"? I have this MVC application and I want to be able to allow the user to enter a username betwee...">
Clever Geek Handbook

Why doesn't MVC validation work for "<" and ">"?

I have this MVC application and I want to be able to allow the user to enter a username between 6 and 255 characters long, including special characters that I think are appropriate. I have a simple regex for this:

[RegularExpression(@"^([a-zA-Z0-9!\@#\$%\^&\(\)-_\+\.'`~/=\?\{\}\|]){6,255}$", ErrorMessageResourceType = typeof(AdminResource), ErrorMessageResourceName = "UserNameFormatError")]

Validation works to a certain extent. This will prevent you from entering a username of no more than 6 characters, and it will not allow you to enter more than 255, and it will also allow you to use all the special characters I have listed. Interestingly, however, this will also allow you to use "<" and ">" which I don't want to let them use because then you start getting some errors on the backend because the security stuff thinks you are trying to inject malicious code or w / e. As for the point, why does validation allow those to be used when not included in the regex?

+3


source share


1 answer


The devil seems to be the culprit. Except for the start of the group, it will represent the range. This way you resolve everything between )

and _

. You can run away or move him.



+3


source






More articles:


All Articles