如何检查正则表达式在PHP中是否有害? [英] How can I check if a regular expression is not harmful in PHP
本文介绍了如何检查正则表达式在PHP中是否有害?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
解决方案
通过分析正则表达式很难做到这一点(实际上解析正则表达式本身。
我建议你宁愿使用保守的设置 pcre.backtrack-limit 和 pcre.recursion_limit
a>。
I am working on a project. This project have a user interface that we wrote in PHP. In the management part, there is a form input where the user needs to enter a regular expression. As I know, I can not check if is a regex or not, because every string is a regex. What I want to do is check whether this input is proper or not? Which way I can do it?
解决方案
It's very hard to do this by analysing the regex (short of actually parsing the regex itself.
I suggest you rather use conservative settings for pcre.backtrack-limit
and pcre.recursion_limit
.
这篇关于如何检查正则表达式在PHP中是否有害?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文