create relation with holder- and contact-data, and search for contact emailAddress + relation mark #136
@ -36,9 +36,9 @@ public interface HsOfficeContactRbacRepository extends Repository<HsOfficeContac
|
||||
|
||||
static String emailRegEx(@NotNull String emailAddress) {
|
||||
// TODO.impl: find more secure solution, maybe we substitute a placeholder with the whole expression?
|
||||
if (emailAddress.contains("'") || emailAddress.endsWith("\\") ) {
|
||||
if (emailAddress.contains("'") || emailAddress.contains("\"") || emailAddress.endsWith("\\") ) {
|
||||
throw new ValidationException(
|
||||
"emailAddress contains invalid characters: " + emailAddress);
|
||||
"emailAddressRegEx contains invalid characters: " + emailAddress);
|
||||
}
|
||||
return emailAddress.replace("%", ".*"); // the JSON-matcher in PostgreSQL needs a wildcard
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user