Bad Characters Properties

These properties configure bad characters, or characters that should not be used in specific instances.

If you want to change the default values, enter your changes in the emxSystem.properties page object. For more information, see Editing Properties Using MQL.

Some apps accept some of the special characters listed by default in these properties. These characters can be removed from the properties to allow users to enter them. For a list of the special characters accepted by a particular app, see the Administration Guide for that app.

Property Name Property Description Valid Values
emxFramework.Javascript.BadChars Defines characters that cannot be used in description, note and other text fields.

For example: emxFramework.Javascript.BadChars = < > \ [ ] |

List of characters separated by spaces
emxFramework.Javascript.NameBadChars Defines characters that cannot be used in name fields.

For example: emxFramework.Javascript.NameBadChars = " # $ @ % , * ? \ < > [ ] | : '

List of characters separated by spaces
emxFramework.Javascript.BadCharsForCheckinDesc Defines characters that cannot be used in check-in description fields. By default, this property does not specify any characters.

For example: emxFramework.Javascript.BadCharsForCheckinDesc = < > \ [ ] |

List of characters separated by spaces
emxFramework.Javascript.FileNameBadChars Defines characters that cannot be used in file name fields. If you remove a defined character, keep in mind that the operating system may not permit that character to be used as a file name.

For example: emxFramework.Javascript.FileNameBadChars = ' # $ @ & %

List of characters separated by spaces
emxFramework.Javascript.DelimiterBadChars Defines characters that cannot be used as delimiters.

For example: emxFramework.Javascript.DelimiterBadChars = ' $ \\\\ \\\"

List of characters separated by spaces
emxFramework.InputFilter.BadChars This property supports input filtering to prevent bad characters (characters that could be used for malicious purposes) from being stored in the database.

The 3DEXPERIENCE platform cannot filter out the &, ", %, and + symbols because they are used for specific functions.

Add any characters you want to filter from being stored in the database (characters that could cause security problems). Use a pipe | to separate the characters for this property.

For example: emxFramework.InputFilter.BadChars = <|>|"|'|%|;|)|(|-

List of characters separated by | symbols and no spaces
emxFramework.InputFilter.BadRegExp This property prevents bad regular expressions that could be used for malicious purposes from being stored in the database.

Add a pipe-separated list of regular expressions to be filtered from being stored in the database.

For example: 
(?is)prog(ram)?\\s*\\[.*\\]|(?is)exec(ute)?\\s*\\[.*\\]|(?is)eval.*\\(|(?s)".*\\*|(?s)'.*\\*|
(?s)\\<.*\\>|(?s)\\>.*\\<|(?is)\\/\\*|(?is)<!--|(?is)-->|(\\b)(on\\S+)(\\s*)=|(?i)\\\\x[a-f0-9]{2}|
(?i)\\\\u00[a-f0-9]{2}|(?is)[^:]\\/\\/

If you enable input filtering in web.xml, you should add the above value to this property.

List of regular expressions separated by | symbols
emxFramework.InputFilter.ExcludeParameters This property supports input filtering to prevent bad characters (characters that could be used for malicious purposes) from being stored in the database. Several properties require the use of characters that are normally considered "bad". This property allows you to list the parameters you want to exclude from input filtering on bad characters. You should not remove any parameters from this property; add any needed parameters (separate parameters with the | symbol).

For example: emxFramework.InputFilter.ExcludeParameters = treeLabel|contentURL|url

List of parameters separated by the | symbol and no spaces