Class Brakeman::CheckValidationRegex
In: lib/brakeman/checks/check_validation_regex.rb
Parent: Brakeman::BaseCheck

Reports any calls to validates_format_of which do not use +\A+ and +\z+ as anchors in the given regular expression.

For example:

 #Allows anything after new line
 validates_format_of :user_name, :with => /^\w+$/

Methods

Constants

WITH = Sexp.new(:lit, :with)
FORMAT = Sexp.new(:lit, :format)
SECURE_REGEXP_PATTERN = %r{ \A \\A .* \\[zZ] \z }x   Match secure regexp without extended option
EXTENDED_SECURE_REGEXP_PATTERN = %r{ \A \s* \\A .* \\[zZ] \s* \z }mx   Match secure of regexp with extended option

Public Instance methods

Issue warning if the regular expression does not use +\A+ and +\z+

Get the name of the attribute being validated.

Check validates …, :format => …

[Validate]