Oops, fix regex patterns to use \A
to \z
instead of ^
to $
Oh huh, TIL in Ruby `^` *always* means "start of line", whereas in many languages' regular expression engines it means "start of string" unless you enable a special multiline flag for the pattern. I've fixed this in a number of expressions now! I'm noticing this in the context of doing some security training work where this the cause of a sample vulnerability, but, looking at our own case, I don't think there was anything *abusable* here? But this is just more correct, so let's be more correct!
This commit is contained in:
parent
5401ea984a
commit
2a34e8be6d
4 changed files with 8 additions and 8 deletions
|
@ -157,7 +157,7 @@ module ItemsHelper
|
|||
end
|
||||
|
||||
NC_TRADE_VALUE_ESTIMATE_PATTERN = %r{
|
||||
^\s*
|
||||
\A\s*
|
||||
(?:
|
||||
# Case 1: A single number
|
||||
(?<single>[0-9]+)
|
||||
|
@ -167,7 +167,7 @@ module ItemsHelper
|
|||
\p{Dash_Punctuation}
|
||||
(?<high>[0-9]+)
|
||||
)
|
||||
\s*$
|
||||
\s*\z
|
||||
}x
|
||||
def nc_trade_value_is_estimate(nc_trade_value)
|
||||
nc_trade_value.value_text.match?(NC_TRADE_VALUE_ESTIMATE_PATTERN)
|
||||
|
|
|
@ -88,13 +88,13 @@ class Item
|
|||
# the `dyeworks_base_item` relationship in the database; after that, we
|
||||
# just use whatever the database says. (This allows manual overrides!)
|
||||
DYEWORKS_NAME_PATTERN = %r{
|
||||
^(
|
||||
\A(
|
||||
# Most Dyeworks items have a colon in the name.
|
||||
Dyeworks\s+(?<color>.+?:)\s*(?<base>.+)
|
||||
|
|
||||
# But sometimes they omit it. If so, assume the first word is the color!
|
||||
Dyeworks\s+(?<color>\S+)\s*(?<base>.+)
|
||||
)$
|
||||
)\z
|
||||
}x
|
||||
def inferred_dyeworks_base_item
|
||||
name_match = name.match(DYEWORKS_NAME_PATTERN)
|
||||
|
|
|
@ -64,7 +64,7 @@ class Item
|
|||
when 'fits'
|
||||
# First, try the `fits:blue-acara` case.
|
||||
# NOTE: This will also work for `fits:"usuki girl-usul"`!
|
||||
match = value.match(/^([^-]+)-([^-]+)$/)
|
||||
match = value.match(/\A([^-]+)-([^-]+)\z/)
|
||||
if match.present?
|
||||
color_name, species_name = match.captures
|
||||
pet_type = load_pet_type_by_name(color_name, species_name)
|
||||
|
@ -74,7 +74,7 @@ class Item
|
|||
end
|
||||
|
||||
# Next, try the `fits:alt-style-87305` case.
|
||||
match = value.match(/^alt-style-([0-9]+)$/)
|
||||
match = value.match(/\Aalt-style-([0-9]+)\z/)
|
||||
if match.present?
|
||||
alt_style_id, = match.captures
|
||||
alt_style = load_alt_style_by_id(alt_style_id)
|
||||
|
@ -85,7 +85,7 @@ class Item
|
|||
|
||||
# Next, try the `fits:nostalgic-faerie-draik` case.
|
||||
# NOTE: This will also work for `fits:"nostalgic-usuki girl-usul"`!
|
||||
match = value.match(/^([^-]+)-([^-]+)-([^-]+)$/)
|
||||
match = value.match(/\A([^-]+)-([^-]+)-([^-]+)\z/)
|
||||
if match.present?
|
||||
series_name, color_name, species_name = match.captures
|
||||
alt_style = load_alt_style_by_name(
|
||||
|
|
|
@ -174,7 +174,7 @@ class Outfit < ApplicationRecord
|
|||
self.name.strip!
|
||||
|
||||
# Get the base name of the provided name, without any "(1)" suffixes.
|
||||
base_name = name.sub(/\s*\([0-9]+\)$/, '')
|
||||
base_name = name.sub(/\s*\([0-9]+\)\z/, '')
|
||||
|
||||
# Find the user's other outfits that start with the same base name, and get
|
||||
# *their* names, with whitespace stripped.
|
||||
|
|
Loading…
Reference in a new issue