Comments (1)
Regular expressions in Ruby can use anchors to match the beginning and end of a string. However, if the ^ and $ anchors are used, the regular expression can match a single line of a multi-line string. This allows bad actors to bypass your regular expression checks and inject malicious input.
Recommendation
Use the \A and \z anchors since these anchors will always match the beginning and end of the string, even if the string contains newlines.
from ondemand.
Related Issues (20)
- OoD for one cluster, 2 institutions HOT 1
- Follow migration guide for @popperjs/core
- Follow migration guide for Bootstrap 5 HOT 1
- data-hide does not work on radio buttons
- Logo on dashboard no longer left aligned due to w-100 class HOT 1
- `loginLogo` Needs `url` not a `path HOT 3
- project manager support for auto_licenses
- Multiple path-selectors are slow HOT 1
- Make project size calculation optional HOT 4
- kubernetes test workflow broken HOT 2
- Unexpected data-hide-* behavior w/ single character surrounded by underscores
- errors in custom widgets can produce 500 internal server error
- Shibboleth authentication only works with Require valid-user HOT 2
- Multiple domains with multiple certificates for Apache2 TLS? HOT 3
- Separating secrets from configuration? HOT 2
- add system status to navigation bar HOT 1
- visual updates for the system status page HOT 1
- correct system status numbers
- OIDC Relative Path Support for httpd HOT 4
- Provide access to the session (at least session.id) for running jobs view.html.erb
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ondemand.