I’m trying to create a Regex to block all < and > in a

Question

0

Asked: May 11, 20262026-05-11T03:35:36+00:00 2026-05-11T03:35:36+00:00

I’m trying to create a Regex to block all < and > in a

0

I’m trying to create a Regex to block all < and > in a String except when used with <select>. Can anyone suggest a Regex for that? I’ll be using it with javax.util.Pattern.

I’m trying to write a solution to block the injection attack and XSS attempts through request and URL. For that, I’ll be blocking the special characters and character sequences but with some exceptions. One of the exception is that, I have to allow <select> (angle brackets with select in between them) because that is passed into the request legitimately in some of the cases. But all other combinations of angle brackets have to be blocked. And that is the reason of my question.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

score 0 · Answer 1 · 2026-05-11T03:35:36+00:00

Pattern p = Pattern.compile(   '(?<!\\<select)>|<(?!\s*select\s*>)',   Pattern.CASE_INSENSITIVE);

This will find > not preceded by <select and < not followed by select> allowing it to be case-insensitive.

Now normally I’d check for (legal) white-space around the element (‘< select >‘ is valid) but the lookbehind has issues with that that I’m not really sure how to get around.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I’m trying to create a Regex to block all < and > in a

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply