You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Regular expressions in Ruby can use anchors to match the beginning and end of a string. However, if the ^ and $ anchors are used, the regular expression can match a single line of a multi-line string. This allows bad actors to bypass your regular expression checks and inject malicious input.
Recommendation
Use the \A and \z anchors since these anchors will always match the beginning and end of the string, even if the string contains newlines.
Tracking issue for:
opened as a test for opening issues from code scanning alerts
The text was updated successfully, but these errors were encountered: