You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tapestry.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2014/10/22 01:58:34 UTC

[jira] [Commented] (TAP5-2362) Client-side regular expression field validation should ensure that the entire value matches the pattern

    [ https://issues.apache.org/jira/browse/TAP5-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14179353#comment-14179353 ] 

ASF subversion and git services commented on TAP5-2362:
-------------------------------------------------------

Commit 57a8d25ddff8fe5edf102f5bf4e7fe324c409611 in tapestry-5's branch refs/heads/master from [~hlship]
[ https://git-wip-us.apache.org/repos/asf?p=tapestry-5.git;h=57a8d25 ]

TAP5-2362: Client-side regular expression field validation should ensure that the entire value matches the pattern


> Client-side regular expression field validation should ensure that the entire value matches the pattern
> -------------------------------------------------------------------------------------------------------
>
>                 Key: TAP5-2362
>                 URL: https://issues.apache.org/jira/browse/TAP5-2362
>             Project: Tapestry 5
>          Issue Type: Bug
>          Components: tapestry-core
>    Affects Versions: 5.4
>            Reporter: Christian Næser Lindequist
>            Assignee: Howard M. Lewis Ship
>
> Client and server side validation using regular expressions is inconsistent: On the client side RegExp.test is used, which returns true if the pattern is found anywhere in the string, while on the server side Matcher.matches is used, which only returns true if the entire string matches the pattern. This leads to situations where the client side validation may succeed and then fail on the server side.
> Proposed solutions:
> # In the Regexp validator, replace matcher.matches() with matcher.find() to match the current behavior of client side validation, or
> # Make sure that client side validation also matches the entire string
> Option 1 may have more repercussions than option 2, because using Matcher.find() may cause strings that previously failed validation to now succeed validation, unless the regex was already on the form "^pattern$". Option 1 also provides most flexibility, however, because it allows using regular expressions that match only part of the string.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)