What characters are forbidden in Windows and Linux directory names?

Question

I know that / is illegal in Linux, and the following are illegal in Windows (I think) * . \" / \\ [

Answer 1

Instead of creating a blacklist of characters, you could use a whitelist. All things considered, the range of characters that make sense in a file or directory name context is quite short, and unless you have some very specific naming requirements your users will not hold it against your application if they cannot use the whole ASCII table.

It does not solve the problem of reserved names in the target file system, but with a whitelist it is easier to mitigate the risks at the source.

In that spirit, this is a range of characters that can be considered safe:

• Letters (a-z A-Z) - Unicode characters as well, if needed
• Digits (0-9)
• Underscore (_)
• Hyphen (-)
• Space
• Dot (.)

And any additional safe characters you wish to allow. Beyond this, you just have to enforce some additional rules regarding spaces and dots. This is usually sufficient:

• Name must contain at least one letter or number (to avoid only dots/spaces)
• Name must start with a letter or number (to avoid leading dots/spaces)
• Name may not end with a dot or space (simply trim those if present, like Explorer does)

This already allows quite complex and nonsensical names. For example, these names would be possible with these rules, and be valid file names in Windows/Linux:

• A...........ext
• B -.- .ext

In essence, even with so few whitelisted characters you should still decide what actually makes sense, and validate/adjust the name accordingly. In one of my applications, I used the same rules as above but stripped any duplicate dots and spaces.