You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by "Christian Næser Lindequist (JIRA)" <ji...@apache.org> on 2014/07/22 13:24:38 UTC
[jira] [Created] (TAP5-2362) Client and server side validation
using regular expressions is inconsistent
Christian Næser Lindequist created TAP5-2362:
------------------------------------------------
Summary: Client and server side validation using regular expressions is inconsistent
Key: TAP5-2362
URL: https://issues.apache.org/jira/browse/TAP5-2362
Project: Tapestry 5
Issue Type: Bug
Components: tapestry-core
Affects Versions: 5.4
Reporter: Christian Næser Lindequist
Priority: Critical
Client and server side validation using regular expressions is inconsistent: On the client side RegExp.test is used, which returns true if the pattern is found anywhere in the string, while on the server side Matcher.matches is used, which only returns true if the entire string matches the pattern. This leads to situations where the client side validation may succeed and then fail on the server side.
Proposed solutions:
# In the Regexp validator, replace matcher.matches() with matcher.find() to match the current behavior of client side validation, or
# Make sure that client side validation also matches the entire string
Option 1 may have more repercussions than option 2, because using Matcher.find() may cause strings that previously failed validation to succeed validation, unless the regex was already on the form "^pattern$".
--
This message was sent by Atlassian JIRA
(v6.2#6252)