacy. Relevant
Or for those that just want to read: https://en.wikipedia.org/wiki/Scriptio_continua
Did the Romans not use line breaks?
Blank spaces arent characters by definition as they’re the space that allows the letters to exist
Deep. Is Python a form of Jazz?
Yes, and YAML is a war crime.
No, they didn’t even use the space to separate words. Take a look at any Roman inscription in Italy, there are no spaces between the words (just like there are no silent pauses between spoken words).
boustrophedon must make a comeback
Which is both entirely understandable, and also tragic because Canada’s indigenous written characters are so cool. :D
But also, it’s gotta be neat having a name among your people, that “the state” has nothing to do with…
Sibling of Bobby Drop Tables
Y’all need to learn how to sanitize your inputs!
That’s easy, just call it Jhon\nDoe
John\0Doe will fuck with all C (and C based derivatives) software that touches it.
Nah, it will end up simply as “John” in the database. You need “John%sDoe” to crash C software with unsafe printf() calls, and even then it’s better to use several “%s”
C and C derivatives will be fine unless they’re fucking up encoding.
Which rarely, if ever, happens. Especially with US software.
With an address in 's-Hertogenbosch to help people who are lazy about escaping.