Merge pull request #1645 from Semmle/js/fix-missing-regexp-anchor-qhelp

Approved by asger-semmle
2025-12-17 01:03:14 +01:00 · 2019-07-29 16:46:36 +01:00
parent 902825f8ac d3016593e4
commit 5125a41345
1 changed files with 2 additions and 2 deletions
--- a/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.qhelp
+++ b/javascript/ql/src/Security/CWE-020/MissingRegExpAnchor.qhelp
@@ -62,9 +62,9 @@
 			A related mistake is to write a regular expression with
 			multiple alternatives, but to only include an anchor for one of the
 			alternatives. As an example, the regular expression
-			<code>/^www\\.example\\.com|beta\\.example\\.com/</code> will match the host
+			<code>/^www\.example\.com|beta\.example\.com/</code> will match the host
 			<code>evil.beta.example.com</code> because the regular expression is parsed
-			as <code>/(^www\\.example\\.com)|(beta\\.example\\.com)/</code>
+			as <code>/(^www\.example\.com)|(beta\.example\.com)/</code>

 		</p>
 	</example>