containsDangerousContent method
Checks if the input contains dangerous content.
Detects:
- Script tags (
<script>...</script>) - HTML tags (
<...>) - SQL injection patterns (
DROP TABLE,SELECT * FROM,INSERT INTO,--)
input is the text to check.
Returns true if dangerous content is detected, false otherwise.
Implementation
bool containsDangerousContent(String input) {
final patterns = [
RegExp(r'<script.*?>.*?</script>', caseSensitive: false),
RegExp(r'<.*?>', caseSensitive: false),
RegExp(r'drop\s+table', caseSensitive: false),
RegExp(r'select\s+\*?\s*from', caseSensitive: false),
RegExp(r'insert\s+into', caseSensitive: false),
RegExp(r'--', caseSensitive: false),
];
return patterns.any((p) => p.hasMatch(input));
}