Skip to content

Demos test helper: fix regular expression injection #32106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
EugeniyKiyashko merged 2 commits into from
Jan 8, 2026
Merged

Demos test helper: fix regular expression injection #32106

EugeniyKiyashko merged 2 commits into from
Jan 8, 2026

Conversation

@EugeniyKiyashko
Copy link
Contributor

@EugeniyKiyashko EugeniyKiyashko commented Jan 7, 2026

No description provided.

@EugeniyKiyashko EugeniyKiyashko self-assigned this Jan 7, 2026
@EugeniyKiyashko EugeniyKiyashko changed the title Demos: fix regular expression injection Demos test helper: fix regular expression injection Jan 7, 2026
@EugeniyKiyashko EugeniyKiyashko marked this pull request as ready for review January 7, 2026 12:57
Copilot AI review requested due to automatic review settings January 7, 2026 12:57
Copilot AI reviewed Jan 7, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request fixes a regular expression injection vulnerability in the demos test helper by properly escaping special characters before using user input to construct regular expressions.

Key changes:

  • Added escapeRegExp function to sanitize input strings
  • Modified the wrap function to escape strings before passing them to RegExp constructor

pharret31
pharret31 previously approved these changes Jan 7, 2026
View reviewed changes
@EugeniyKiyashko
Update apps/demos/utils/visual-tests/matrix-test-helper.ts
5da27d0 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: EugeniyKiyashko <EugeniyKiyashko@users.noreply.github.com>
Copilot AI review requested due to automatic review settings January 8, 2026 08:44
Copilot AI reviewed Jan 8, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

@EugeniyKiyashko EugeniyKiyashko merged commit c3dfa4e into DevExpress:26_1 Jan 8, 2026
115 of 117 checks passed
EugeniyKiyashko added a commit to EugeniyKiyashko/DevExtreme that referenced this pull request Jan 8, 2026
@EugeniyKiyashko
Demos test helper: fix regular expression injection (DevExpress#32106)
54f9240 
Signed-off-by: EugeniyKiyashko <EugeniyKiyashko@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
EugeniyKiyashko added a commit that referenced this pull request Jan 8, 2026
@EugeniyKiyashko
Demos test helper: fix regular expression injection (#32106) (#32115)
217768f 
Signed-off-by: EugeniyKiyashko <EugeniyKiyashko@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@pharret31 pharret31 pharret31 approved these changes

Assignees

@EugeniyKiyashko EugeniyKiyashko

Labels

26_1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@EugeniyKiyashko @pharret31