Removed divide char and added comment restriction

crawlers/mooncrawl/mooncrawl/stats_worker/queries.py

@@ -23,7 +23,7 @@ from ..settings import MOONSTREAM_S3_QUERIES_BUCKET_PREFIX
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
 
-QUERY_REGEX = re.compile("[\[\]@#$%^&?;`/]")
+QUERY_REGEX = re.compile(r"[\[\]@#$%^&?;`]|/\*|\*/")
 
 
 class QueryNotValid(Exception):

crawlers/mooncrawl/mooncrawl/stats_worker/test_queries.py

@@ -60,6 +60,6 @@ class TestQueries(unittest.TestCase):
 
         with self.assertRaises(queries.QueryNotValid):
             queries.query_validation("OR(1=1)#")
-
+        
         with self.assertRaises(queries.QueryNotValid):
-            queries.query_validation("/etc/hosts")
+            queries.query_validation("0/**/or/**/1")