I am parsing the request parameters to find any vulnerable characters to prevent XSS threats. Our web application supports both French and German languages other than English. I am using the following regular expression to achieve this, but it fails to handle French and German
^[a-zA-Z0-9\r\n\\-=\\*\\.\\?;,+\\/:&_ %@#]*$
Any suggestions on this is highly appreciated
Try [\\p{Latin}\\p{Punctuation}\\p{Math_Symbol}]
or add more character classes. Have a look here for other unicode character classes.
I know this is an old question.
But hope it helps someone out there! you can try this regex:
([\ -\~\ -\ÿ\Ā-\ſ]+)
Basically it should match all the Latin and extended Latin characters, including numbers, feel free to remove the unicode characters as necessary. I would say that this would be the surest way of getting it right for all your scenarios.
References:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.