Is Regexp.new (user_input) in ruby safe?
1 answer
Sounds good if you allow any regexp to be created may be unsafe (possibly DOS reason) as regexp can be cpu intensive.
I would not like my client to be free to create their own regex.
https://www.owasp.org/index.php/Regular_expression_Denial_of_Service_-_ReDoS
0
source to share