Username ending with file extension is not allowed (#335278) · Issues · GitLab.org

Date: 2021-07-06T12:21:32Z

Location: gitlab.com

Summary

"Username ending with MIME type format is not allowed"

Can be problematic, especially for SSO/OAuth/SAML logins where the username is automatically defined

This issue is reproducible on on-premises and Gitlab.com (ex: with Google Login), either from the login page and/or when attempting to create the user manually from the Admin area.

-mov being a common family name suffix, it could cause a lot of issues in the future

Steps to reproduce

Try to login/create an user in Gitlab (on-premises/Gitlab.com) where the username ends with a MIME type format

What is the current bug behavior?

Username ending with MIME type format is not allowed

What is the expected correct behavior?

Username ending with MIME type format should be allowed to login and/or create account on Gitlab (on-premises/Gitlab.com)

Relevant logs and/or screenshots


Possible fixes

https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/user.rb#L2102

https://gitlab.com/gitlab-org/gitlab/-/blob/master/spec/models/user_spec.rb#L391

https://gitlab.com/gitlab-org/gitlab/-/blob/master/config/initializers/mime_types.rb#L14