如何修复 Pattern.compile(regex, Pattern.CASE_INSENSITIVE) 上的声纳关键问题;
[英]How to fix the Sonar critical issue on Pattern.compile(regex, Pattern.CASE_INSENSITIVE);
问题描述
I'm getting a critical sonar issue " Using regular expressions is security-sensitive " when using the code
使用代码时,我遇到了一个严重的声纳问题“使用正则表达式是安全敏感的”
Pattern.compile(regex, Pattern.CASE_INSENSITIVE)
Can anyone help to fix this?任何人都可以帮助解决这个问题吗? Is there any alternatives available for this?有没有其他替代方案?
1 个解决方案
解决方案1
2 2020-03-12 11:27:37
As per this Sonarsource documenation ,根据此 Sonarsource 文档,
This rule flags any execution of a hardcoded regular expression which has at least 3 characters and at least two instances of any of the following characters:
*+{.*+{..
So, you must make sure your pattern complies with the rule.因此,您必须确保您的模式符合规则。
Alternatively, you may disable the warnings by Turning Sonar off for certain code .或者,您可以通过为某些代码关闭声纳来禁用警告。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.