runtime: RegularExpression validation does not handle \p{L} properly
I filed this bug against ASP.Net Core (https://github.com/aspnet/AspNetCore/issues/16904) and they seemed to think the problem was here in corefx.
Description
We are using the RegularExpressionAttribute to validate a Name field and want to handle more than ASCII characters. Using the regular expression @“[\p{L}\s-'.]+” works to match the strings we need. Example: “François O’Brian-McKay Jr.”
This works fine in a C# unit test but when deployed on the server it only validates the ‘L’ character and the punctuation.
To Reproduce
public class TestModel : PageModel
{
[RegularExpression(@"^[\p{L}\s-'\.]+$", ErrorMessage = "Invalid characters in name.")]
public string Name { get; set; }
}
Further technical details
- ASP.NET Core 2.1
.NET Core SDK (reflecting any global.json): Version: 2.1.400 Commit: 8642e60a0f
Runtime Environment: OS Name: Windows OS Version: 10.0.18362 OS Platform: Windows RID: win10-x64 Base Path: C:\Program Files\dotnet\sdk\2.1.400\
Host (useful for support): Version: 2.1.2 Commit: 811c3ce6c0
.NET Core SDKs installed: 2.1.400 [C:\Program Files\dotnet\sdk]
.NET Core runtimes installed: Microsoft.AspNetCore.All 2.1.2 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.All] Microsoft.AspNetCore.App 2.1.2 [C:\Program Files\dotnet\shared\Microsoft.AspNetCore.App] Microsoft.NETCore.App 2.1.2 [C:\Program Files\dotnet\shared\Microsoft.NETCore.App]
Unit test and work done in Microsoft Visual Studio Community 2017 Version 15.8.1
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 22 (16 by maintainers)
Maybe a good candidate for static analysis? I don’t know how easy it would be to detect that a particular attribute might end up being emitted as client-side validation, but assuming that’s detectable it should be straightforward to detect regex patterns that lose fidelity client-side.