Skip to content

Commit

Permalink
test: add u unicode flag to regex
Browse files Browse the repository at this point in the history
  • Loading branch information
@Fdawgs
Fdawgs authored Oct 21, 2023
1 parent 042b14b commit 86c9dd3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion test/cors.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -709,7 +709,7 @@ test('Allow only request from a specific origin using regex', t => {
t.plan(8)

const fastify = Fastify()
fastify.register(cors, { origin: /(example|other)\.com/gi })
fastify.register(cors, { origin: /(?:example|other)\.com/giu })

Check failure

Code scanning / CodeQL

Missing regular expression anchor High test

When this is used as a regular expression on a URL, it may match anywhere, and arbitrary hosts may come before or after it.

fastify.get('/', (req, reply) => {
reply.send('ok')
Expand Down

0 comments on commit 86c9dd3

Please sign in to comment.