1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-23 09:52:26 +01:00

ui: make settings search regex range explicit (#16903)

* ui: make settings search regex range explicit

- Addresses CodeQL advisory #31
- Removes `][^ as valid characters

* ui: settings-search: ignore leading/trailing whitespace
This commit is contained in:
legobeat 2022-12-16 20:28:13 +00:00 committed by GitHub
parent 3e98758719
commit 204f39ef12
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -42,10 +42,9 @@ export default function SettingsSearch({
});
const handleSearch = (_searchQuery) => {
const sanitizedSearchQuery = _searchQuery.replace(
/[^A-z0-9\s&]|[\\]/gu,
'',
);
const sanitizedSearchQuery = _searchQuery
.replace(/[^A-Za-z0-9\s&_]/gu, '')
.trim();
setSearchQuery(sanitizedSearchQuery);
if (sanitizedSearchQuery === '') {
setSearchIconColor('var(--color-icon-muted)');