Project

General

Profile

Actions
Copy link

Feature #6472

closed

Multiline mode in regexp by default

Added by Sega100500 (Сергей Е) almost 12 years ago. Updated almost 12 years ago.

Status:
Third Party's Issue
Assignee:
-
Target version:
1.9.3
[ruby-core:45148]

Description

When using regexp there can be a vulnerability:

http://homakov.blogspot.com/2012/05/saferweb-injects-in-various-ruby.html#more

Probably it happens because multiline mode in regexp is default, but this is wrong. Need use 'm' modificator to use this mode.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0