Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move config.json to config.ts and add some comments #46

Merged
merged 4 commits into from
Feb 27, 2024
Merged

Move config.json to config.ts and add some comments #46

merged 4 commits into from
Feb 27, 2024

Conversation

bitterpanda63
Copy link
Collaborator

No description provided.

willem-delbare
willem-delbare reviewed Feb 27, 2024
View reviewed changes
library/src/vulnerabilities/sql-injection/config.ts Outdated
"!",
";",
"\\+", // This checks for "+"
"\\-", // This checks for "-"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

deze dubbele escape klopt nietm eer dan right?

willem-delbare
willem-delbare reviewed Feb 27, 2024
View reviewed changes
library/src/vulnerabilities/sql-injection/config.ts Outdated

// We make use of double backslashes to create a single backslash in the RegEx
const SQL_DANGEROUS_IN_STRING = [
"\\\\", // Check for backslashes : "\"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

deze dubbele escape klopt nietm eer dan right?

@codecov Codecov
Copy link

codecov bot commented Feb 27, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.62%. Comparing base (4cdf0c7) to head (dc8a485).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main      #46      +/-   ##
==========================================
+ Coverage   94.25%   94.62%   +0.36%     
==========================================
  Files          20       22       +2     
  Lines        1585     1694     +109     
  Branches      195      195              
==========================================
+ Hits         1494     1603     +109     
  Misses         91       91

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@hansott
Merge branch 'main' of github.com:AikidoSec/node-RASP into add-commen…
a1d85db 
…ts-for-regex-escape

* 'main' of github.com:AikidoSec/node-RASP:
  Move to separate file
  Remove typedoc
  Split regex up into different smaller regex strings
  Add comments to regex
  Remove some comments
@hansott
Escape just in time, not in config file
7db6170 
It's easier to reason about this when the escaping happens just before
using in a regex. This also allows us to use the config data for any
purpose. Not just regexes. How beautiful.
@hansott
Add unit test for dangerousCharsInInput
dc8a485
@hansott hansott merged commit 6e44124 into main Feb 27, 2024
8 checks passed
@hansott hansott deleted the add-comments-for-regex-escape branch February 27, 2024 13:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@willem-delbare willem-delbare willem-delbare left review comments

@hansott hansott hansott left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bitterpanda63 @hansott @willem-delbare