Re: [Django] #36452: DomainNameValidator forbids digits in TLDs

Wed, 11 Jun 2025 11:49:26 -0700 

#36452: DomainNameValidator forbids digits in TLDs
-----------------------------------+--------------------------------------
     Reporter:  Shai Berger        |                    Owner:  (none)
         Type:  Bug                |                   Status:  closed
    Component:  Core (Other)       |                  Version:  dev
     Severity:  Normal             |               Resolution:  invalid
     Keywords:  validation domain  |             Triage Stage:  Unreviewed
    Has patch:  0                  |      Needs documentation:  0
  Needs tests:  0                  |  Patch needs improvement:  0
Easy pickings:  1                  |                    UI/UX:  0
-----------------------------------+--------------------------------------
Changes (by Mike Edmunds):

 * resolution:  needsinfo => invalid

Comment:

 Replying to [comment:2 Sarah Boyce]:
 > Before we continue, I think we should get confirmation that tlds like
 `com1` are valid

 I believe `com1` is [https://stackoverflow.com/questions/9071279/number-
 in-the-top-level-
 
domain/53875771#53875771:~:text=Specially%20note%20the%3A%20The%20ASCII%20label%20must%20consist%20entirely%20of%20letters%20(alphabetic%20characters%20a%2Dz)
 not a valid TLD] under current ICANN rules. Since ICANN decides what's a
 valid gTLD, their policies override whatever RFC 1035 may seem to allow.

 There's a pretty thorough review here:
 https://stackoverflow.com/questions/9071279/number-in-the-top-level-
 domain/53875771.

 That said, I haven't personally reviewed RFC 1035 and all 29(!) RFCs that
 modify it. The ICANN gTLD policies are from 2012; there's a new gTLD
 policy in draft form now, and I haven't reviewed that either. So if
 someone finds a newer policy that would allow digits in TLDs—or better
 yet, real-world evidence of a (non-IDNA) TLD containing digits—then we
 should revisit this.

 The exception, as Sarah noted, is an IDNA-encoded TLD starting with
 `xn--`. ICANN allows those, and so does Django's DomainNameValidator.

 (Also, I suppose there could be ''internal-use-only'' TLDs containing
 digits, which ''might'' be valid under the RFCs but wouldn't be usable on
 the public Internet. That seems pretty niche, and anyone having that use
 case could subclass Django's DomainNameValidator to cover it.)
-- 
Ticket URL: <https://code.djangoproject.com/ticket/36452#comment:3>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To view this discussion visit 
https://groups.google.com/d/msgid/django-updates/010701975ff97012-8e8139c9-bd67-4f1a-a80b-3b425bcfdc3e-000000%40eu-central-1.amazonses.com.

Reply via email to