Skip to content

Commit ce20e6b

Browse files
committed
Fixes for secrets: improved secret name validation.
1 parent 58ef53d commit ce20e6b

3 files changed

Lines changed: 3 additions & 3 deletions

File tree

src/Controller/SecretController.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -100,7 +100,7 @@ public function edit(?int $secretId = null)
100100
$field
101101
->setClass('form-control')
102102
->setContainerClass('form-group')
103-
->setPattern('^[^\s]+')
103+
->setPattern('^[-_\w\d]+$')
104104
->setValue($secret->getName());
105105
$form->addField($field);
106106

src/Form/Input.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -129,7 +129,7 @@ public function validate(): bool
129129
return false;
130130
}
131131

132-
if ($this->getPattern() && !\preg_match('/' . $this->getPattern() . '/', (string)$this->getValue())) {
132+
if ($this->getPattern() && !\preg_match('#' . $this->getPattern() . '#', (string)$this->getValue())) {
133133
$this->error = 'Invalid value entered.';
134134

135135
return false;

src/Helper/BuildInterpolator.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -103,7 +103,7 @@ private function realtimeInterpolate(string $input): string
103103

104104
private function secretInterpolate(string $input): string
105105
{
106-
\preg_match_all('#%SECRET:(.+?)%#', $input, $matches);
106+
\preg_match_all('#%SECRET:([-_\w\d]+)?%#', $input, $matches);
107107
if (!empty($matches[0])) {
108108
$secrets = $this->secretStore->getByNames($matches[1]);
109109
$finalSecrets = [];

0 commit comments

Comments
 (0)