All, I am one of the architects behind a multi-language site using Struts 2. To mitigate XSS exposure, defining a whitelist of allowable characters is the normal approach, but seems to become a non-trivial exercise when supporting multiple languages (we will be supporting 15). My understanding is using POSIX based regular expressions allow combining language-specific character sets in a single regular expression. This is my first foray into the subject of multi-language validation, so I apologize in advance if this is not the correct forum for these two questions:
First, does Struts 2 support POSIX regular expressions? I’ve tried a bunch of attempts to just get a simple example working and have had little luck. >From my research, I believe the following is expected to work: <field-validator type="regex"> <![CDATA[\\p{Alpha}*]]> <message>Invalid Field</message> </field-validator> Secondly, as a more general (and possibly non-Struts2 specific question), has anyone had experience in implementing multi-language whitelists? The information on the Internet is quite vague, so I’m not sure if this is still a black art making people a bit more close-lipped on the subject. Thanks! Eric Getchell | Sr. Technologist Distributed Logic Corporation 600 Unicorn Park Woburn, MA 01801 Email: [EMAIL PROTECTED] -- View this message in context: http://www.nabble.com/Using-POSIX-Regular-Expressions-for-Internationalized-Validation-tp19844314p19844314.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]