MSK MSK - 7 months ago 29
Ruby Question

ArgumentError: The provided regular expression is using multiline anchors (^ or $)

I have added password restrictions to my code. after that i am getting an error of:

ArgumentError: The provided regular expression is using multiline anchors (^ or $), which may present a security risk. Did you mean to use \A and \z, or forgot to add the :multiline => true option?


My user.rb file is

validates :password, :format => {:with => /^(?=.*[a-zA-Z])(?=.*[0-9]).{6,}$/}

Answer

The difference between ^ $ and \A \z pairs is that the first matches the line-by-line, therefore requires multiline mode enabled to proper work, and the second matches the whole string, from begin to end consequently. Please see the definitions in ruby docs.