Comment 3 for bug 903232

Thanks for your input and interest. This morning I had a good discussion with the other swift core devs about this. The summary is that we'd be happy to review a patch for this. However, below is a more general response.

I agree that while this isn't an issue with swift directly, it could be an issue with people who use swift. I acknowledge the issue. But if someone is displaying or using user-generated content (including URLs), it must be sanitized. This is not unique to swift, of course. Not sanitizing user-generated content is a bad practice.

Secondly, adding a filter to entity names in swift can limit data portability. For example, if HP were to limit names and Rackspace does not, then Rackspace customers can't migrate to HP (but HP customers could easily migrate to Rackspace).

Also, adding in filtering to swift implies some level of liability. A provider enabling this feature would have to be careful with what is promised and implied. Where does it end? You can get to pretty silly extremes like adding virus scanning to each object.

All that being said, I think there are two ways to implement this, both of which we'd be happy to review for inclusion into swift. One is to add disallowed characters, substrings, or patterns into swift.common.constraints and then filet of PUTs. The other is to have a filter middleware that looks at each request for name validity. Either way, the feature must be toggle-able and default to off.

Overall, the swift core devs don't think this is a major issue that needs to be solved in swift itself. However, if you'd like to submit a patch, we wouldn't be opposed to seeing this sort of functionality available. We'd prefer to see the middleware patch rather than a constraints patch.