Skip to content
This repository has been archived by the owner on Jun 1, 2022. It is now read-only.

Validate that field name and example strings are valid #45

Open
erinknight242 opened this issue Sep 18, 2019 · 1 comment
Open

Validate that field name and example strings are valid #45

erinknight242 opened this issue Sep 18, 2019 · 1 comment
Labels
enhancement New feature or request .NET Pull requests that update .net code

Comments

@erinknight242
Copy link
Collaborator

As a user, I can currently enter free text into the "Add new field" window when defining a new contract. These field names are used as javascript property names, as well as displayed to the user. Update the ValidationExtensions.cs to ensure that a contract string is invalid if the property name or example aren't valid strings. You'll likely want to define a safe regex to check it against.

Things to consider:
SQL injection?
Spaces in property names? might be weird; think about messaging, and what property names for an object can be
invalid special characters for object names
first character of property name must be a letter or underscore (check rules for C# property names)
"Example" field string is more lax, but still should prevent something totally wacky

If an invalid string is found, it should return a helpful failure message, like:
"5MyCoolField" is not a valid property name.

@erinknight242
Copy link
Collaborator Author

Kiet already did some work on this on CT-128; check for an old branch to pick up where he left off.

@erinknight242 erinknight242 added .NET Pull requests that update .net code enhancement New feature or request labels Sep 18, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement New feature or request .NET Pull requests that update .net code
Projects
None yet
Development

No branches or pull requests

1 participant