refactor(api): replace regex string literals with Pattern instances for improved performance and readability (#5680)

# Description of Changes

<!--
Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)
-->

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### Translations (if applicable)

- [ ] I ran
[`scripts/counter_translation.py`](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/docs/counter_translation.md)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.

---------

Signed-off-by: Balázs Szücs <bszucs1209@gmail.com>

app/common/src/main/java/stirling/software/common/service/MobileScannerService.java

@@ -9,6 +9,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.concurrent.ConcurrentHashMap;
+import java.util.regex.Pattern;
 
 import org.springframework.scheduling.annotation.Scheduled;
 import org.springframework.stereotype.Service;
@@ -25,6 +26,9 @@ import lombok.extern.slf4j.Slf4j;
 public class MobileScannerService {
 
     private static final long SESSION_TIMEOUT_MS = 10 * 60 * 1000; // 10 minutes
+    private static final Pattern FILENAME_SANITIZE_PATTERN = Pattern.compile("[^a-zA-Z0-9._-]");
+    private static final Pattern SESSION_ID_VALIDATION_PATTERN = Pattern.compile("[a-zA-Z0-9-]+");
+    private static final Pattern FILE_EXTENSION_PATTERN = Pattern.compile("[.][^.]+$");
     private final Map<String, SessionData> activeSessions = new ConcurrentHashMap<>();
     private final Path tempDirectory;
 
@@ -121,7 +125,8 @@ public class MobileScannerService {
             // Handle duplicate filenames
             int counter = 1;
             while (Files.exists(filePath)) {
-                String nameWithoutExt = safeFilename.replaceFirst("[.][^.]+$", "");
+                String nameWithoutExt =
+                        FILE_EXTENSION_PATTERN.matcher(safeFilename).replaceFirst("");
                 String ext =
                         safeFilename.contains(".")
                                 ? safeFilename.substring(safeFilename.lastIndexOf("."))
@@ -271,14 +276,14 @@ public class MobileScannerService {
             throw new IllegalArgumentException("Session ID cannot be empty");
         }
         // Basic validation: alphanumeric and hyphens only
-        if (!sessionId.matches("[a-zA-Z0-9-]+")) {
+        if (!SESSION_ID_VALIDATION_PATTERN.matcher(sessionId).matches()) {
             throw new IllegalArgumentException("Invalid session ID format");
         }
     }
 
     private String sanitizeFilename(String filename) {
         // Remove path traversal attempts and dangerous characters
-        String sanitized = filename.replaceAll("[^a-zA-Z0-9._-]", "_");
+        String sanitized = FILENAME_SANITIZE_PATTERN.matcher(filename).replaceAll("_");
         // Ensure we have a non-empty, safe filename
         if (sanitized.isBlank()) {
             sanitized = "upload-" + System.currentTimeMillis();

app/common/src/main/java/stirling/software/common/util/SvgSanitizer.java

@@ -47,6 +47,7 @@ public class SvgSanitizer {
     private static final Pattern DATA_SCRIPT_PATTERN =
             Pattern.compile(
                     "^\\s*data\\s*:[^,]*(?:script|javascript|vbscript)", Pattern.CASE_INSENSITIVE);
+    private static final Pattern NULL_BYTE_PATTERN = Pattern.compile("\u0000");
     private final SsrfProtectionService ssrfProtectionService;
     private final ApplicationProperties applicationProperties;
 
@@ -210,7 +211,7 @@ public class SvgSanitizer {
 
         String result = url.trim();
 
-        result = result.replaceAll("\u0000", "");
+        result = NULL_BYTE_PATTERN.matcher(result).replaceAll("");
 
         for (int i = 0; i < 3; i++) {
             try {