Special Characters in CI Identities

When designing input validation for user-related fields, it's crucial to strike a balance between allowing flexibility for legitimate use cases and preventing security risks such as SQL injection, XSS (Cross-Site Scripting), and other forms of input-based attacks.

Here are some guidelines for special characters that should be allowed or disallowed in the user attributes field in the UI as well as from the browser’s developer console.

Username

Allowed Characters:

• Alphanumeric Characters: A-Z, a-z, 0-9

• Special Characters: Period (.), Underscore (_), Hyphen (-)

DisallowedCharacters:

• Whitespace: Spaces, tabs, etc.

• Special Characters (SQL and Scripting characters): Any special characters not explicitly allowed, such as !, @, #, $, %, ^, &, *, (, ), +, =, {, }, [, ], |, , :, ;, ", ', <, >, ?, /, etc.

First Names, Last Names and Full Names

Allowed Characters:

• Alphabetic Characters: A-Z, a-z Special Characters: Hyphen (-), Apostrophe (') Whitespace: Spaces (to allow for compound names like "Mary Jane" or "Jean-Luc")

Disallowed Characters:

• Special Characters: Any characters not explicitly allowed, such as !, @, #, $, %, ^, &, *, (, ), +, =, {, }, [, ], |, , :, ;, ", ', <, >, ?, /, etc.

Email Address:

Allowed Characters:

• Alphabetic Characters: A-Z, a-z Special Characters: Hyphen (-), At (@), Period (.), Underscore (_)

DisallowedCharacters:

• Whitespace Special Characters: Any characters not explicitly allowed, such as !, #, $, %, ^, &, *, (, ), +, =, {, }, [, ], |, :, ;, ", ', <, >, ?, /, etc.

Department

Allowed Characters:

• Alphanumeric(a-z, A-Z, 0-9)

• Spaces(for multiple-word department names)

• Hyphens(-)

• Underscores(_)

DisallowedCharacters:

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, #, $, %, ^, &, *, (, ), +, =, {, }, [, ],|, , :, ;, ", ', <, >, ?, /, etc.

Mobile Number

Allowed Characters:

• Numeric(0-9)

• Plus sign(+)

DisallowedCharacters:

• Alphabetic characters

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, #, $, %, ^, &, *, (, ), =, {, }, [, ], |,, :, ;, ", ', <, >, ?, /, etc.

Location

Allowed Characters:

• Alphanumeric(a-z, A-Z, 0-9)

• Spaces

• Commas (,)

• Hyphens(-)

Disallowed Characters:

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, #, $, %, ^, &, *, (, ), +, =, {, }, [, ],|, , :, ;, ", ', <, >, ?, /, etc.

Employee ID

Allowed Characters:

• Alphanumeric(a-z, A-Z, 0-9)

• Hyphens(-)

• DisallowedCharacters:

• Spaces

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, #, $, %, ^, &, *, (,), +, =, {, }, [, ],|, , :, ;, ", ', <, >, ?, /, etc.

Employee Type

Allowed Characters:

• Alphanumeric(a-z, A-Z, 0-9)

• Spaces

• Hyphens(-)

Disallowed Characters:

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, #, $, %, ^, &, *, (,), +, =, {, }, [, ],|, , :, ;, ", ', <, >, ?, /, etc.

Address

Allowed Characters:

• Alphanumeric(a-z, A-Z, 0-9)

• Spaces

• Commas (,)

• Periods(.)

• Hyphens(-)

• Hash (#)

DisallowedCharacters:

• SpecialCharacters: Any characters notexplicitly allowed, such as !, @, $, %, ^, &, *, +, =, {, }, [, ], |, , :,;, ", ', <, >, ?, /, etc.

Non-English Characters

Allow non-English characters such as letters with diacritics (e.g., á, é, ñ) in Cross Identity. Below are a few examples:

1. Cyrillic Script (used in Russian, Bulgarian, Serbian, etc.):

   Russian: Ж (Zh), Щ (Shch), Я (Ya)

   Bulgarian: Ъ (Hard sign), Ь (Soft sign), Ю (Yu)

2. DevanagariScript (used in Hindi, Marathi,Nepali, etc.):

   Hindi: भ (Bha), ध (Dha), ष (Sha)

3. Arabic Script (used in Arabic, Persian, Urdu, etc.):

   Arabic: خ (Kha), غ (Ghain), ق (Qaf)

   Persian: پ (Pe), چ (Che), گ (Gaf)

4. Hangul (used in Korean):

   Examples: 각 (Gak), 난 (Nan), 당 (Dang)

5. Kanji (used in Japanese along with Hiragana andKatakana):

   Examples: 水 (water), 火 (fire), 土 (earth)

6. ChineseCharacters (Traditionaland Simplified):

   Traditional: 漢 (Han), 龍 (Long), 蓮 (Lian) Simplified: 汉, 龙, 莲

7. HebrewScript:

   Examples: א (Aleph), ב (Bet), ג (Gimel)

8. GreekScript:

   Examples: α (Alpha), β (Beta), γ (Gamma)

9. Tamil Script (used in TamilNadu, India, and Sri Lanka):

   Examples: அ (A), இ (I), உ (U)

10. GeorgianScript:

    Examples: ა (An), ბ (Ban), გ (Gan)