UNPKG

safe-regex/README.md

Version:

1.48 kBMarkdownView Raw

1# safe-regex
2
3Detect potentially
4[catastrophic](http://regular-expressions.mobi/catastrophic.html)
5[exponential-time](http://perlgeek.de/blog-en/perl-tips/in-search-of-an-exponetial-regexp.html)
6regular expressions by limiting the
7[star height](https://en.wikipedia.org/wiki/Star_height) to 1.
8
9WARNING: This module has both false positives and false negatives.
10Use [vuln-regex-detector](https://github.com/davisjam/vuln-regex-detector) for improved accuracy.
11
12[![browser support](https://ci.testling.com/substack/safe-regex.png)](https://ci.testling.com/substack/safe-regex)
13
14[![build status](https://secure.travis-ci.org/substack/safe-regex.png)](http://travis-ci.org/substack/safe-regex)
15
16# Example
17
18``` js
19var safe = require('safe-regex');
20var regex = process.argv.slice(2).join(' ');
21console.log(safe(regex));
22```
23
24```
25$ node safe.js '(x+x+)+y'
26false
27$ node safe.js '(beep|boop)*'
28true
29$ node safe.js '(a+){10}'
30false
31$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland|San Francisco)\b'
32true
33```
34
35# Methods
36
37``` js
38const safe = require('safe-regex')
39```
40
41## const ok = safe(re, opts={})
42
43Return a boolean `ok` whether or not the regex `re` is safe and not possibly
44catastrophic.
45
46`re` can be a `RegExp` object or just a string.
47
48If the `re` is a string and is an invalid regex, returns `false`.
49
50* `opts.limit` - maximum number of allowed repetitions in the entire regex.
51Default: `25`.
52
53# Install
54
55With [npm](https://npmjs.org) do:
56
57```
58npm install safe-regex
59```
60
61# License
62
63MIT

1	`# safe-regex`
2
3	`Detect potentially`
4	`[catastrophic](http://regular-expressions.mobi/catastrophic.html)`
5	`[exponential-time](http://perlgeek.de/blog-en/perl-tips/in-search-of-an-exponetial-regexp.html)`
6	`regular expressions by limiting the`
7	`[star height](https://en.wikipedia.org/wiki/Star_height) to 1.`
8
9	`WARNING: This module has both false positives and false negatives.`
10	`Use [vuln-regex-detector](https://github.com/davisjam/vuln-regex-detector) for improved accuracy.`
11
12	`[![browser support](https://ci.testling.com/substack/safe-regex.png)](https://ci.testling.com/substack/safe-regex)`
13
14	`[![build status](https://secure.travis-ci.org/substack/safe-regex.png)](http://travis-ci.org/substack/safe-regex)`
15
16	`# Example`
17
18	``` js
19	`var safe = require('safe-regex');`
20	`var regex = process.argv.slice(2).join(' ');`
21	`console.log(safe(regex));`
22	```
23
24	```
25	`$ node safe.js '(x+x+)+y'`
26	`false`
27	`$ node safe.js '(beep\|boop)*'`
28	`true`
29	`$ node safe.js '(a+){10}'`
30	`false`
31	`$ node safe.js '\blocation\s*:[^:\n]+\b(Oakland\|San Francisco)\b'`
32	`true`
33	```
34
35	`# Methods`
36
37	``` js
38	`const safe = require('safe-regex')`
39	```
40
41	`## const ok = safe(re, opts={})`
42
43	Return a boolean `ok` whether or not the regex `re` is safe and not possibly
44	`catastrophic.`
45
46	`re` can be a `RegExp` object or just a string.
47
48	If the `re` is a string and is an invalid regex, returns `false`.
49
50	* `opts.limit` - maximum number of allowed repetitions in the entire regex.
51	Default: `25`.
52
53	`# Install`
54
55	`With [npm](https://npmjs.org) do:`
56
57	```
58	`npm install safe-regex`
59	```
60
61	`# License`
62
63	`MIT`