Skip to content

Commit

Permalink
Merge pull request #448 from decentralized-identity/fix/issue-428
Browse files Browse the repository at this point in the history
Fixed possible dangerous application of Regex in examples
  • Loading branch information
csuwildcat authored Oct 5, 2023
2 parents 50b335d + bb11970 commit 1c24b0b
Show file tree
Hide file tree
Showing 8 changed files with 18 additions and 19 deletions.
2 changes: 1 addition & 1 deletion test/presentation-definition/basic_example.json
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
"purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor, or regulatory authority.",
"filter": {
"type": "string",
"pattern": "did:example:123|did:example:456"
"pattern": "^did:example:123$|^did:example:456$"
},
"intent_to_retain": true
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"path": ["$.status"],
"filter": {
"type": "string",
"pattern": "active"
"pattern": "^active$"
}
}
]
Expand Down
4 changes: 2 additions & 2 deletions test/presentation-definition/input_descriptors_example.json
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
"path": ["$.credentialSchema.id", "$.vc.credentialSchema.id"],
"filter": {
"type": "string",
"pattern": "https://bank-schemas.org/1.0.0/accounts.json|https://bank-schemas.org/2.0.0/accounts.json"
"pattern": "^https://bank-schemas.org/1.0.0/accounts.json|https://bank-schemas.org/2.0.0/accounts.json$"
}
},
{
Expand All @@ -27,7 +27,7 @@
"purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor or regulatory authority.",
"filter": {
"type": "string",
"pattern": "did:example:123|did:example:456"
"pattern": "^did:example:123$|^did:example:456$"
},
"intent_to_retain": true
},
Expand Down
10 changes: 5 additions & 5 deletions test/presentation-definition/multi_group_example.json
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@
"properties": {
"id": {
"type": "string",
"pattern": "https://bank-standards.example.com#accounts"
"pattern": "^https://bank-standards.example.com#accounts$"
}
},
"required": ["id"]
Expand All @@ -57,7 +57,7 @@
"properties": {
"id": {
"type": "string",
"pattern": "https://bank-standards.example.com#investments"
"pattern": "^https://bank-standards.example.com#investments$"
}
},
"required": ["id"]
Expand All @@ -71,7 +71,7 @@
"purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor or regulatory authority.",
"filter": {
"type": "string",
"pattern": "did:example:123|did:example:456"
"pattern": "^did:example:123$|^did:example:456$"
}
},
{
Expand Down Expand Up @@ -110,7 +110,7 @@
"path": ["$.credentialSchema.id", "$.vc.credentialSchema.id"],
"filter": {
"type": "string",
"pattern": "https://bank-schemas.org/1.0.0/accounts.json|https://bank-schemas.org/2.0.0/accounts.json"
"pattern": "^https://bank-schemas.org/1.0.0/accounts.json|https://bank-schemas.org/2.0.0/accounts.json$"
}
},
{
Expand All @@ -122,7 +122,7 @@
"purpose": "We can only verify bank accounts if they are attested by a trusted bank, auditor or regulatory authority.",
"filter": {
"type": "string",
"pattern": "did:example:123|did:example:456"
"pattern": "^did:example:123$|^did:example:456$"
}
},
{
Expand Down
2 changes: 1 addition & 1 deletion test/presentation-definition/pd_filter.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"type": "array",
"contains": {
"type": "string",
"pattern": "<the type of VC e.g. degree certificate>"
"pattern": "^<the type of VC e.g. degree certificate>$"
}
}
}
Expand Down
8 changes: 4 additions & 4 deletions test/presentation-definition/pd_filter2.json
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"$defs": {
"typeString": {
"type": "string",
"pattern": "https://train.trust-scheme.de/info"
"pattern": "^https://train.trust-scheme.de/info$"
},
"typeStringOrArray": {
"anyOf": [
Expand All @@ -33,7 +33,7 @@
},
"trustSchemeString": {
"type": "string",
"pattern": "worldbankfederation.com"
"pattern": "^worldbankfederation.com$"
},
"trustSchemeStringOrArray": {
"anyOf": [
Expand Down Expand Up @@ -78,7 +78,7 @@
}
},
"$ref": "#/$defs/tosObjectOrArray"
}
}
},
{
"path": [
Expand All @@ -88,7 +88,7 @@
"type": "array",
"contains": {
"type": "string",
"pattern": "creditCard"
"pattern": "^creditCard$"
}
}
}
Expand Down
7 changes: 3 additions & 4 deletions test/presentation-definition/pd_filter2_simplified.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
],
"filter": {
"type": "string",
"pattern": "https://train.trust-scheme.de/info"
"pattern": "^https://train.trust-scheme.de/info$"
}
},
{
Expand All @@ -23,7 +23,7 @@
],
"filter": {
"type": "string",
"pattern": "worldbankfederation.com"
"pattern": "^worldbankfederation.com$"
}
},
{
Expand All @@ -32,7 +32,7 @@
],
"filter": {
"type": "string",
"pattern": "creditCard"
"pattern": "^creditCard$"
}
}
]
Expand All @@ -41,4 +41,3 @@
]
}
}

2 changes: 1 addition & 1 deletion test/presentation-definition/single_group_example.json
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@
"purpose": "We can only accept digital driver's licenses issued by national authorities of member states or trusted notarial auditors.",
"filter": {
"type": "string",
"pattern": "did:example:gov1|did:example:gov2"
"pattern": "^did:example:gov1$|^did:example:gov2$"
}
},
{
Expand Down

0 comments on commit 1c24b0b

Please sign in to comment.