43691

Regular expression to match French and German characters

Question:

I am parsing the request parameters to find any vulnerable characters to prevent XSS threats. Our web application supports both French and German languages other than English. I am using the following regular expression to achieve this, but it fails to handle French and German

^[a-zA-Z0-9\r\n\\-=\\*\\.\\?;,+\\/:&_ %@#]*$

Any suggestions on this is highly appreciated

Answer1:

<a href="http://download.oracle.com/javase/6/docs/api/java/util/regex/Pattern.html" rel="nofollow">\p{L} will match any unicode character that is a letter</a>.

Answer2:

Try [\p{Latin}\p{Punctuation}\p{Math_Symbol}] or add more character classes. Have a look <a href="http://www.regular-expressions.info/unicode.html#prop" rel="nofollow">here</a> for other unicode character classes.

Answer3:

I know this is an old question.

But hope it helps someone out there! you can try this regex:

([\u0020-\u007e\u00a0-\u00ff\u0100-\u017F]+)

Basically it should match all the Latin and extended Latin characters, including numbers, feel free to remove the unicode characters as necessary. I would say that this would be the surest way of getting it right for all your scenarios.

References:

<ul><li><a href="http://unicode.org/charts/PDF/U0000.pdf" rel="nofollow">http://unicode.org/charts/PDF/U0000.pdf</a></li> <li><a href="http://unicode.org/charts/PDF/U0080.pdf" rel="nofollow">http://unicode.org/charts/PDF/U0080.pdf</a></li> <li><a href="http://unicode.org/charts/PDF/U0100.pdf" rel="nofollow">http://unicode.org/charts/PDF/U0100.pdf</a></li> </ul>

Recommend

  • How does ASM knows an arithmetic operation is signed or unsigned?
  • Azure DocumentDB Owner resource does not exist
  • Spring boot taglibs
  • assign select initial value in angular4
  • Angular4 refresh page repeats page in url
  • Confused on how to find c and k for big O notation if f(x) = x^2+2x+1
  • how to redirect. old url to new url. [Laravel, htacces]
  • Normal Query on Cassandra using DataStax Enterprise works, but not solr_query
  • What is the difference between 'import' and 'require' in JavaScript?
  • Textarea toolbar?
  • Variable amount of columns returned in mysqli prepared statement
  • Spring Security sec:authorize tag using Java Config
  • Copy file names from one folder to another while keeping the original extensions
  • CSS button not styling
  • how can i open a webpage in a webview from a fragment with buttons?
  • Using simplemodal with wordpress
  • How can I know the service name?
  • Two instances of blur.js possible?
  • Encode string to Base64 in Inno Setup (Unicode Version of Inno Setup)
  • MySql tables, error #1064 & error #1068 Multiple primary key defined [closed]
  • Migrating MOSS 2007 from SQL 2000 to SQL 2005 [closed]
  • handlers inside a component invoking eachothers code by mistake
  • In Moment.js, how do you get the date of the next occurrence of a specific month (ex: 'next Jan
  • date changes on export kendoGrid
  • Nested AJAX Calls using .done
  • Dynamically change JavaFX css property
  • Visual Studio MSB3721 error when compiling a __device__ function call from another file
  • Error processing job: Project has not enabled BigQuery
  • How can i use JQuery fadeTo() in IE 7?
  • Unable to connect to AWS RDS through PDO
  • Delete a ListItem by clicking the ImageView within the ListItem
  • Issue with Terrain Collision using Three.js
  • First dynamically-added TinyMCE editor displays, others do not
  • Splitting ReportLab table across PDF page (side by side)?
  • How to use Flask's render_template from an ajax POST form submit
  • Year over Year Stats from a Crossfilter Dataset
  • Ruby regex for matching simpliest Ruby's regexes
  • Why is ordered choice in pyparsing failing for my use case?
  • Cloud Code: Creating a Parse.File from URL
  • Google App Engine Datastore: Dealing with eventual consistency