From 5e168167e531a4233540b92375520e9dee829880 Mon Sep 17 00:00:00 2001
From: DongNyoung Lee <121621378+Dongnyoung@users.noreply.github.com>
Date: Sun, 15 Jun 2025 17:53:57 +0900
Subject: [PATCH] feat: improve username sanitization in profiling example

Hello,

This commit updates the username sanitization logic in the profiling
example code to allow only alphanumeric characters. The original
pattern (/[!@#$%^&*]/g) was limited and could lead to inconsistent
behavior depending on input.

Changed:
- From: username = username.replace(/[!@#$%^&*]/g, '')
- To:   username = username.replace(/[^a-zA-Z0-9]/g, '')

This change makes the input handling cleaner and more appropriate
for educational purposes, aligning better with common sanitization
practices.
Relates to: #7867

Signed-off-by: DongNyoung Lee <121621378+Dongnyoung@users.noreply.github.com>
---
 apps/site/pages/en/learn/getting-started/profiling.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/site/pages/en/learn/getting-started/profiling.md b/apps/site/pages/en/learn/getting-started/profiling.md
index 3ac8a481ea5ce..a5dba9f381568 100644
--- a/apps/site/pages/en/learn/getting-started/profiling.md
+++ b/apps/site/pages/en/learn/getting-started/profiling.md
@@ -41,7 +41,7 @@ app.get('/newUser', (req, res) => {
   let username = req.query.username || '';
   const password = req.query.password || '';
 
-  username = username.replace(/[!@#$%^&*]/g, '');
+  username = username.replace(/[^a-zA-Z0-9]/g, '');
 
   if (!username || !password || users[username]) {
     return res.sendStatus(400);
@@ -63,7 +63,7 @@ app.get('/auth', (req, res) => {
   let username = req.query.username || '';
   const password = req.query.password || '';
 
-  username = username.replace(/[!@#$%^&*]/g, '');
+  username = username.replace(/[^a-zA-Z0-9]/g, '');
 
   if (!username || !password || !users[username]) {
     return res.sendStatus(400);
@@ -228,7 +228,7 @@ app.get('/auth', (req, res) => {
   let username = req.query.username || '';
   const password = req.query.password || '';
 
-  username = username.replace(/[!@#$%^&*]/g, '');
+  username = username.replace(/[^a-zA-Z0-9]/g, '');
 
   if (!username || !password || !users[username]) {
     return res.sendStatus(400);