JSLint将“不安全^"报告为“不安全".对于我的正则表达式-这是什么意思? [英] JSLint reports "Insecure ^" for my regex -- what does that mean?
问题描述
我正在尝试使我的Javascript代码100%JSLint干净.
I'm trying to get my Javascript code 100% JSLint clean.
我有一个正则表达式:
linkRgx = /https?:\/\/[^\s;|\\*'"!,()<>]+/g;
JSLint报告:
Insecure '^'
什么使使用字符集不安全"的否定?
What makes the use of the negation of the character set "insecure" ?
推荐答案
[^\s;|\\*'"!,()<>]
匹配列出的字符以外的所有ASCII字符,以及任何非ASCII字符.由于JavaScript字符串可识别Unicode,因此这意味着Unicode已知的每个字符.我在那里看到了很多潜在的恶作剧可能性.
[^\s;|\\*'"!,()<>]
matches any ASCII character other than the ones listed, and any non-ASCII character. Since JavaScript strings are Unicode-aware, that means every character known to Unicode. I can see a lot of potential for mischief there.
我将重写字符类以匹配您要想要允许的字符,而不是禁用警告,就像来自
Rather than disable the warning, I would rewrite the character class to match the characters you do want to allow, as this regex from the Regular Expressions Cookbook does:
/\bhttps?:\/\/[-\w+&@#/%?=~|$!:,.;]*[\w+&@#/%=~|$]/g
这篇关于JSLint将“不安全^"报告为“不安全".对于我的正则表达式-这是什么意思?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!