69

What does the ?! mean in the following regex expression? 

new RegExp('http:\/\/(?!' + location.hostname + ')')
Improve this question
0

3 Answers 3

Reset to default
95

It's a negative lookahead, which means that for the expression to match, the part within (?!...) must not match. In this case the regex matches http:// only when it is not followed by the current host name (roughly, see Thilo's comment).

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

+1 or, because of lack of proper escaping, only if it is not followed by something similar to the host name, with dots replaced by stuff admissible.
Indeed. It probably won't make that much of a difference in most cases, though. Although, in the light of the recent Stripe CTF, such a lapse could be both hard to spot and may allow things that were not intended ;-)
Yes, won't matter. It's just that years of fixing injection vulnerabilities make these things stand out for me now ...
This answer has been added to the Stack Overflow Regular Expression FAQ, under "Lookarounds".
6

It's a negative lookahead, you can check here for more information.

Improve this answer

Comments

0

It's a look around.

location.hostname must not follow http:\/\/

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.