Please sign in to comment.
Regular expression fix
In Ruby, `^` and `$` match the line beginning and line end. So, an email coming in via HTTP like this: firstname.lastname@example.org%0A<script>alert('hello')</script> Whereas %0A is a line feed in URL encoding, so Rails automatically converts it to: email@example.com\n<script>alert('hello')</script> and unintentionally passes validation because the regular expression matched the email: up to the line end, the rest does not matter. http://guides.rubyonrails.org/security.html#regular-expressions
- Loading branch information...
Showing with 4 additions and 3 deletions.