The registration process is really painful… Had to enter my data for every night in the hotel over and over again… And although it is a good idea security wise to block special characters in certain input fields, disallowing almost all non-[a-z,A-Z,0-9] characters seems a bit like overkill.
Example:
My company’s name is “Kuehne + Nagel (AG & Co.) KG” – for the registration form I had to boil it down to “Kuehne Nagel AG Co KG” and must now hope that nobody from corporate communications, legal or marketing department ever see this…
Apologies for the challenges in registering, however I’m glad you persevered! Unfortunately this was the best way we could shoehorn this into the registration process. Not optimal unfortunately, however it was the only way to ensure you guys had access to reasonably priced rooms due to a clash with Cambridge University graduation week.
Also – we’ve passed on the comments about the input validation to the OWASP team for discussion.
The registration process is really painful… Had to enter my data for every night in the hotel over and over again… And although it is a good idea security wise to block special characters in certain input fields, disallowing almost all non-[a-z,A-Z,0-9] characters seems a bit like overkill.
Example:
My company’s name is “Kuehne + Nagel (AG & Co.) KG” – for the registration form I had to boil it down to “Kuehne Nagel AG Co KG” and must now hope that nobody from corporate communications, legal or marketing department ever see this…
Hi Bjoern,
Apologies for the challenges in registering, however I’m glad you persevered! Unfortunately this was the best way we could shoehorn this into the registration process. Not optimal unfortunately, however it was the only way to ensure you guys had access to reasonably priced rooms due to a clash with Cambridge University graduation week.
Also – we’ve passed on the comments about the input validation to the OWASP team for discussion.
Best regards
AppSec Europe Admin Team