fix: added support for special symbols in regex and added tpe support for includeContentType param

sunil-lakshman · sunil-lakshman · commit a1e6041260e7 · 2026-03-09T10:55:57.000+05:30
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+### Version: 5.1.1
+#### Date: Mar-09-2026
+Fix: Added support of special symbols in regex method with safe pattern.
+
 ### Version: 5.1.0
 #### Date: Mar-02-2026
 Fix: Added support of asset fields in assets & entries class.
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@contentstack/delivery-sdk",
-  "version": "5.1.0",
+  "version": "5.1.1",
   "type": "module",
   "license": "MIT",
   "engines": {
diff --git a/src/common/types.ts b/src/common/types.ts
@@ -337,9 +337,10 @@ export interface BaseContentType {
   schema: any;
 }
 
-export interface FindResponse<T> {
+export interface FindResponse<T, TContentType = unknown> {
   entries?: T[];
-  content_types?: T[];
+  content_type?: TContentType;
+  content_types?: TContentType[];
   assets?: T[];
   global_fields?: T[];
   count?: number;
diff --git a/src/query/query.ts b/src/query/query.ts
@@ -34,7 +34,7 @@ export class Query extends BaseQuery {
     // Expanded whitelist: includes spaces and common safe special characters
     // Allows: alphanumeric, regex metacharacters, regular spaces, and common punctuation
     // Blocks: control characters (newlines, tabs, null bytes), backticks, and other dangerous chars
-    const validRegex = /^[a-zA-Z0-9|^$.*+?()[\]{}:,;&@#%=/!'"_~<> -]+$/;
+    const validRegex = /^[a-zA-Z0-9|^$.*+?()[\]{}\\:,;&@#%=/!'"_~<>` -]+$/;
     if (!validRegex.test(input)) {
       return false;
     }
diff --git a/test/unit/query.spec.ts b/test/unit/query.spec.ts
@@ -137,6 +137,12 @@ describe('Query class', () => {
       expect(regexQuery._parameters['email'].$regex).toBe('.*@example.com.*');
     });
 
+    it('should accept escaped regex metacharacters from user input', () => {
+      const regexQuery = getQueryObject(client, 'contentTypeUid');
+      expect(() => regexQuery.regex('title', '.*debt\\?.*', 'i')).not.toThrow();
+      expect(regexQuery._parameters['title']).toEqual({ $regex: '.*debt\\?.*', $options: 'i' });
+    });
+
     it('should accept regex pattern with semicolon, equals, slash', () => {
       const regexQuery = getQueryObject(client, 'contentTypeUid');
       expect(() => regexQuery.regex('url', '.*https://example.com.*', 'i')).not.toThrow();

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@contentstack/delivery-sdk",`
`3`		`- "version": "5.1.0",`
	`3`	`+ "version": "5.1.1",`
`4`	`4`	`"type": "module",`
`5`	`5`	`"license": "MIT",`
`6`	`6`	`"engines": {`
Original file line number	Diff line number	Diff line change
`@@ -34,7 +34,7 @@ export class Query extends BaseQuery {`
`34`	`34`	`// Expanded whitelist: includes spaces and common safe special characters`
`35`	`35`	`// Allows: alphanumeric, regex metacharacters, regular spaces, and common punctuation`
`36`	`36`	`// Blocks: control characters (newlines, tabs, null bytes), backticks, and other dangerous chars`
`37`		`- const validRegex = /^[a-zA-Z0-9\|^$.*+?()[\]{}:,;&@#%=/!'"_~<> -]+$/;`
	`37`	+ const validRegex = /^[a-zA-Z0-9\|^$.*+?()[\]{}\\:,;&@#%=/!'"_~<>` -]+$/;
`38`	`38`	`if (!validRegex.test(input)) {`
`39`	`39`	`return false;`
`40`	`40`	`}`