Simple validation rules using rule editor | Community
Skip to main content
K
kolluax
Level 4
April 13, 2026
Solved

Simple validation rules using rule editor

  • April 13, 2026
  • 2 replies
  • 47 views

We are working in a headless setup and i am trying to stay away from writing any custom JS functions for form field validations due to security reasons.

For a simple rule example, prevent a Name field from accepting any special chars, i am unable to accomplish this entirely with rule editor. Tried many combinations and none worked. Have few similar use cases, where i need to use rule editor. i tried using “contains” but unable to find a way to concat multiple special chars.

Any rule that i can pass a regex to validate, example Account Number (custom xx-xxxxxx). In foundation, we used to have a way to pass Regex. In core, i only see few OOTB example SSN, Phone number, Email, Zip etc.

 

Best answer by Pranay_M

Hi ​@kolluax,

1. Current Limitations: Rule Editor vs Regex

Rule Editor in Core Components is intentionally expression-based, not regex-based:

  • It supports conditions like equalscontainsstartsWithendsWith, numeric comparison, etc.
  • It does not support arbitrary regex patterns as a first-class operator.
  • That means:
    • You cannot express a "no special characters" rule for a Name field in one expression the way you would with regex.
    • You also cannot define a custom pattern like xx-xxxxxx (Account Number) purely as a regex via Rule Editor.

For validation patterns, Core Components rely on either:

  1. Built‑in validation types (Email, Phone, SSN, Zip, etc.), or
  2. Custom validation (typically custom JS or server-side validation).

2. Name Field – "No Special Characters" Without Custom JS

If you absolutely must avoid custom JS:

  • You're limited to combinatorial logic in the Rule Editor, such as:

    • Rejecting certain characters with multiple contains checks, but this scales poorly and is brittle.
    • You'd need something like:
      • If Name contains @ or Name contains # or Name contains $ … → set error
    • This quickly becomes unmanageable and still won't behave like a proper regex (e.g., range-based classes like [A-Za-z ]+).

So realistically:

  • You can't cleanly achieve "no special characters" for Name purely with Rule Editor in a robust, maintainable way.
  • You either:
    • Accept a simpler "good enough" check with a few explicit forbidden characters, or
    • Introduce a central, vetted custom validation (e.g., a single shared JS validator or server-side validation) and lock it down via your security practices.

3. Account Number – Custom Pattern (e.g., xx-xxxxxx)

For patterns like xx-xxxxxx:

  • Foundation allowed you to specify a regex, and the browser‑side validator enforced it.
  • Core Components:
    • Give you some OOTB patterns (SSN, Phone, Email, Zip) as you noticed.
    • Do not expose a UI for arbitrary regex patterns for text fields.
    • Rule Editor cannot express "2 letters, dash, 6 digits" cleanly without regex.

Therefore:

  • You cannot replicate arbitrary regex patterns like xx-xxxxxx solely via Rule Editor in Core.
  • If you need strict pattern enforcement, your realistic options are:
    1. Custom validation logic (recommended, but written once and reused), or
    2. Backend/form-submission validation:
      • Accept any input in UI
      • Validate on submit server-side
      • Return a structured error to the headless consumer so they can display it.

Thanks
Pranay

2 replies

P
Adobe Employee
Pranay_MAdobe EmployeeAccepted solution
Adobe Employee
April 14, 2026

Hi ​@kolluax,

1. Current Limitations: Rule Editor vs Regex

Rule Editor in Core Components is intentionally expression-based, not regex-based:

  • It supports conditions like equalscontainsstartsWithendsWith, numeric comparison, etc.
  • It does not support arbitrary regex patterns as a first-class operator.
  • That means:
    • You cannot express a "no special characters" rule for a Name field in one expression the way you would with regex.
    • You also cannot define a custom pattern like xx-xxxxxx (Account Number) purely as a regex via Rule Editor.

For validation patterns, Core Components rely on either:

  1. Built‑in validation types (Email, Phone, SSN, Zip, etc.), or
  2. Custom validation (typically custom JS or server-side validation).

2. Name Field – "No Special Characters" Without Custom JS

If you absolutely must avoid custom JS:

  • You're limited to combinatorial logic in the Rule Editor, such as:

    • Rejecting certain characters with multiple contains checks, but this scales poorly and is brittle.
    • You'd need something like:
      • If Name contains @ or Name contains # or Name contains $ … → set error
    • This quickly becomes unmanageable and still won't behave like a proper regex (e.g., range-based classes like [A-Za-z ]+).

So realistically:

  • You can't cleanly achieve "no special characters" for Name purely with Rule Editor in a robust, maintainable way.
  • You either:
    • Accept a simpler "good enough" check with a few explicit forbidden characters, or
    • Introduce a central, vetted custom validation (e.g., a single shared JS validator or server-side validation) and lock it down via your security practices.

3. Account Number – Custom Pattern (e.g., xx-xxxxxx)

For patterns like xx-xxxxxx:

  • Foundation allowed you to specify a regex, and the browser‑side validator enforced it.
  • Core Components:
    • Give you some OOTB patterns (SSN, Phone, Email, Zip) as you noticed.
    • Do not expose a UI for arbitrary regex patterns for text fields.
    • Rule Editor cannot express "2 letters, dash, 6 digits" cleanly without regex.

Therefore:

  • You cannot replicate arbitrary regex patterns like xx-xxxxxx solely via Rule Editor in Core.
  • If you need strict pattern enforcement, your realistic options are:
    1. Custom validation logic (recommended, but written once and reused), or
    2. Backend/form-submission validation:
      • Accept any input in UI
      • Validate on submit server-side
      • Return a structured error to the headless consumer so they can display it.

Thanks
Pranay

    K
    kolluaxAuthor
    Level 4
    April 15, 2026

    Thanks ​@Pranay_M . Since we wanted AEM to be in control of validations, we have decided to share the JS functions as a npm web package, that React can use. Hope this is a recommended approach considering our use case.

    Terms & ConditionsAccessibility statement

    Loading footer...