Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Update lib/authlogic/regex.rb #315

Merged
merged 1 commit into from

3 participants

Egor Homakov Kevin Menard Ben Johnson
Egor Homakov

security breach in regexp.
make code not looking like PHP

Kevin Menard

If you don't mind expanding on this, what's the security breach? Your commit message and pull request comment lack some details.

Egor Homakov

@nirvdrum login can contain anything after \n line it should be \z instead of $ there

Ben Johnson binarylogic merged commit 256e8cf into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on May 18, 2012
  1. Egor Homakov

    Update lib/authlogic/regex.rb

    homakov authored
This page is out of date. Refresh to see the latest.
Showing with 7 additions and 6 deletions.
  1. +7 −6 lib/authlogic/regex.rb
13 lib/authlogic/regex.rb
View
@@ -9,17 +9,18 @@ module Regex
# by reading this website: http://www.regular-expressions.info/email.html, which is an excellent resource
# for regular expressions.
def self.email
- return @email_regex if @email_regex
- email_name_regex = '[A-Z0-9_\.%\+\-\']+'
- domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
- domain_tld_regex = '(?:[A-Z]{2,4}|museum|travel)'
- @email_regex = /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+ @email_regex ||= begin
+ email_name_regex = '[A-Z0-9_\.%\+\-\']+'
+ domain_head_regex = '(?:[A-Z0-9\-]+\.)+'
+ domain_tld_regex = '(?:[A-Z]{2,4}|museum|travel)'
+ /\A#{email_name_regex}@#{domain_head_regex}#{domain_tld_regex}\z/i
+ end
end
# A simple regular expression that only allows for letters, numbers, spaces, and .-_@. Just a standard login / username
# regular expression.
def self.login
- /\A\w[\w\.+\-_@ ]+$/
+ /\A\w[\w\.+\-_@ ]+\z/
end
end
end
Something went wrong with that request. Please try again.