Sanitizing Usernames to Prevent URL Encoding Exploits #1
If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).
Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?