Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SECURITY: Prevent ReDoS in user agent parsing (#20002) 

Co-authored-by: Penar Musaraj <pmusaraj@gmail.com>
This commit is contained in:
Bianca Nenciu 2023-01-25 18:55:33 +02:00 committed by GitHub
parent b32db6f2a3
commit 6d92c3cbda
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/mobile_detection.rb
View File

@ -36,7 +36,9 @@ module MobileDetection
Firefox\/1[0-9][0-9] Firefox\/1[0-9][0-9]
}x }x
USER_AGENT_MAX_LENGTH = 400
def self.modern_mobile_device?(user_agent) def self.modern_mobile_device?(user_agent)
user_agent.match?(MODERN_MOBILE_REGEX) user_agent[0...USER_AGENT_MAX_LENGTH].match?(MODERN_MOBILE_REGEX)
end end
end end