Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(27428): fix if we type enter anything followed by a \ in settings search #27432

Merged
merged 2 commits into from
Oct 2, 2024

Conversation

DDDDDanica
Copy link
Contributor

@DDDDDanica DDDDDanica commented Sep 26, 2024

In JavaScript, backslashes are used as escape characters in strings and regular expressions, which can cause issues when an unescaped backslash is present in a user input. To handle this, we'll need to escape any special characters in the user input before constructing the regular expression.

Description

Open in GitHub Codespaces

Related issues

Fixes: #27428, #26945

Manual testing steps

  1. Go to settings
  2. type foo\
  3. press enter should not crash

Screenshots/Recordings

Before

After

regex-search.mov

Pre-merge author checklist

Pre-merge reviewer checklist

  • I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
  • I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

Copy link
Contributor

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

@DDDDDanica DDDDDanica force-pushed the fix/27428-search-regex branch from 8e04cf2 to 9f20d4f Compare September 26, 2024 17:45
@metamaskbot
Copy link
Collaborator

Builds ready [9f20d4f]
Page Load Metrics (1816 ± 90 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint38723041688445214
domContentLoaded16012245179416780
load16082309181618790
domInteractive24196513818
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 92 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

NiranjanaBinoy
NiranjanaBinoy previously approved these changes Sep 26, 2024
Copy link
Contributor

@NiranjanaBinoy NiranjanaBinoy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@DDDDDanica DDDDDanica force-pushed the fix/27428-search-regex branch 2 times, most recently from 4c36e9f to 1f6301e Compare September 26, 2024 21:08
@metamaskbot
Copy link
Collaborator

Builds ready [1f6301e]
Page Load Metrics (1884 ± 125 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint26026081749526253
domContentLoaded159824491839232112
load161825431884260125
domInteractive13149503115
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 106 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@davidmurdoch
Copy link
Contributor

Should we just use String#replaceAll (https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/replaceAll) instead of using a regular expression in the relevant string replacement step in colorText?

@DDDDDanica
Copy link
Contributor Author

Should we just use String#replaceAll (https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/replaceAll) instead of using a regular expression in the relevant string replacement step in colorText?

hey @davidmurdoch do you mean
elemText = elemText.replaceAll('&', '&'); instead of elemText = elemText.replace('&', '&');?

@davidmurdoch
Copy link
Contributor

Should we just use String#replaceAll (https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/replaceAll) instead of using a regular expression in the relevant string replacement step in colorText?

hey @davidmurdoch do you mean elemText = elemText.replaceAll('&', '&'); instead of elemText = elemText.replace('&', '&');?

No. In the colorText function we have:

export function colorText(menuElement, regex) {

   // ... omitted code ...
   
  menuElement.innerHTML = elemText.replace(
      regex,
      '<span class="settings-page__header__search__list__item__highlight">$&</span>',
  );
}

used as:

colorText(menuTabElement, searchRegex);

but this could be simplified to something like:

export function colorText(menuElement, textToColor) {

   // ... omitted code ...
   
  menuElement.innerHTML = elemText.replaceAll(
      textToColor,
      `<span class="settings-page__header__search__list__item__highlight">${textToColor}</span>`,
  );
}

used as:

colorText(menuTabElement, searchElem.value);

I don't think we even need to create a regular expression here.

@DDDDDanica
Copy link
Contributor Author

DDDDDanica commented Sep 28, 2024

@davidmurdoch good suggestions ! However, i believe const searchRegex = new RegExp(escapeRegExp(searchElem.value), 'gi'); this regex is to make the search case-insensitive. we could do something like but it seems more complex

export function colorText(menuElement, textToColor) {
  if (menuElement !== null) {
    let elemText = menuElement.innerHTML;
    elemText = elemText.replace('&amp;', '&');
    elemText = elemText.replace(
      /(<span class="settings-page__header__search__list__item__highlight">|<\/span>)/gim,
      '',
    );

    const lowerCaseElemText = elemText.toLowerCase();
    const lowerCaseTextToColor = textToColor.toLowerCase();

    if (lowerCaseElemText.includes(lowerCaseTextToColor)) {
      const index = lowerCaseElemText.indexOf(lowerCaseTextToColor);
      const originalText = elemText.substring(index, index + textToColor.length);
      
      menuElement.innerHTML = elemText. replaceAll(
        originalText,
        `<span class="settings-page__header__search__list__item__highlight">${originalText}</span>`,
      );
    }
  }
}

@DDDDDanica DDDDDanica force-pushed the fix/27428-search-regex branch from 1f6301e to 3535156 Compare October 1, 2024 18:48
NiranjanaBinoy
NiranjanaBinoy previously approved these changes Oct 1, 2024
@metamaskbot
Copy link
Collaborator

Builds ready [3535156]
Page Load Metrics (1796 ± 69 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint27621511716363174
domContentLoaded15652084176914268
load15732097179614469
domInteractive14203595225
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 106 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

@metamaskbot
Copy link
Collaborator

Builds ready [9417681]
Page Load Metrics (1715 ± 84 ms)
PlatformPageMetricMin (ms)Max (ms)Average (ms)StandardDeviation (ms)MarginOfError (ms)
ChromeHomefirstPaint38522311630338162
domContentLoaded14892170168217483
load14972180171517484
domInteractive169139209
Bundle size diffs
  • background: 0 Bytes (0.00%)
  • ui: 106 Bytes (0.00%)
  • common: 0 Bytes (0.00%)

Copy link

sonarqubecloud bot commented Oct 2, 2024

@DDDDDanica DDDDDanica enabled auto-merge October 2, 2024 21:23
@DDDDDanica DDDDDanica added this pull request to the merge queue Oct 2, 2024
Merged via the queue into develop with commit e76a149 Oct 2, 2024
77 checks passed
@DDDDDanica DDDDDanica deleted the fix/27428-search-regex branch October 2, 2024 22:05
@github-actions github-actions bot locked and limited conversation to collaborators Oct 2, 2024
@metamaskbot metamaskbot added the release-12.6.0 Issue or pull request that will be included in release 12.6.0 label Oct 2, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
release-12.6.0 Issue or pull request that will be included in release 12.6.0 team-extension-platform
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

[Bug]: MetaMask crash if we type enter anything followed by a \ in settings search
4 participants