public string getValidInput(string context, string input, string type, int maxLength, Boolean allowNull)
{
StringValidationRule rvr = new StringValidationRule();
String p = "^[\\p{L}\\p{N}.]{0,1024}$";
if (p != null)
{
rvr.AddWhitelistPattern(p);
}
else
{
rvr.AddWhitelistPattern(type);
}
rvr.MaxLength = maxLength;
rvr.AllowNullOrEmpty = allowNull;
bool valid = rvr.IsValid(input);
IEncoder encoder = Esapi.Encoder;
String canonical = encoder.Canonicalize(input, true);
return canonical;
}
public void Test_StringRuleRange()
{
IValidator validator = Esapi.Validator;
// Test range
string id = Guid.NewGuid().ToString();
StringValidationRule rule = new StringValidationRule() { MinLength = 1, MaxLength = 10 };
validator.AddRule(id, rule);
Assert.IsTrue(validator.IsValid(id, "a"));
Assert.IsTrue(validator.IsValid(id, "1234567890"));
Assert.IsTrue(validator.IsValid(id, "12345"));
Assert.IsFalse(validator.IsValid(id, ""));
Assert.IsFalse(validator.IsValid(id, "12345678901"));
}
public void Test_StringRule()
{
IValidator validator = Esapi.Validator;
string id = Guid.NewGuid().ToString();
StringValidationRule rule = new StringValidationRule();
validator.AddRule(id, rule);
// Test valid
Assert.IsTrue(validator.IsValid(id, Guid.NewGuid().ToString()));
// Test allow null or empty
Assert.IsFalse(validator.IsValid(id, string.Empty));
Assert.IsFalse(validator.IsValid(id, null));
rule.AllowNullOrEmpty = true;
Assert.IsTrue(validator.IsValid(id, string.Empty));
Assert.IsTrue(validator.IsValid(id, null));
// Test whitelist
Assert.IsTrue(validator.IsValid(id, "abc"));
rule.AddWhitelistPattern("\\d+");
Assert.IsFalse(validator.IsValid(id, "abc"));
Assert.IsTrue(validator.IsValid(id, "123"));
// Test blacklist
rule.AddBlacklistPattern("1");
Assert.IsFalse(validator.IsValid(id, "123"));
Assert.IsTrue(validator.IsValid(id, "23"));
}