From e77ac5ee8fd93af49ee34c357365729550026e5d Mon Sep 17 00:00:00 2001
From: mikolaj widla <mikolaj.widla@gmail.com>
Date: Fri, 3 Mar 2023 10:21:47 +0100
Subject: [PATCH] Added validation on unsupported chars for UUID like "/<>?!"
 etc.

---
 .../src/main/resources/static/js/datatransfer.js   | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/Backend/mocked-services/src/main/resources/static/js/datatransfer.js b/Backend/mocked-services/src/main/resources/static/js/datatransfer.js
index aa34f86..63737fc 100644
--- a/Backend/mocked-services/src/main/resources/static/js/datatransfer.js
+++ b/Backend/mocked-services/src/main/resources/static/js/datatransfer.js
@@ -276,10 +276,18 @@ async function fetchUUIDCheck(givenUUID , strategy){
     return newUUID ;
 }
 
+function checkUUIDChars(uuid) { 
+    const regex = new RegExp("/^[A-z0-9-]+$/");
+    if(regex.test(uuid)){
+        return uuid ;
+    } 
+    return "invalid";
+ }
+
 function changeUUID(element){
 
     const uuidStrategy = $('input[name="uuid-validation-type"]:checked').val();
-    const givenUUID = element.value ;
+    const givenUUID = checkUUIDChars(element.value);
 
     if( givenUUID == clientUUID ){
         uuidChangeModalDisplay("noChg");
@@ -294,12 +302,12 @@ function changeUUID(element){
             changeMessage = "success";
         }
         clientUUID = data;
+        $("#uuid-input").attr("disabled", true);
+        $("#editable").attr("checked", false);
         
         uuidChangeModalDisplay(changeMessage);
         document.cookie = C_UUID + '=' + data ;
     } )
-    $("#uuid-input").attr("disabled", true);
-    $("#editable").attr("checked", false);
     loadCookies();
     refreshData();
 }