From 4273f99644eb8e40ddda4ee22a7d9251c80a3a12 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BE=9D=E7=91=AA=E8=B2=93?= Date: Wed, 8 Mar 2023 21:28:10 +0800 Subject: [PATCH] Fixed the regular expression to match the extra note in the summary for security, as suggested by SonarQube. --- src/accounting/static/js/summary-editor.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/accounting/static/js/summary-editor.js b/src/accounting/static/js/summary-editor.js index 9d25e3c..f75bda4 100644 --- a/src/accounting/static/js/summary-editor.js +++ b/src/accounting/static/js/summary-editor.js @@ -763,7 +763,7 @@ class GeneralTripTab extends TagTabPlane { * @override */ populate() { - const found = this.editor.summary.value.match(/^([^—]+)—([^—→↔]+)([→↔])(.+?)(?:[*×]\d+)?(?:\([^)]+\))?$/); + const found = this.editor.summary.value.match(/^([^—]+)—([^—→↔]+)([→↔])(.+?)(?:[*×]\d+)?(?:\([^()]+\))?$/); if (found === null) { return false; } @@ -956,7 +956,7 @@ class BusTripTab extends TagTabPlane { * @override */ populate() { - const found = this.editor.summary.value.match(/^([^—]+)—([^—]+)—([^—→]+)→(.+?)(?:[*×]\d+)?(?:\([^)]+\))?$/); + const found = this.editor.summary.value.match(/^([^—]+)—([^—]+)—([^—→]+)→(.+?)(?:[*×]\d+)?(?:\([^()]+\))?$/); if (found === null) { return false; } @@ -1141,7 +1141,7 @@ class AnnotationTab extends TabPlane { * @override */ updateSummary() { - const found = this.editor.summary.value.match(/^(.*?)(?:[*×]\d+)?(?:\([^)]+\))?$/); + const found = this.editor.summary.value.match(/^(.*?)(?:[*×]\d+)?(?:\([^()]+\))?$/); if (found !== null) { this.editor.summary.value = found[1]; } @@ -1170,7 +1170,7 @@ class AnnotationTab extends TabPlane { * @override */ populate() { - const found = this.editor.summary.value.match(/^(.*?)(?:[*×](\d+))?(?:\(([^)]+)\))?$/); + const found = this.editor.summary.value.match(/^(.*?)(?:[*×](\d+))?(?:\(([^()]+)\))?$/); this.editor.summary.value = found[1]; if (found[2] === undefined || parseInt(found[2]) === 1) { this.editor.number.value = "";