netstack.js 2.1.1 → 2.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/netstack.js +15 -12
  2. package/package.json +1 -1
package/netstack.js CHANGED
@@ -1,5 +1,5 @@
1
1
  /*!
2
- * netStack v2.1.1
2
+ * netStack v2.1.3
3
3
  * A simple and easy JavaScript library for highlighting .NET stack traces
4
4
  * License: Apache 2
5
5
  * Author: https://elmah.io
@@ -18,6 +18,10 @@
18
18
  }
19
19
  }(typeof self !== 'undefined' ? self : this, function() {
20
20
 
21
+ // Prevent SQL keywords
22
+ var sqlKeywords = "INNER JOIN|DELETE|SELECT|FROM|WHERE|INSERT|UPDATE";
23
+ var preventSQL = `(?!${sqlKeywords})`;
24
+
21
25
  function netStack(element, options) {
22
26
  if (typeof document !== 'undefined') {
23
27
  if (typeof element === 'string') {
@@ -100,7 +104,7 @@
100
104
  repl: null
101
105
  },
102
106
  {
103
- find: new RegExp('(\\s)' + at_language + ' ([^-:]*?)\\((.*?)\\)', 'g'),
107
+ find: new RegExp('(\\s)' + at_language + ' ' + preventSQL + '([^-:)]*?)\\((.*?)\\)', 'g'),
104
108
  repl: null
105
109
  }
106
110
  ];
@@ -141,19 +145,19 @@
141
145
 
142
146
  netStack.prototype.init = function() {
143
147
  // Get the stacktrace, sanitize it, and split it into lines
144
- var stacktrace = this.element.textContent,
148
+ var stacktrace = this.element.textContent.trim(), // trim empty spaces and lines before and after stacktrace
145
149
  sanitizedStack = stacktrace.replace(/</g, '&lt;').replace(/>/g, '&gt;'),
146
150
  lines = sanitizedStack.split('\n'),
147
151
  lang = '',
148
152
  clone = '';
149
153
 
150
- var languagesRegex = {
151
- english: /\s+at .*?\)/g,
152
- danish: /\s+ved .*?\)/g,
153
- german: /\s+bei .*?\)/g,
154
- spanish: /\s+en .*?\)/g,
155
- russian: /\s+в .*?\)/g,
156
- chinese: /\s+在 .*?\)/g
154
+ const languagesRegex = {
155
+ english: new RegExp(`\\s+at ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g"),
156
+ danish: new RegExp(`\\s+ved ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g"),
157
+ german: new RegExp(`\\s+bei ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g"),
158
+ spanish: new RegExp(`\\s+en ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g"),
159
+ russian: new RegExp(`\\s+в ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g"),
160
+ chinese: new RegExp(`\\s+在 ${preventSQL}([^-:)]*?)\\(.*?\\)`, "g")
157
161
  };
158
162
 
159
163
  // look for the language(s) in the stack trace
@@ -213,9 +217,8 @@
213
217
  }
214
218
 
215
219
  if (hli.test(lines[i])) {
216
-
217
220
  // Frame
218
- var regFrame = new RegExp('(\\S*)' + languageSet.at + ' .*?\\)'),
221
+ var regFrame = new RegExp('(\\S*)' + languageSet.at + ' ' + preventSQL + '[^-:)]*?\\(.*?\\)'),
219
222
  partsFrame = String(regFrame.exec(lines[i]));
220
223
 
221
224
  if (partsFrame.substring(partsFrame.length - 1) == ',') {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "netstack.js",
3
- "version": "2.1.1",
3
+ "version": "2.1.3",
4
4
  "description": "A simple and easy JavaScript library for highlighting .NET stack traces",
5
5
  "main": "netstack.js",
6
6
  "scripts": {