I am making a digital form that takes the users input and uses it to make an API call. To avoid injection attacks, I want to prevent the user from inputting any special characters. All I want them to be able to input is the standard alphabet, and numbers. However, none of the validation options seem to satisfy that. If I set up the validation to only accept alphanumeric characters, it allows all all special characters as long as there’s a normal letter and number:
What validation rules do I need to use to forbid all special characters?
@shaun.birch ,
We have tested the digital form field text with the above-mentioned validation rule and we could observe that entering the special characters is being allowed in the text box but when you click on submit button of the form or tab to another field on the form, a validation error is thrown against the field.
Ideally, the validation rules are checked when submitting the form or after tabbing out from the field, but not on every key press in the text field.
Let us know if you need any further clarification.
Regards,
Yoga Ramya,
Kore Support.
In your example, you don’t have a number in your input. If you put both an alphabetic character and a number, it will still show as valid when you hit submit even if you have special characters.
@shaun.birch ,
Thank you for the clarification.
We are able to replicate the issue and we will take it forward.
We will keep you posted further.
Regards,
Yoga Ramya,
Kore Support.
