Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 3239eb8

Browse filesBrowse files
asisptsasispts
committed
Allow more permissive form input name
1 parent db21ee4 commit 3239eb8
Copy full SHA for 3239eb8

File tree

3 files changed

+70
-47
lines changed
Filter options

3 files changed

+70
-47
lines changed

‎src/Symfony/Component/Form/FormConfigBuilder.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Form/FormConfigBuilder.php
+3-3Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -632,7 +632,7 @@ public function setIsEmptyCallback(?callable $isEmptyCallback): static
632632
final public static function validateName(?string $name): void
633633
{
634634
if (!self::isValidName($name)) {
635-
throw new InvalidArgumentException(sprintf('The name "%s" contains illegal characters. Names should start with a letter, digit or underscore and only contain letters, digits, numbers, underscores ("_"), hyphens ("-") and colons (":").', $name));
635+
throw new InvalidArgumentException(sprintf('The name "%s" contains illegal characters or equals to "isindex". Names should only contain letters, digits, underscores ("_"), hyphens ("-") and colons (":").', $name));
636636
}
637637
}
638638

@@ -642,12 +642,12 @@ final public static function validateName(?string $name): void
642642
* A name is accepted if it
643643
*
644644
* * is empty
645-
* * starts with a letter, digit or underscore
646645
* * contains only letters, digits, numbers, underscores ("_"),
647646
* hyphens ("-") and colons (":")
647+
* * is not equal to "isindex"
648648
*/
649649
final public static function isValidName(?string $name): bool
650650
{
651-
return '' === $name || null === $name || preg_match('/^[a-zA-Z0-9_][a-zA-Z0-9_\-:]*$/D', $name);
651+
return ('' === $name || null === $name || preg_match('/^[a-zA-Z0-9_\-:]*$/D', $name)) && 'isindex' !== $name;
652652
}
653653
}

‎src/Symfony/Component/Form/Tests/ButtonBuilderTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Form/Tests/ButtonBuilderTest.php
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ public function testValidNames($name)
4242
public function testNameContainingIllegalCharacters()
4343
{
4444
$this->expectException(InvalidArgumentException::class);
45-
$this->expectExceptionMessage('The name "button[]" contains illegal characters. Names should start with a letter, digit or underscore and only contain letters, digits, numbers, underscores ("_"), hyphens ("-") and colons (":").');
45+
$this->expectExceptionMessage('The name "button[]" contains illegal characters or equals to "isindex".');
4646

4747
$this->assertInstanceOf(ButtonBuilder::class, new ButtonBuilder('button[]'));
4848
}

‎src/Symfony/Component/Form/Tests/FormConfigTest.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/Form/Tests/FormConfigTest.php
+66-43Lines changed: 66 additions & 43 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,7 @@
1313

1414
use PHPUnit\Framework\TestCase;
1515
use Symfony\Component\EventDispatcher\EventDispatcher;
16+
use Symfony\Component\Form\Exception\InvalidArgumentException;
1617
use Symfony\Component\Form\FormConfigBuilder;
1718
use Symfony\Component\Form\NativeRequestHandler;
1819

@@ -21,56 +22,78 @@
2122
*/
2223
class FormConfigTest extends TestCase
2324
{
24-
public static function getHtml4Ids()
25+
public static function provideInvalidFormInputName(): iterable
2526
{
26-
return [
27-
['z0'],
28-
['A0'],
29-
['A9'],
30-
['Z0'],
31-
['#', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
32-
['a#', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
33-
['a$', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
34-
['a%', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
35-
['a ', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
36-
["a\t", 'Symfony\Component\Form\Exception\InvalidArgumentException'],
37-
["a\n", 'Symfony\Component\Form\Exception\InvalidArgumentException'],
38-
['a-'],
39-
['a_'],
40-
['a:'],
41-
// Periods are allowed by the HTML4 spec, but disallowed by us
42-
// because they break the generated property paths
43-
['a.', 'Symfony\Component\Form\Exception\InvalidArgumentException'],
44-
// Contrary to the HTML4 spec, we allow names starting with a
45-
// number, otherwise naming fields by collection indices is not
46-
// possible.
47-
// For root forms, leading digits will be stripped from the
48-
// "id" attribute to produce valid HTML4.
49-
['0'],
50-
['9'],
51-
// Contrary to the HTML4 spec, we allow names starting with an
52-
// underscore, since this is already a widely used practice in
53-
// Symfony.
54-
// For root forms, leading underscores will be stripped from the
55-
// "id" attribute to produce valid HTML4.
56-
['_'],
57-
// Integers are allowed
58-
[0],
59-
[123],
60-
// NULL is allowed
61-
[null],
62-
];
27+
yield ['isindex'];
28+
29+
yield ['#'];
30+
yield ['a#'];
31+
yield ['a$'];
32+
yield ['a%'];
33+
yield ['a '];
34+
yield ["a\t"];
35+
yield ["a\n"];
36+
// Periods are allowed by the HTML4 spec, but disallowed by us
37+
// because they break the generated property paths
38+
yield ['a.'];
6339
}
6440

6541
/**
66-
* @dataProvider getHtml4Ids
42+
* @dataProvider provideInvalidFormInputName
6743
*/
68-
public function testNameAcceptsOnlyNamesValidAsIdsInHtml4($name, $expectedException = null)
44+
public function testInvalidFormInputName(string $name)
6945
{
70-
if (null !== $expectedException) {
71-
$this->expectException($expectedException);
72-
}
46+
$this->expectException(InvalidArgumentException::class);
47+
$this->expectExceptionMessage(sprintf('The name "%s" contains illegal characters or equals to "isindex". Names should only contain letters, digits, underscores ("_"), hyphens ("-") and colons (":").', $name));
7348

49+
new FormConfigBuilder($name, null, new EventDispatcher());
50+
}
51+
52+
public static function provideValidFormInputName(): iterable
53+
{
54+
yield ['z0'];
55+
yield ['A0'];
56+
yield ['A9'];
57+
yield ['Z0'];
58+
yield ['a-'];
59+
yield ['a_'];
60+
yield ['a:'];
61+
// Contrary to the HTML4 spec, we allow names starting with a
62+
// number, otherwise naming fields by collection indices is not
63+
// possible.
64+
// For root forms, leading digits will be stripped from the
65+
// "id" attribute to produce valid HTML4.
66+
yield ['0'];
67+
yield ['9'];
68+
// Contrary to the HTML4 spec, we allow names starting with an
69+
// underscore, since this is already a widely used practice in
70+
// Symfony.
71+
// For root forms, leading underscores will be stripped from the
72+
// "id" attribute to produce valid HTML4.
73+
yield ['_'];
74+
// Integers are allowed
75+
yield [0];
76+
yield [123];
77+
// NULL is allowed
78+
yield [null];
79+
80+
// Allowed in HTML 5 specification
81+
// See: https://html.spec.whatwg.org/multipage/form-control-infrastructure.html#attr-fe-name
82+
yield ['_charset_'];
83+
yield ['-x'];
84+
yield [':x'];
85+
yield ['isINDEX'];
86+
87+
// This value shouldn't be allowed.
88+
// However, many tests in Form component require empty name
89+
yield [''];
90+
}
91+
92+
/**
93+
* @dataProvider provideValidFormInputName
94+
*/
95+
public function testValidFormInputName(string|int|null $name)
96+
{
7497
$formConfigBuilder = new FormConfigBuilder($name, null, new EventDispatcher());
7598

7699
$this->assertSame((string) $name, $formConfigBuilder->getName());

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.