fix(select): sanitize user input before searching options (#11855)

Fixes #11854

Co-authored-by: Michael Prentice <[email protected]>

Author: psamim

src/components/autocomplete/js/highlightController.js

@@ -2,10 +2,11 @@ angular
     .module('material.components.autocomplete')
     .controller('MdHighlightCtrl', MdHighlightCtrl);
 
-function MdHighlightCtrl ($scope, $element, $attrs) {
+function MdHighlightCtrl ($scope, $element, $attrs, $mdUtil) {
   this.$scope = $scope;
   this.$element = $element;
   this.$attrs = $attrs;
+  this.$mdUtil = $mdUtil;
 
   // Cache the Regex to avoid rebuilding each time.
   this.regex = null;
@@ -104,15 +105,10 @@ MdHighlightCtrl.prototype.resolveTokens = function(string) {
 /** Creates a regex for the specified text with the given flags. */
 MdHighlightCtrl.prototype.createRegex = function(term, flags) {
   var startFlag = '', endFlag = '';
-  var regexTerm = this.sanitizeRegex(term);
+  var regexTerm = this.$mdUtil.sanitize(term);
 
   if (flags.indexOf('^') >= 0) startFlag = '^';
   if (flags.indexOf('$') >= 0) endFlag = '$';
 
   return new RegExp(startFlag + regexTerm + endFlag, flags.replace(/[$^]/g, ''));
 };
-
-/** Sanitizes a regex by removing all common RegExp identifiers */
-MdHighlightCtrl.prototype.sanitizeRegex = function(term) {
-  return term && term.toString().replace(/[\\^$*+?.()|{}[\]]/g, '\\$&');
-};

src/components/select/select.js

@@ -717,7 +717,7 @@ function SelectMenuDirective($parse, $mdUtil, $mdConstant, $mdTheming) {
       }, CLEAR_SEARCH_AFTER);
 
       searchStr += e.key;
-      var search = new RegExp('^' + searchStr, 'i');
+      var search = new RegExp('^' + $mdUtil.sanitize(searchStr), 'i');
       if (!optNodes) {
         optNodes = $element.find('md-option');
         optText = new Array(optNodes.length);
@@ -730,6 +730,7 @@ function SelectMenuDirective($parse, $mdUtil, $mdConstant, $mdTheming) {
           return optNodes[i];
         }
       }
+
     };
 
     self.init = function(ngModel, binding) {

src/core/util/util.js

@@ -996,6 +996,16 @@ function UtilFactory($document, $timeout, $compile, $rootScope, $$mdAnimate, $in
       if (path.indexOf(window) === -1)
         path.push(window);
       return path;
+    },
+
+    /**
+     * Gets the string the user has entered and removes Regex identifiers
+     * @param {string} term
+     * @returns {string} sanitized string
+     */
+    sanitize: function(term) {
+      if (!term) return term;
+      return term.replace(/[\\^$*+?.()|{}[]]/g, '\\$&');
     }
   };
 

src/core/util/util.spec.js

@@ -752,4 +752,20 @@ describe('util', function() {
       expect($mdUtil.uniq(myArray)).toEqual([1, 2, 3, 4]);
     });
   });
+
+  describe('sanitize', function() {
+    var $mdUtil;
+
+    beforeEach(inject(function(_$mdUtil_) {
+      $mdUtil = _$mdUtil_;
+    }));
+
+    it('Removes Regex indentifiers in a text', function() {
+
+      // eslint-disable-next-line no-useless-escape
+      var myText = '\+98';
+
+      expect($mdUtil.sanitize(myText)).toEqual('+98');
+    });
+  });
 });