Skip to content

Commit

Permalink
Fix code scanning alert no. 1: Bad HTML filtering regexp
Browse files Browse the repository at this point in the history 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
  • Loading branch information
@srugano @github-advanced-security
srugano and github-advanced-security[bot] authored Dec 18, 2024
1 parent 62ff503 commit 275f161
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions src/hope_country_report/apps/power_query/static/admin/power_query/codemirror/xml.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,10 +76,10 @@ CodeMirror.defineMode("xml", function(editorConf, config_) {
if (ch == "<") {
if (stream.eat("!")) {
if (stream.eat("[")) {
if (stream.match("CDATA[")) return chain(inBlock("atom", "]]>"));
if (stream.match("CDATA[")) return chain(inBlock("atom", "]]>", "]]>"));
else return null;
} else if (stream.match("--")) {
return chain(inBlock("comment", "-->"));
return chain(inBlock("comment", /-->/, /--!>/));

Check failure

Code scanning / CodeQL

Bad HTML filtering regexp High

This regular expression only parses --> and not --!> as a HTML comment end tag.
} else if (stream.match("DOCTYPE", true, true)) {
stream.eatWhile(/[\w\._\-]/);
return chain(doctype(1));
Expand Down

0 comments on commit 275f161

Please sign in to comment.