RegEx filters proposition

I noticed that Retool introduces databases. In the screenshot showing the functionalities, I noticed the option of regular expressions to filter the data.

I think this would be a useful feature in the GUI (not sure if it exists in the API).
In my case, I could create views that show only specific customer data based on filtering the UUID field.


I guess we would need to be careful if we execute the regex on API level since you can craft a regex that can cause a denial of service. Regular expression Denial of Service - ReDoS | OWASP Foundation

Maybe there is a way to sanitise the data to not run into that issue though.

Hello @rafuru, we love the idea, but as @Alex mentioned, there are some security concerns we worry about. We plan to brainstorm on the implementation of this feature, and we invite everyone interested to take part and share their ideas :raised_hands:

1 Like

Catastrophic backtracking DoS isn’t an issue with libraries like RE2 (which has been around 10 years)