Version 1.34.2 | Production Ready | Thread-Safe Operations
The Supabase UE5 Plugin provides comprehensive data validation across all async operations and persistence components. This system ensures data integrity, prevents SQL injection attacks, and maintains system stability through multi-layered validation approaches.
Data validation in the Supabase plugin operates at multiple levels:
Default validation level for most operations. Performs essential checks without significant performance impact.
// Example: Basic JSON validation
EJSONValidationLevel::Basic
- JSON structure validation (balanced braces/brackets)
- Basic format checking
- Null/empty value detection
Enhanced validation with deeper analysis and schema checking.
// Example: Strict validation with schema
EJSONValidationLevel::Strict
- JSON depth validation (configurable max depth)
- Schema validation against expected structure
- Security pattern detection
- Content sanitization
Maximum security validation for high-risk operations.
// Example: Paranoid validation
EJSONValidationLevel::Paranoid
- All strict validation features
- Malicious pattern detection
- Complexity analysis
- Advanced threat detection
Comprehensive JSON validation with configurable security levels.
// C++ Usage
UAsyncParseJSON* ParseTask = UAsyncParseJSON::ParseJSONAsync(
this,
JSONString,
EJSONValidationLevel::Strict,
MaxJSONSize
);
// Validation features:
// - JSON size limits (configurable)
// - Structure validation (balanced braces/brackets)
// - Depth validation (prevents stack overflow)
// - Schema validation (optional expected structure)
// - Security validation (malicious pattern detection)
Key Validation Features:
Multi-mode registration validation with comprehensive input sanitization.
// Email validation
bool ValidateEmail(const FString& Email)
{
- Format validation (RFC 5322 compliant)
- Domain validation (allowed domains list)
- Prohibited content detection
- Length limits (320 characters max)
}
// Phone validation
bool ValidatePhone(const FString& Phone)
{
- International format validation
- Carrier validation (optional)
- Format normalization
- Blocked number detection
}
// Password validation
bool ValidatePassword(const FString& Password)
{
- Minimum length requirements
- Complexity requirements (uppercase, lowercase, numbers)
- Common password detection
- Entropy calculation
}
Registration Modes Supported:
SQL injection prevention and PostgreSQL schema validation.
// Schema validation
struct FTableColumn {
FString Name; // PostgreSQL identifier validation
FString Type; // Validated against 25+ supported types
bool bNotNull; // Constraint validation
bool bUnique; // Index validation
bool bPrimaryKey; // Primary key validation
FString DefaultValue; // Default value sanitization
FString References; // Foreign key validation
};
// SQL sanitization
FString SanitizeSQL(const FString& SQL)
{
- SQL injection pattern detection
- Reserved word validation
- Identifier escaping
- Parameter binding enforcement
}
Table Creation Validation:
Transform and actor data validation for persistence operations.
// Transform validation
bool ValidateTransform(const FTransform& Transform) const
{
- Transform validity check
- Scale limits (0.001f - 1000.0f)
- NaN detection in location/rotation/scale
- Reasonable value ranges
}
// Custom data validation
bool ValidateCustomData(const TMap<FString, FString>& CustomData) const
{
- Entry count limits (max 100 entries)
- Key/value length validation (255/1024 chars)
- Empty key detection
- Data size optimization
}
The plugin implements multiple layers of SQL injection protection:
// Parameterized queries
UAsyncQuery* Query = UAsyncQuery::AsyncQuery(
this,
TEXT("users"),
TEXT("name, email"),
Filters // Automatically parameterized
);
// Identifier escaping
FString EscapeIdentifier(const FString& Identifier)
{
// PostgreSQL-safe identifier escaping
return FString::Printf(TEXT("\"%s\""), *Identifier.Replace(TEXT("\""), TEXT("\"\"")));
}
All user inputs undergo comprehensive sanitization:
// String sanitization
FString SanitizeInput(const FString& Input)
{
- Null byte removal
- Control character filtering
- Line ending normalization
- Length validation
- Encoding validation
}
Built-in rate limiting prevents abuse:
// Rate limit checking
bool CheckRateLimit()
{
- Per-operation rate limits
- IP-based throttling
- Exponential backoff
- Cooldown periods
}
Configure validation behavior per component:
// EntityPersistence validation config
struct FEntityPersistenceConfig
{
bool bValidateData = true; // Enable/disable validation
bool bStrictValidation = false; // Use strict validation mode
int32 MaxCustomDataEntries = 100; // Custom data limits
float MaxTransformScale = 1000.0f; // Transform scale limits
};
// JSON validation settings
struct FJSONValidationSettings
{
EJSONValidationLevel ValidationLevel = EJSONValidationLevel::Basic;
int32 MaxJSONSize = 1048576; // 1MB default
int32 MaxDepth = 32; // Maximum nesting depth
bool bEnableSchemaValidation = false; // Schema validation toggle
};
Balance validation thoroughness with performance:
// Validation performance levels
enum class EValidationPerformance
{
Fast, // Minimal validation, maximum performance
Balanced, // Default balance of validation and performance
Thorough, // Maximum validation, moderate performance impact
Paranoid // Maximum security, highest performance cost
};
The plugin provides detailed error categorization:
enum class EValidationError
{
None,
InvalidFormat,
SizeExceeded,
SecurityThreat,
SchemaViolation,
BusinessRuleViolation,
RateLimitExceeded
};
Automatic error recovery and user guidance:
// Validation failure delegate
DECLARE_DYNAMIC_MULTICAST_DELEGATE_TwoParams(FOnValidationFailure,
EValidationError, ErrorType,
FString, ErrorMessage);
// Error recovery suggestions
FString GetValidationSuggestion(EValidationError ErrorType)
{
// Provides user-friendly suggestions for fixing validation errors
}
The plugin provides Blueprint nodes for common validation tasks:
Validation events integrate seamlessly with Blueprint event systems:
// Blueprint-bindable validation events
UPROPERTY(BlueprintAssignable)
FOnValidationSuccess OnValidationSuccess;
UPROPERTY(BlueprintAssignable)
FOnValidationFailure OnValidationFailure;
Comprehensive logging for debugging validation issues:
// Validation log categories
DEFINE_LOG_CATEGORY(LogSupabaseValidation);
// Usage examples
UE_LOG(LogSupabaseValidation, Warning, TEXT("Validation failed: %s"), *ErrorMessage);
UE_LOG(LogSupabaseValidation, Verbose, TEXT("Validation passed for input: %s"), *InputData);
Built-in performance monitoring for validation operations:
// Validation performance tracking
struct FValidationMetrics
{
float AverageValidationTime; // Average validation duration
int32 ValidationCount; // Total validations performed
int32 FailureCount; // Failed validation count
float SuccessRate; // Validation success percentage
};
When upgrading from older plugin versions:
For questions about data validation:
Last updated: Version 1.34.2 | This documentation is actively maintained and updated with each plugin release.