You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tapestry.apache.org by "Christian Næser Lindequist (JIRA)" <ji...@apache.org> on 2014/07/22 13:24:38 UTC

[jira] [Created] (TAP5-2362) Client and server side validation using regular expressions is inconsistent

Christian Næser Lindequist created TAP5-2362:
------------------------------------------------

             Summary: Client and server side validation using regular expressions is inconsistent
                 Key: TAP5-2362
                 URL: https://issues.apache.org/jira/browse/TAP5-2362
             Project: Tapestry 5
          Issue Type: Bug
          Components: tapestry-core
    Affects Versions: 5.4
            Reporter: Christian Næser Lindequist
            Priority: Critical


Client and server side validation using regular expressions is inconsistent: On the client side RegExp.test is used, which returns true if the pattern is found anywhere in the string, while on the server side Matcher.matches is used, which only returns true if the entire string matches the pattern. This leads to situations where the client side validation may succeed and then fail on the server side.

Proposed solutions:
# In the Regexp validator, replace matcher.matches() with matcher.find() to match the current behavior of client side validation, or
# Make sure that client side validation also matches the entire string

Option 1 may have more repercussions than option 2, because using Matcher.find() may cause strings that previously failed validation to succeed validation, unless the regex was already on the form "^pattern$".



--
This message was sent by Atlassian JIRA
(v6.2#6252)