From e4f4f61760fc97df8fbf3e4b290fb0c73f1ab5eb Mon Sep 17 00:00:00 2001
From: Brayan Bonilla <bbonilla@arcbtech.com>
Date: Fri, 11 Apr 2025 16:09:32 -0500
Subject: [PATCH 1/2] fix: prevent ReDoS in URL regex pattern

---
 js/foundation.abide.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/foundation.abide.js b/js/foundation.abide.js
index c5919b028a..4e8f34ab81 100644
--- a/js/foundation.abide.js
+++ b/js/foundation.abide.js
@@ -861,7 +861,7 @@ Abide.defaults = {
     // From CommonRegexJS (@talyssonoc)
     // https://github.com/talyssonoc/CommonRegexJS/blob/e2901b9f57222bc14069dc8f0598d5f412555411/lib/commonregex.js#L76
     // For more restrictive URL Regexs, see https://mathiasbynens.be/demo/url-regex.
-    url: /^((?:(https?|ftps?|file|ssh|sftp):\/\/|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}\/)(?:[^\s()<>]+|\((?:[^\s()<>]+|(?:\([^\s()<>]+\)))*\))+(?:\((?:[^\s()<>]+|(?:\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:\'".,<>?\xab\xbb\u201c\u201d\u2018\u2019]))$/,
+    url: /^(?:(https?|ftps?|file|ssh|sftp):\/\/|www\d{0,3}[.]|[a-z0-9.\-]+\.[a-z]{2,4}\/)(?:[^\s()<>]+(?:\((?:[^\s()<>]+|\([^\s()<>]+\))?\)[^\s()<>]+)*)(?:\((?:[^\s()<>]+|\([^\s()<>]+\))?\)|[^\s`!()\[\]{};:'".,<>?\xab\xbb\u201c\u201d\u2018\u2019])$/,
 
     // abc.de
     domain : /^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,8}$/,

From 8d91ed65a290a418c0921999ca8d85ea47fda258 Mon Sep 17 00:00:00 2001
From: Brayan Bonilla <bbonilla@arcbtech.com>
Date: Mon, 14 Apr 2025 12:00:16 -0500
Subject: [PATCH 2/2] meet sonarcup requirements

---
 js/foundation.abide.js | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/js/foundation.abide.js b/js/foundation.abide.js
index 4e8f34ab81..2991d7c6d8 100644
--- a/js/foundation.abide.js
+++ b/js/foundation.abide.js
@@ -861,8 +861,15 @@ Abide.defaults = {
     // From CommonRegexJS (@talyssonoc)
     // https://github.com/talyssonoc/CommonRegexJS/blob/e2901b9f57222bc14069dc8f0598d5f412555411/lib/commonregex.js#L76
     // For more restrictive URL Regexs, see https://mathiasbynens.be/demo/url-regex.
-    url: /^(?:(https?|ftps?|file|ssh|sftp):\/\/|www\d{0,3}[.]|[a-z0-9.\-]+\.[a-z]{2,4}\/)(?:[^\s()<>]+(?:\((?:[^\s()<>]+|\([^\s()<>]+\))?\)[^\s()<>]+)*)(?:\((?:[^\s()<>]+|\([^\s()<>]+\))?\)|[^\s`!()\[\]{};:'".,<>?\xab\xbb\u201c\u201d\u2018\u2019])$/,
-
+    url: (function() {
+      const protocol = '(?:https?|ftps?|file|ssh|sftp):\\/\\/';
+      const www      = 'www\\d{0,3}[.]';
+      const domain   = '[a-z0-9.\\-]+[.][a-z]{2,4}\\/';
+      const body = '(?:[^\\s()<>]+|\\((?:[^\\s()<>]+|(?:\\([^\\s()<>]+\\)))*\\))+' +
+                   '(?:\\((?:[^\\s()<>]+|(?:\\([^\\s()<>]+\\)))*\\)|[^\\s`!()\\[\\]{};:\'".,<>?\\xab\\xbb\\u201c\\u201d\\u2018\\u2019])';
+      return new RegExp(`^((?:${protocol}|${www}|${domain})${body})$`, 'i');
+    })(),
+    
     // abc.de
     domain : /^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z]{2,8}$/,