Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-6641

cannot-contains-others policy is broken and does not correctly detect values which do not meet the policy requirements

    Details

    • Support Ticket IDs:

      Description

      The cannot-contain-others policy does not properly detect policy violations due to a invalid RegularExpress within the policy implementation.

      Specifically the following code:

              if (typeof(openidm) !== "undefined" && typeof(request) !== "undefined"  && request.resourcePath && !request.resourcePath.match(/*$')) {
      

      will never evaluate to false as the match() function never returns a 'falsey' value and always evaluates to true when executed. The issue is caused by the lack of a trailing '/' within the RegularExpression and lack of escaping of the asterisk.

      The above code should be modified as follows:

              if (typeof(openidm) !== "undefined" && typeof(request) !== "undefined"  && request.resourcePath && !request.resourcePath.match(/\*$/)) {
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                cgdrake Chris Drake
                Reporter:
                cgdrake Chris Drake
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: