1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-14 10:52:41 +01:00
phorge-phorge/src/applications/macro
epriestley 969d0c3e8d Use "\z" instead of "$" to anchor validating regular expressions
Summary:
Via HackerOne. In regular expressions, "$" matches "end of input, or before terminating newline". This means that the expression `/^A$/` matches two strings: `"A"`, and `"A\n"`.

When we care about this, use `\z` instead, which matches "end of input" only.

This allowed registration of `"username\n"` and similar.

Test Plan:
  - Grepped codebase for all calls to `preg_match()` / `preg_match_all()`.
  - Fixed the ones where this seemed like it could have an impact.
  - Added and executed unit tests.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: aran, epriestley

Differential Revision: https://secure.phabricator.com/D8516
2014-03-13 12:42:41 -07:00
..
application Remove quick create buttons from application launcher 2014-01-29 17:23:50 -08:00
capability Modernize policies in Paste and Macro 2013-10-16 10:35:52 -07:00
conduit Adding macro create method. 2013-07-08 19:49:05 -07:00
config MetaMTA: Owners, Pholio, Macro 2013-01-16 10:52:30 -08:00
constants Allow macros to have associated audio and audio behaviors 2013-09-27 16:01:37 -07:00
controller Use "\z" instead of "$" to anchor validating regular expressions 2014-03-13 12:42:41 -07:00
editor Maniphest Tasks + Project Boards - some polish 2014-03-04 17:01:33 -08:00
mail Remove the last hardcoding from PhabricatorMetaMTAReceivedMail 2013-05-17 10:00:49 -07:00
phid Remove many redundant implementations of canLoadNamedObject() 2013-12-18 12:00:01 -08:00
query Lock policy queries to their applications 2013-10-21 17:20:27 -07:00
remarkup Fix two issues with audio macros 2013-09-28 15:32:48 -07:00
storage Various linter fixes. 2014-02-26 12:44:58 -08:00