root
/
grafana
mirror of https://github.com/grafana/grafana.git
1
0
Fork 0
Code Issues Actions 26 Packages Projects Releases Wiki Activity

Chore: Fixes cleanNeedle regex to be more specific (#61967) 

* Chore: Fixes code sec warning for frontend regex

* Update text.ts

* Update text.ts
This commit is contained in:
Torkel Ödegaard 2023-01-26 09:08:15 +01:00 committed by GitHub
parent 6a93c77082
commit 8e3d22ca7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
packages/grafana-data/src/text/text.ts
View File

@ -24,7 +24,7 @@ export function findHighlightChunksInText({
}
const cleanNeedle = (needle: string): string => {
return needle.replace(/[[{(][\w,.-?:*+]+$/, '');
return needle.replace(/[[{(][\w,.\/:;<=>?:*+]+$/, '');
};
/**
@ -35,14 +35,17 @@ export function findMatchesInText(haystack: string, needle: string): TextMatch[]
if (!haystack || !needle) {
return [];
}
const matches: TextMatch[] = [];
const { cleaned, flags } = parseFlags(cleanNeedle(needle));
let regexp: RegExp;
try {
regexp = new RegExp(`(?:${cleaned})`, flags);
} catch (error) {
return matches;
}
haystack.replace(regexp, (substring, ...rest) => {
if (substring) {
const offset = rest[rest.length - 2];
@ -55,6 +58,7 @@ export function findMatchesInText(haystack: string, needle: string): TextMatch[]
}
return '';
});
return matches;
}