f83e766610719968654cdab4a63ebee5cf1abfbb Dev: CodeQL has a false posi…

…tive on the HTML removal regex, but it appears a length check (even one that doesn't do anything like this) will stop the warning (which, as noted is a false positive in this case, since there can be no catastrophic backtracking with this expression). Sync to source repo @f83e766610719968654cdab4a63ebee5cf1abfbb
DataTables · Apr 10, 2024 · 1f609ac · 1f609ac
1 parent cf028fb
commit 1f609ac
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 5 deletions.
diff --git a/datatables.json b/datatables.json
@@ -11,5 +11,5 @@
     ],
     "src-repo": "http://github.com/DataTables/DataTablesSrc",
     "last-tag": "2.0.3",
-    "last-sync": "6944c25bde6715119e96a47c7b3b4d2010110dde"
+    "last-sync": "f83e766610719968654cdab4a63ebee5cf1abfbb"
 }
diff --git a/js/dataTables.js b/js/dataTables.js
@@ -1285,9 +1285,13 @@
 
 	// Replaceable function in api.util
 	var _stripHtml = function (input) {
+		if (! input.length) {
+			return input;
+		}
+
 		var previous;
 
-		input = input.replace(/<[^>]*>/g, ''); // Complete tags
+		input = input.replace(_re_html, ''); // Complete tags
 
 		// Safety for incomplete script tag - use do / while to ensure that
 		// we get all instances

diff --git a/js/dataTables.min.js b/js/dataTables.min.js
diff --git a/js/dataTables.min.mjs b/js/dataTables.min.mjs
diff --git a/js/dataTables.mjs b/js/dataTables.mjs
@@ -1232,9 +1232,13 @@ var _removeEmpty = function ( a )
 
 // Replaceable function in api.util
 var _stripHtml = function (input) {
+	if (! input.length) {
+		return input;
+	}
+
 	var previous;
 
-	input = input.replace(/<[^>]*>/g, ''); // Complete tags
+	input = input.replace(_re_html, ''); // Complete tags
 
 	// Safety for incomplete script tag - use do / while to ensure that
 	// we get all instances