Sanity Studio freezes when validating slug with custom regex

14 replies

Last updated: May 26, 2022

Hi,I am having some issues with the studio when validating a slug.
This is the code:

    {
      name: "slug",
      type: "slug",
      title: "Slug",
      validation: (Rule) =>
        Rule.custom((slug) => {
          if (typeof slug === "undefined") {
            return "Slug is required.";
          }
          const regex = /^[a-z]([a-z0-9/]*(?:-[a-z0-9]+)*)+$/;
          if (regex.test(slug.current)) {
            return true;
          }
          return "Not a valid slug.";
        }),
    },

The studio blows up the browser (completely freezes). Not sure how to debug it, and I didn't find a pattern when it blows up. It does not blow up, if the slug is simply invalid. More likely, it blows up, if the slug is invalid and gets a bit longer. But I have no idea.

AI Update

This is a known issue with certain regex patterns causing catastrophic backtracking, which completely freezes the browser. The problem occurs when the regex engine gets stuck trying to match invalid slugs, especially as they get longer.

The issue is with patterns like these:

/^[a-z]([a-z0-9/]*(?:-[a-z0-9]+)*)+$/
^[A-Za-z0-9]+(?:-[A-Za-z0-9]+)*$

These patterns have nested quantifiers (like * inside +) that cause exponential time complexity when matching fails. When you type something like lorem-ipsum-lorem-ipsum-lorem-ipsum- (ending with a dash), the regex engine tries countless possible ways to match the pattern, causing the freeze.

The solution is to rewrite your regex to avoid nested quantifiers. Based on the discussion thread, this pattern works well:

{
  name: "slug",
  type: "slug",
  title: "Slug",
  validation: (Rule) =>
    Rule.custom((slug) => {
      if (typeof slug === "undefined") {
        return "Slug is required.";
      }
      const regex = /^[a-z][a-z0-9]*((\/)|-)?[a-z0-9])*$/;
      if (regex.test(slug.current)) {
        return true;
      }
      return "Not a valid slug.";
    }),
}

This pattern:

Must start with a lowercase letter
Can contain lowercase letters or numbers
Allows / or - between letters/numbers
Doesn't have the nested quantifier problem

The key takeaway is to avoid patterns with nested repetition operators that can cause catastrophic backtracking. Test your regex patterns with tools like regex101.com to check for performance issues before using them in validation rules.

Show original thread

14 replies

But it is sure this code, because removing it fixes the freezing.

Hi User. Can you give an example of a slug that freezes the browser (and which browser/OS you’ve tried)?

Is it possible also that it's a semantic thing, and it's interpreting the semicolon as part of the regex?
I know that's not typically the case (like you have to take extra steps to include it as part of a pattern, probably for reasons of making sure it still treats it normally) but I thought it worth mentioning because no examples I can find seem to include it

The semicolon should be fine as it’s outside of the regex boundaries
I’m curious about the capturing and non-capturing groups and what they’re for; I can’t think of why you’d need to specify them as the only anticipated goal is a match (or not).

I figured as much with the slash; they aren't designed to not obey the rules at large, after all. Just trying to think outside the box 😃
I tested the pattern itself in a linter and it seems to be a viable format (it appears that way anyway, just seeing if there was a goof)

I have to imagine anything freeze-level would have logged an error in the console

This blew it up as an example:

lorem-ipsum-lorem-ipsum-lorem-ipsum-

It looks as though it is doing some heavy processing when the string becomes long and if it is invalid.

Yeh, the regex might not be best. Though I did not write it.
😄

I can't see anything in the console, because the browser isn't responding.

I have tried it with another slug regex I copied from stackoverflow:

^[A-Za-z0-9]+(?:-[A-Za-z0-9]+)*$

Still crashing. The regex may not be the problem.

Or maybe it is, but then it shouldn't crash.

Can you say in words what you want the regex to permit?

From your first example, it looks like you want slugs that contain lowercase letters, numbers, or dashes, but they must start with a lowercase letter or number. Is that accurate?

Not sure why, but apparently it was the regex.I wrote a different regex:

^[a-z][a-z0-9]*((\/|-)?[a-z0-9])*$

Now it is working.
Can have lowercase letters or numbers, but it can't start with a number. And allow

between letters/numbers.

Thank you for helping!

No problem! Glad you got it working!

Sanity – Build the way you think, not the way your CMS thinks

Sanity is the developer-first content operating system that gives you complete control. Schema-as-code, GROQ queries, and real-time APIs mean no more workarounds or waiting for deployments. Free to start, scale as you grow.

Get started for free Explore the demo

Sanity Studio freezes when validating slug with custom regex

Sanity – Build the way you think, not the way your CMS thinks

Was this answer helpful?