From 6a64dfe4b247e14a6a056d2c76e95a4362c3004b Mon Sep 17 00:00:00 2001
From: Tom Moor <tom@getoutline.com>
Date: Mon, 8 Nov 2021 22:46:30 -0800
Subject: [PATCH] fix: code scanning alerts (#2750)

---
 app/utils/routeHelpers.js            | 2 +-
 server/presenters/slackAttachment.js | 2 +-
 server/utils/robots.js               | 4 +++-
 shared/embeds/Diagrams.js            | 2 +-
 shared/embeds/InVision.js            | 8 ++------
 5 files changed, 8 insertions(+), 10 deletions(-)

diff --git a/app/utils/routeHelpers.js b/app/utils/routeHelpers.js
index 8793900e..42903ca5 100644
--- a/app/utils/routeHelpers.js
+++ b/app/utils/routeHelpers.js
@@ -96,7 +96,7 @@ export function searchUrl(
   let route = "/search";
 
   if (query) {
-    route += `/${encodeURIComponent(query.replace("%", "%25"))}`;
+    route += `/${encodeURIComponent(query.replace(/%/g, "%25"))}`;
   }
 
   search = search ? `?${search}` : "";
diff --git a/server/presenters/slackAttachment.js b/server/presenters/slackAttachment.js
index 70b1de31..d5224c89 100644
--- a/server/presenters/slackAttachment.js
+++ b/server/presenters/slackAttachment.js
@@ -18,7 +18,7 @@ export default function present(
   // the context contains <b> tags around search terms, we convert them here
   // to the markdown format that slack expects to receive.
   const text = context
-    ? context.replace(/<\/?b>/g, "*").replace("\n", "")
+    ? context.replace(/<\/?b>/g, "*").replace(/\n/g, "")
     : document.getSummary();
 
   return {
diff --git a/server/utils/robots.js b/server/utils/robots.js
index 9905335c..36be6710 100644
--- a/server/utils/robots.js
+++ b/server/utils/robots.js
@@ -5,5 +5,7 @@ const DISALLOW_ROBOTS = `User-agent: *
 Disallow: /`;
 
 export const robotsResponse = (ctx: Context): ?string => {
-  if (ctx.headers.host.indexOf("getoutline.com") < 0) return DISALLOW_ROBOTS;
+  if (process.env.DEPLOYMENT !== "hosted") {
+    return DISALLOW_ROBOTS;
+  }
 };
diff --git a/shared/embeds/Diagrams.js b/shared/embeds/Diagrams.js
index eca9c54f..11937a09 100644
--- a/shared/embeds/Diagrams.js
+++ b/shared/embeds/Diagrams.js
@@ -3,7 +3,7 @@ import * as React from "react";
 import Frame from "./components/Frame";
 import Image from "./components/Image";
 
-const URL_REGEX = new RegExp("^https://viewer.diagrams.net/.*(title=\\w+)?");
+const URL_REGEX = /^https:\/\/viewer\.diagrams\.net\/.*(title=\\w+)?/;
 
 type Props = {|
   attrs: {|
diff --git a/shared/embeds/InVision.js b/shared/embeds/InVision.js
index cbc698c2..d5261049 100644
--- a/shared/embeds/InVision.js
+++ b/shared/embeds/InVision.js
@@ -3,13 +3,9 @@ import * as React from "react";
 import ImageZoom from "react-medium-image-zoom";
 import Frame from "./components/Frame";
 
-const IFRAME_REGEX = new RegExp(
-  "^https://(invis.io/.*)|(projects.invisionapp.com/share/.*)$"
-);
+const IFRAME_REGEX = /^https:\/\/(invis\.io\/.*)|(projects\.invisionapp\.com\/share\/.*)$/;
 
-const IMAGE_REGEX = new RegExp(
-  "^https://(opal.invisionapp.com/static-signed/live-embed/.*)$"
-);
+const IMAGE_REGEX = /^https:\/\/(opal\.invisionapp\.com\/static-signed\/live-embed\/.*)$/;
 
 type Props = {|
   isSelected: boolean,