Open karlbaumhauer opened 9 months ago
Some regular expressions take a long time to match certain input strings to the point where the time it takes to match a string of length n is proportional to nk or even 2n. Such regular expressions can negatively affect performance, or even allow a malicious user to perform a Denial of Service ("DoS") attack by crafting an expensive input string for the regular expression to match.
@karlbaumhauer Since this function is only executed on the client, this could only lead to a DoS of yourself right ?:D
as discussed in our call => de-prioritzed as it only can be executed on the client and we see currently no scenario where it could have any effect on the server/cdn.
@mariohamann do you agree on that?
Absolutely. If someone wants to break the own client... go for it. 😆
Can we just close this completely as not planned? I wouldn't invest any time and budget on that @yoezlem.
Current behavior
See code scanning alert: https://github.com/solid-design-system/solid/security/code-scanning/1
Expected behavior
Prevent "DoS" attack potential.
DoR
DoD
feature
branch