top | item 46640786

(no title)

bink | 1 month ago

As a security dude I spend way too much of my time fixing missing anchors or unescaped wildcards in regex. The good news is that it's trivial to detect with static analysis tooling. The bad news is that broken regex is often used for security checks.

discuss

SkiFire13|1 month ago

Sometimes I wish regexes were full matches by default and required prefixing and postfixing with `.*` to get the current behaviour

chuckadams|1 month ago

Java's Pattern.match() method works that way. Python has two separate methods: re.match auto-anchors, re.search does not.

ruined|1 month ago

a match isn't boolean, it's substring. the original (and more common) use-cases would become excessively verbose

edoceo|1 month ago

https://xkcd.com/1171/