Skip to content

html5 module has floating numbers detection weakness #482

New issue
New issue
Open
Open
html5 module has floating numbers detection weakness#482
Labels
BugFixed in next release
@samuelrobyr

Description

@samuelrobyr
samuelrobyr
opened on Aug 11, 2016

HTML5 module does not detect that the number can be a float if both min and max attributes are integers, e.g:

<input type="number" min="0" max="100" step="0.1">

The HTML5 module must also check the step attribute to detect if the number can be a float. The following modification of HTML5.js fix the weakness:

                case 'number':
                  validation.push('number');
                  var max = $input.attr('max'),
                    min = $input.attr('min'),
                    step = $input.attr('step');
                  if( min || max ) {
                    if ( !min ) {
                      min = '0';
                    }
                    if ( !max ) {
                      max = '9007199254740992'; // js max int
                    }
                    if ( !step ) {
                      step = '1'; // default value
                    }

                    attrs['data-validation-allowing'] = 'range['+min+';'+max+']';
                    if( min.indexOf('-') === 0 || max.indexOf('-') === 0 ) {
                      attrs['data-validation-allowing'] += ',negative';
                    }
                    if( min.indexOf('.') > -1 || max.indexOf('.') > -1 || step.indexOf('.') > -1 ) {
                      attrs['data-validation-allowing'] += ',float';
                    }
                  } else {
                    attrs['data-validation-allowing'] += ',float,negative';
                  }
                  break;

Metadata

Metadata

Assignees

No one assigned

    Labels

    BugFixed in next release

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions