forked from github/codeql
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathBackspaceEscape.qhelp
More file actions
42 lines (33 loc) · 1.23 KB
/
BackspaceEscape.qhelp
File metadata and controls
42 lines (33 loc) · 1.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
The meaning of the <code>\b</code> escape sequence inside a regular expression depends on its
syntactic context: inside a character class, it matches the backspace character; outside of a
character class, it matches a word boundary. This context dependency makes regular expressions
hard to read, so the <code>\b</code> escape sequence should not be used inside character classes.
</p>
</overview>
<recommendation>
<p>
Replace <code>\b</code> in character classes with the semantically identical escape sequence
<code>\x08</code>.
</p>
</recommendation>
<example>
<p>
In the following example, the regular expression contains two uses of <code>\b</code>: in the
first case, it matches a word boundary, in the second case it matches a backspace character.
</p>
<sample src="examples/BackspaceEscape.js" />
<p>
To avoid mistaking the backspace character for the word boundary metacharacter, rewrite the
regular expression as <code>/\b[\t\x08]/</code>.
</p>
</example>
<references>
<li>Mozilla Developer Network: <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Guide/Regular_Expressions">JavaScript Regular Expressions</a>.</li>
</references>
</qhelp>