All,
I am one of the architects behind a multi-language site using Struts 2. To
mitigate XSS exposure, defining a whitelist of allowable characters is the
normal approach, but seems to become a non-trivial exercise when supporting
multiple languages (we will be supporting 15). My understanding is using
POSIX based regular expressions allow combining language-specific character
sets in a single regular expression. This is my first foray into the
subject of multi-language validation, so I apologize in advance if this is
not the correct forum for these two questions:
First, does Struts 2 support POSIX regular expressions? I’ve tried a bunch
of attempts to just get a simple example working and have had little luck.
>From my research, I believe the following is expected to work:
<field-validator type="regex">
<![CDATA[\\p{Alpha}*]]>
<message>Invalid Field</message>
</field-validator>
Secondly, as a more general (and possibly non-Struts2 specific question),
has anyone had experience in implementing multi-language whitelists? The
information on the Internet is quite vague, so I’m not sure if this is still
a black art making people a bit more close-lipped on the subject.
Thanks!
Eric Getchell | Sr. Technologist
Distributed Logic Corporation
600 Unicorn Park
Woburn, MA 01801
Email: [EMAIL PROTECTED]
--
View this message in context:
http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp19844314p19844314.html
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
