Iss #89 - Replace regex in commons to address vulnerable regex (!158) · Merge requests · Eclipse Foundation / IT / APIs / eclipsefdn-api-common

Martin Lowe requested to merge malowe/eclipsefdn-api-common:malowe/main/89 into main Nov 07, 2023

Sonar reported that the regex for checking the page is vulnerable to backtracking attacks, so it was removed. In it's place, we added a helper to parse parameters in a query string.

The previous solution of having a regex helper was very expensive computationally, and didn't fully address the issue, so it was discarded.

Iss #89 - Replace regex in commons to address vulnerable regex

Merge request reports