My (least) favorite in this category is email addresses. It’s astonishing how many developers screw this up by trying to validate an email address by some means other than sending a message to it.
100% agree.
™@tld
user-at-fqdn@domain.tld.
"user with spaces" .tld
"user@notdomain"@domain.tld
endswitha_@domain.tld
user+tag@gmail.com
unicodedomain@🤡.tld
All of those are valid, and the know-it-all developer’s shitty regex won’t cover most of them.
Except lots of email services won’t take a technically correct email anyway.
“Systems that break email already exist, so let’s add more to the world.”
Please, no.
The problem is that if you send a message just blindly, you can be tricked into sending spam to millions of addresses. I do one thing that prevents that, but does violate the standard, I verify there’s only 1 ‘@’ in the address… this technically prevents people with '@'s in their name, but they probably find it impossible to do anything with that address anyway.
One of the all-time classics! I think all devs should read this.
It’s solid but I’ve always preferred the similar list about date and time - some of the answers to this list are just “Yea, but what do you want us to call you.”