Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#2203 closed Bug (fixed)

Snort: false positive on piwik.js

Reported by: vipsoft Owned by:
Priority: normal Milestone: Piwik 1.3
Component: Core Keywords:
Cc: Sensitive: no

Description

Snort generates a false positive on this line in piwik.js:

        escapable = new RegExp('[\\\\\\"\x00-\x1f\x7f-\x9f\u00ad\u0600-\u0604\u070f\u17b4\u17b5\u200c-\u200f\u2028-\u202f\u2060-\u206f\ufeff\ufff0-\uffff]', 'g'),

The Snort rule doesn't check for a closing ] (which was the Mozilla bug that this rule was supposed to detect).

Change History (2)

comment:1 Changed 3 years ago by vipsoft (robocoder)

  • Resolution set to fixed
  • Status changed from new to closed

(In [4127]) fixes #2203

comment:2 Changed 3 years ago by vipsoft (robocoder)

(In [4128]) refs #2203 - add unit test for regressions

Note: See TracTickets for help on using tickets.