erinknight242
commented
5 years ago Kiet already did some work on this on CT-128; check for an old branch to pick up where he left off.
Open erinknight242 opened 5 years ago
erinknight242
commented
5 years ago Kiet already did some work on this on CT-128; check for an old branch to pick up where he left off.
As a user, I can currently enter free text into the "Add new field" window when defining a new contract. These field names are used as javascript property names, as well as displayed to the user. Update the ValidationExtensions.cs to ensure that a contract string is invalid if the property name or example aren't valid strings. You'll likely want to define a safe regex to check it against.
Things to consider: SQL injection? Spaces in property names? might be weird; think about messaging, and what property names for an object can be invalid special characters for object names first character of property name must be a letter or underscore (check rules for C# property names) "Example" field string is more lax, but still should prevent something totally wacky
If an invalid string is found, it should return a helpful failure message, like:
"5MyCoolField" is not a valid property name.