RegEx filters proposition

rafuru · August 17, 2022, 11:52am

I noticed that Retool introduces databases. In the screenshot showing the functionalities, I noticed the option of regular expressions to filter the data.

I think this would be a useful feature in the GUI (not sure if it exists in the API).
In my case, I could create views that show only specific customer data based on filtering the UUID field.

Alex · August 18, 2022, 8:58am

I guess we would need to be careful if we execute the regex on API level since you can craft a regex that can cause a denial of service. Regular expression Denial of Service - ReDoS | OWASP Foundation

Maybe there is a way to sanitise the data to not run into that issue though.

olgatrykush · August 22, 2022, 10:22am

Hello @rafuru, we love the idea, but as @Alex mentioned, there are some security concerns we worry about. We plan to brainstorm on the implementation of this feature, and we invite everyone interested to take part and share their ideas