Comment on page
Regular Expressions - Regex
Elements input validation. Available from Symphony v20.6 and above
Input validation is your first line of defense when creating a secure application.
Symphony Elements supports input validation using regular expressions (regex) for the
text field and text area elements.The regular expression pattern is validated on the front end by the Client. It is therefore critical to also validate the input in your code as well.
Regular expressions can cause performance issues in the Client if the validation of the regular expression is very complex. Poorly designed regular expressions can even cause denial of service (ReDoS). Please verify that your regular expressions are safe, using the following service: https://redos-checker.surge.sh/.
To prevent performance issues on the Client, a validation mechanism checks regular expressions to ensure they are safe. If the regular expression is unsafe, it is automatically disabled. In that situation, the user input will not be validated.
The following code snippets assumes that both
<text-field> and <textarea> elements are placed within the right messageML context : <messageML> + <form> including an action <button>.Note that the content of the regex has to be checked again on the bot side.
messageML
<!-- Validates a login -->
<text-field name="login" pattern="^[a-zA-Z]{3,}$" pattern-error-message="Login must contain at least 3 letters."></text-field>
<!-- Validates a decimal value, hint is not defined -->
<text-field name="price" pattern="^\d+,\d+$" pattern-error-message="This is an incorrect value."></text-field>
<!-- Validates a password -->
<text-field name="password" masked="true" pattern="^[a-zA-Z]\w{3,14}$" pattern-error-message="Your password is not strong enough."></text-field>
messageML
<!-- Validates that a line does not contain the word "badword" -->
<textarea name="justification" pattern="^((?!badword).)*$" pattern-error-message="Justification text must not contain the word 'badword'"></textarea>
Last modified 1yr ago