-
-
Notifications
You must be signed in to change notification settings - Fork 6
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Any option to specify the Symbols? #5
Comments
Hello, there is no option to specify which special characters should be allowed at the moment. |
Okay, thanks for the prompt response @knicola 🚀 |
I can't think of a valid reason why limit which symbols one can pick for their password so I'll be closing this ticket for now. |
Commenting cause I've found a reason that might be valid enough to consider 😄 @knicola The regex in Cognito uses the same subset as OWASP proposes (^ $ * . [ ] { } ( ) ? - " ! @ # % & / \ , > < ' : ; | _ ~ ` + = and spaces). If there was a way to pass a regex or subset of symbols, it could be used with applications using AWS services on the backend. Of course, I can always use regex with |
Thank you for reporting this @ada-cienciala ! That is indeed good enough reason to reconsider my decision. I'll look into it once I find a free moment. Feel free to suggest ideas on what should the API look like and/or provide a PR if interested. |
Sorry for the delay, I'm slowly getting to this. Just wanted to drop a note here for anyone wanting to limit input to OWASP-friendly symbols, such as Cognito users: I think limiting input to ASCII (non-control) characters should be enough, ie I could perhaps add a helper method to limit input to ascii only, ie |
Hi,
Any option to specify which "Symbols" or "Special Characters" to be allowed?
The text was updated successfully, but these errors were encountered: