IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

Chore: Fixes cleanNeedle regex to be more specific (#61967)

Browse Source 
* Chore: Fixes code sec warning for frontend regex

* Update text.ts

* Update text.ts
This commit is contained in:
Torkel Ödegaard
2023-01-26 09:08:15 +01:00
committed by GitHub
parent 6a93c77082
commit 8e3d22ca7a
1 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
packages/grafana-data/src/text/text.ts
View File

@@ -24,7 +24,7 @@ export function findHighlightChunksInText({
}
const cleanNeedle = (needle: string): string => {
return needle.replace(/[[{(][\w,.-?:*+]+$/, '');
return needle.replace(/[[{(][\w,.\/:;<=>?:*+]+$/, '');
};
/**
@@ -35,14 +35,17 @@ export function findMatchesInText(haystack: string, needle: string): TextMatch[]
if (!haystack || !needle) {
return [];
}
const matches: TextMatch[] = [];
const { cleaned, flags } = parseFlags(cleanNeedle(needle));
let regexp: RegExp;
try {
regexp = new RegExp(`(?:${cleaned})`, flags);
} catch (error) {
return matches;
}
haystack.replace(regexp, (substring, ...rest) => {
if (substring) {
const offset = rest[rest.length - 2];
@@ -55,6 +58,7 @@ export function findMatchesInText(haystack: string, needle: string): TextMatch[]
}
return '';
});
return matches;
}