If spammers can abuse something, they gonna abuse it

  • El Barto
    link
    411 months ago

    Never trusting user input, sure. That, I know. And probably the university’s devs do as well.

    However, it’s not the university’s website’s fault that the email client is converting the name to a link.

    So what you’re saying is, email clients should not convert link-like text to actual clickable links. Correct?

    • ares35
      link
      fedilink
      111 months ago

      the university’s form allowed the link or link-like string in the text field. that’s on them.

      mail clients should at least be warning users about links it converts from text into clickable markup. yes.

      • El Barto
        link
        110 months ago

        We’re going in circles. How do you know a name that looks like a link is actually a link or a real name?

        How do you solve that problem in a way that names that look like links are still accepted?

        Plus the way email clients parse plain text is not the university’s website’s responsibility. Today, it’s links. Tomorrow, it’s “embedded AI prompts” or “mini-QR codes,” or “new format telephone numbers,” etc.