The Validation (Regex) field property allows you to define custom validation rules for field values using regular expressions (regex). You can use regex validation to ensure users enter values in a specific format, such as email addresses, URLs, phone numbers, IDs, or dates.
When a field value does not match the configured regex pattern, Contentstack displays a validation error and prevents users from saving the entry.
Use regex validation when you need to:
The Validation (Regex) property is available only for the following field types:
To configure regex validation for a field, log in to your Contentstack account and perform the following steps:
When users enter a value that does not match the configured pattern, Contentstack displays a validation error and prevents the entry from being saved.
The following examples demonstrate commonly used regex validation patterns.
Use the following regex pattern to validate email addresses:
^[a-zA-Z0-9+_.-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,3}$Use the following regex pattern to validate URLs:
^(http:\/\/|https:\/\/)?www\.[a-zA-Z0-9:?&=._/-]+\.[a-zA-Z]{2,3}$Use the following regex pattern to validate dates in the following formats:
This pattern also validates leap years.
^(?:(?:31(\/|-|\.)(?:0?[13578]|1[02]))\1|(?:(?:29|30)(\/|-|\.)(?:0?[1,3-9]|1[0-2])\2))(?:(?:1[6-9]|[2-9]\d)?\d{2})$|^(?:29(\/|-|\.)0?2\3(?:(?:(?:1[6-9]|[2-9]\d)?(?:0[48]|[2468][048]|[13579][26])|(?:(?:16|[2468][048]|[3579][26])00))))$|^(?:0?[1-9]|1\d|2[0-8])(\/|-|\.)(?:(?:0?[1-9])|(?:1[0-2]))\4(?:(?:1[6-9]|[2-9]\d)?\d{2})$Use the following recommendations when creating regex validation rules in Contentstack.
Avoid overly complex expressions with deeply nested groups or excessive repetition operators. Complex regex patterns can slow down validation and affect browser performance.
For example, avoid patterns such as:
^(a+)+$
Patterns like these can trigger excessive backtracking when validating long input strings.
Instead, use more specific and constrained patterns whenever possible.
Do not combine multiple repeating operators such as *, +, or {} inside nested groups unless necessary.
Problematic example:
(.+)+
Recommended approach:
.+
You can also define explicit character limits:
^[a-zA-Z0-9._-]{1,100}$Use anchors (^ and $) to validate the complete field value instead of partial matches.
Example:
^[a-zA-Z0-9._-]+$This ensures that the entire input matches the expected format.
Avoid broad wildcard patterns such as:
.*.*
These patterns increase the number of matching combinations the browser must evaluate.
Instead, define expected character sets explicitly wherever possible.
Before using a regex pattern in production, test it against:
Testing helps identify validation gaps and performance issues early.
Regex validation in Contentstack executes within the browser using the browser’s regular expression engine. Poorly optimized patterns can affect validation performance and responsiveness.
Inefficient regex patterns may:
Warning: Complex regex patterns combined with large input values can negatively affect browser performance during entry creation and editing.
When a regular expression contains complex matching logic or receives lengthy input strings, the browser may attempt millions of matching combinations while evaluating the validation rule. This behavior is known as catastrophic backtracking.
Catastrophic backtracking can:
To reduce the risk of catastrophic backtracking:
Poorly optimized regex patterns can also increase the risk of Regular Expression Denial of Service (ReDoS) attacks.
A ReDoS attack occurs when a malicious or extremely large input causes the regex engine to consume excessive processing time.
To reduce security risks:
Warning: Inefficient regex patterns may expose applications to performance degradation and denial-of-service scenarios when processing malicious input values.
Additional Resources:
Regex validation helps enforce structured and consistent field input across your content models. Well-designed regex patterns improve content quality, reduce invalid input, and support predictable data formatting.
When creating regex validation rules, prefer simple and specific patterns, test them thoroughly with realistic input values, and avoid overly complex expressions that may affect browser performance or introduce security risks.