Skip to content
Permalink
Browse files Browse the repository at this point in the history
SECURITY: Prevent ReDoS in user agent parsing (#20002)
Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
  • Loading branch information
nbianca and pmusaraj committed Jan 25, 2023
1 parent b32db6f commit 6d92c3c
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion lib/mobile_detection.rb
Expand Up @@ -36,7 +36,9 @@ def self.ios_device?(user_agent)
Firefox\/1[0-9][0-9]
}x

USER_AGENT_MAX_LENGTH = 400

def self.modern_mobile_device?(user_agent)
user_agent.match?(MODERN_MOBILE_REGEX)
user_agent[0...USER_AGENT_MAX_LENGTH].match?(MODERN_MOBILE_REGEX)
end
end

0 comments on commit 6d92c3c

Please sign in to comment.