Why is [^ ...] in / RegExp / not protected?

Question

Why is [^ ...] in / RegExp / not protected?

jslint detects my following code as unsafe:

/([^\n]+)([\n\s]*)/g

Later I found out that there is a lint option:

"and [^ ...] in / RegExp /"

which you can find here here

Why is it not safe?

+3

javascript regex

Nicolas S. Xu 06 jan. At 4:07 am

source to share

1 answer

ianaya89 · Answer 1 · 2015-01-06T04:15:15+0000

The problem is with the character [^ ...] you resolve practically in your regex and jshint detects a security threat.

This is what the jslint docs says about [^ ...]:

true if. and [^ ...] must be allowed in RegExp literals. They match more material than one would expect, allowing attackers to obfuscate the Applications. These forms should not be used when checking in secure applications.

Why is [^ ...] in / RegExp / not protected?

More articles: