I seem to remember a blog post about this regex issue here on HN a few months ag... | Hacker News

Hacker Timesnew | past | comments | ask | show | jobs | submit

		pjungwir on Feb 11, 2013 \| parent \| context \| favorite \| on: ActiveRecord Vulnerability - Circumvention of attr... I seem to remember a blog post about this regex issue here on HN a few months ago. It definitely surprised me to learn that Ruby doesn't treat $ as end-of-string by default.

fxn on Feb 11, 2013 | [–]

I blogged in http://advogato.org/person/fxn/diary/498.html some key differences between Perl and Ruby regexp flags (which includes this gotcha).

homakov on Feb 11, 2013 | [–]

http://homakov.blogspot.com/2012/05/saferweb-injects-in-vari... it is usual mistake in url validators

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact