Regular Expression fails in IE, but works in Chrome and Firefox?

Question

I have the following asp.net markup:

<asp:TextBox ID="txtPassword" runat="server" TextMode="Password"   
ValidationGroup="passwordValidation"></asp:TextBox>

<asp:RequiredFieldValidator ID="RequiredFieldValidator1" runat="server" Display="Dynamic"
ControlToValidate="txtPassword" Text="Required" ValidationGroup="passwordValidation" />

<asp:RegularExpressionValidator runat="server" ControlToValidate="txtPassword"  
Text="Passwords should contain a minimum of 7 characters with at least one numeric 
character." ValidationExpression="^(?=.*\d{1})(?=.*[a-zA-Z]{2}).{7,}$"  
ValidationGroup="passwordValidation" Display="Dynamic"></asp:RegularExpressionValidator>

If I type in a password like test1234, it passes in chrome and firefox, but the message that my password should contain a minimum of 7 characters with at least one numeric character is shown in internet explorer

Answer 1

You're probably getting bitten by the infamous IE regex lookahead bug. You should be able to work around that by making the length check a lookahead like the other conditions, and putting it first.

^(?=.{7,}$)(?=.*\d)(?=.*[a-zA-Z]{2}).*

But I think I see another problem. (?=.*[a-zA-Z]{2}) matches two consecutive letters; is that really your intent? If you want to require at least two letters, but not necessarily consecutive, you should use (?=.*[a-zA-Z].*[a-zA-Z]).