fix(backend): SQLのサニタイズを強化 (#14920)

* Fix code scanning alert no. 28: Incomplete string escaping or encoding (MisskeyIO#800)

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
(cherry picked from commit 443335c662b14f609d6a81a8f3807e95709aebc1)

* ✌️

---------

Co-authored-by: あわわわとーにゅ <17376330+u1-liquid@users.noreply.github.com>
This commit is contained in:
かっこかり 2024-11-09 10:51:28 +09:00 committed by GitHub
parent 8a4ce16e90
commit 98b4717c45
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -4,5 +4,5 @@
*/
export function sqlLikeEscape(s: string) {
return s.replace(/([%_])/g, '\\$1');
return s.replace(/([\\%_])/g, '\\$1');
}