You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Mar 7, 2021. It is now read-only.
If there is e.g. JavaScript code like foo;url();bar();doo the pattern matches url();bar(). The reason is that the [^"'] consumes already the first ) closing bracket in the haystack, and so the following \) has nothing to match anymore.
A simple fix is to strip the . and just use the [^"'] as our wildcard, like /\s?url\([^"')]*?\)/ig.
This problem can lead to crawling URLs with strange JS code appended to it. Like http://example.com/%29;bar%28
The text was updated successfully, but these errors were encountered:
In the discoverRegex patterns, the
/\s?url\([^"'].*?\)/ig
has a dot too much.If there is e.g. JavaScript code like
foo;url();bar();doo
the pattern matchesurl();bar()
. The reason is that the[^"']
consumes already the first)
closing bracket in the haystack, and so the following\)
has nothing to match anymore.A simple fix is to strip the
.
and just use the[^"']
as our wildcard, like/\s?url\([^"')]*?\)/ig
.This problem can lead to crawling URLs with strange JS code appended to it. Like
http://example.com/%29;bar%28
The text was updated successfully, but these errors were encountered: