Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add rule to check access on RegExp capture groups #637

Open
ajafff opened this issue Jun 30, 2019 · 0 comments
Open

Add rule to check access on RegExp capture groups #637

ajafff opened this issue Jun 30, 2019 · 0 comments
Labels
help wanted rule suggestion

Comments

@ajafff
Copy link
Member

ajafff commented Jun 30, 2019

If a regular expression literal is statically known, we can check accessed capture groups of the match result.

const r1 = /(.)(.)/;
const m1 = r1.exec(someString)!;
console.log(
  m1[0], // always valid
  m1[1], // allowed
  m1[2], // allowed
  m1[3], // not allowed
  m1.groups, // not allowed
);

const r2 = /(?<foo>.)/;
const m2 = re.exec(someString)!;
console.log(
  m2[0], // always valid
  m2[1], // not allowed
  m2.groups!.foo, // allowed
  m2.groups.bar, // not allowed
);

This may need control flow analysis to reliably tell where the match result came from and if the regular expression is a known literal.

Upstream feature request: microsoft/TypeScript#32098
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted rule suggestion
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ajafff