Re: Form name field restrictions

Martin_Arroyo1
Level 1

Form name field restrictions

Is it possible to make the following adjustment to the name fields on a form?

First / Last Name fields cannot include the following:

- Single characters

- Numbers

- Code

- Special characters

Tags (2)
5 REPLIES 5
Gerard_Donnell4
Level 10

Re: Form name field restrictions

I think a lot of these types of checks would involve javascript rather than Marketo system checks.  Sanford Whiteman​ would be the guy who could answer this best.

SanfordWhiteman
Level 10 - Community Moderator

Re: Form name field restrictions

Quite so, use the onValidate method to run values through custom regular expressions.

"Special characters" would need to be quantified but if you want to filter certain Unicode characters that's certainly possible.

However, you mention "code" and I'm assuming you are trying to combat XSS attacks. You cannot validate/sanitize input solely in JS. Any JS validation can be easily skipped and the value inserted into your db. If you want to filter it, you must do that using a webhook on the server side, and you should also escape any output that results from unfiltered input (WebSec 101, methinks).

JS validation is an effective measure against unskilled humans trying to enter junk data.  It's not a weapon against actual hackers.

Anonymous
Not applicable

Re: Form name field restrictions

In my previous company we have used a tool which was called by webhooks.

Pros

It protects your database from useless email addresses. i.e: mickeymouse@gmail.com or s@gmail.com

Validates email addresses and phone numbers and throws an error before information passes to SFDC and/or Marketo.

Cons

You can't use phone number extensions which are common in Europe.

It causes some delay on the form submission because it takes time to validate.

I hope it would be helpful

Sule

SanfordWhiteman
Level 10 - Community Moderator

Re: Form name field restrictions

In my previous company we have used a tool which was called by webhooks.

Webhooks are issued from one server to another server, not from browsers to servers.

You may mean a remote service that's called from the browser. In this case all validation can be easily skipped, as I noted above.

If you truly mean a webhook called from a Marketo flow, while such a step can't be skipped, you still can't "throw an error before information passes to SFDC and/or Marketo" -- as the webhook is only executed after data has been initially populated in Marketo. (If you use proxy fields as a form of sandboxing, you can stop the data from overwriting your production fields, but otherwise the data will have already overwritten existing values.)

Anonymous
Not applicable

Re: Form name field restrictions

Thanks Sanford for the clarification.