Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
JSLint reports Insecure ‘^’ for the following line. Why is that? Or is it just going to complain any time I want to negate a character class?
// remove all non alphanumeric, comma and dash characters
"!$7s-gd,&j5d-a#".replace(/[^\w,\-]/g, '');
It only will do this if you have the option selected at the bottom:
From the docs:
So the answer your question, if you start a regex with
^and it’s checked, yes it’ll throw the error every time. The issue is with unicode characters, you’re allowing pretty much anything in there and there’s potential for security issues, or validation bypassing issues. Instead of disallowing something (which can be bypassed), allow only what characters are valid.