RegExp.escape()
richard.gibson at gmail.com
richard.gibson at gmail.com
Tue Dec 5 16:25:28 UTC 2017
Reviving this [thread] a third time, is there any love left for introducing RegExp.escape? The previous attempt was abandoned because of a so-called "[even-odd problem]", but that can be fixed: backslash-escape every _SyntaxCharacter_, then wrap the full result in a new form of non-capturing group that is only valid **as a unit** (and therefore protected from otherwise dangerous preceding fragments). For example, `(?](?)â¦)` is a good candidate because preceding such content with a right bracket (starting a _CharacterClass_) and/or a backslash (escaping special treatment of the initial parenthesis) would produce invalid syntax by exposing the "(?)".
As a result, `new RegExp(RegExp.escape("foo.bar"))` is valid (i.e., `/(?](?)foo\.bar)/`, equivalent in evaluation to `/(?:foo\.bar)/`) but `new RegExp("\\" + RegExp.escape("foo.bar"))` and even `new RegExp("([\\" + RegExp.escape("foo.bar"))` would throw SyntaxErrors.
The upside of such a change is getting safe access to desired language functionality. The downside, of course, is the new pattern's supreme ugliness.
Sample polyfill:
```
const regExpSyntaxCharacter = /[\^$\\.*+?()[\]{}|]/g;
RegExp.escape = function( value ) {
return "(?](?)" + (value + "").replace(regExpSyntaxCharacter, "\\$&") + ")";
}
```
[thread]: https://esdiscuss.org/topic/regexp-escape
[even-odd problem]: https://github.com/benjamingr/RegExp.escape/issues/37
More information about the es-discuss
mailing list