We are sunsetting Hakiri on January 31 2022. To learn more please refer to this document.

Discovered almost 5 years ago
Source: static code analysis
Category: Format Validation
Confidence level: High


Insufficient validation for 'website' using /(^$)|(^(http|https):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,10}(([0-9]{1,5})?\/.*)?$)/ix. Use \A and \z as anchors



Category description: Using ^ and $ in validates_format_of is not sufficient, as they will only match up a new line. Use \A and \z instead.

Solution: fix the issue in app/models/user_profile.rb or mark it as false positive.