diff --git a/client/common.json b/client/common.json index b676095a..924f75ca 100644 --- a/client/common.json +++ b/client/common.json @@ -11,6 +11,8 @@ "no-console": "error", "no-implied-eval": "error", "unicorn/no-invalid-remove-event-listener": "error", + "security/detect-non-literal-regexp": "off", + "security/detect-unsafe-regex": "off", "security/detect-possible-timing-attacks": "off" } } diff --git a/test/fixtures/client/common/valid.js b/test/fixtures/client/common/valid.js index b37c723c..d68aa41e 100644 --- a/test/fixtures/client/common/valid.js +++ b/test/fixtures/client/common/valid.js @@ -1,4 +1,4 @@ -( function () { +( function ( userInput ) { function checkHash( input, cachedValue ) { var hash = JSON.stringify( input ); // Off: security/detect-possible-timing-attacks (#503) @@ -7,5 +7,11 @@ } } - checkHash(); + checkHash( + // Off: security/detect-non-literal-regexp + new RegExp( '/[0-9]+' + userInput + '/' ), + // Off: security/detect-unsafe-regex + /^([a-zA-Z0-9_.-])+@(([a-zA-Z0-9-])+\.)+([a-zA-Z0-9]{2,4})+$/ + ); + }() );