security breach in regexp.
make code not looking like PHP
If you don't mind expanding on this, what's the security breach? Your commit message and pull request comment lack some details.
@nirvdrum login can contain anything after \n line it should be \z instead of $ there
ok breakin news http://homakov.blogspot.com/2012/05/saferweb-injects-in-various-ruby.html we should use \z