3

I try to write a simple Markdown parser in JavaScript. Therefore I want to check for the [link content][link id] syntax. I use the following code:

data = data.replace( /\[(.*?)\][ ]*\[([0-9]+)\]/g, '<a href="$2">$1</a>' );

It works well, but now I want to do this with a RegExp object. So I set up the following bit of code:

var r = new RegExp( '\[(.*?)\][ ]*\[([0-9]+)\]', 'g' );
data = data.replace( r, '<a href="$2">$1</a>' );

But it doesn't work. It even says that my regular expression (which works since the first example does a good job) is invalid:

unmatched ) in regular expression

I think it must have to do with some RegExp-object peculiarities I am not aware of. What am I doing wrong and how can the problem be solved?

Improve this question
3
  • 1
    On a side note you might find it useful to run your JavaScript regular expressions through an online tester (pagecolumn.com/tool/regtest.htm). Commented Feb 5, 2009 at 17:27
  • Thanks, seems to be a great tool. I used this (regexp-evaluator.de/evaluator) PHP-ish evaluator. Maybe a JS-ish is better when scripting in JS :) Commented Feb 5, 2009 at 17:31
  • data.replace(/foo/g, 'bar') and data.replace(new RegExp('/foo', 'g'), 'bar') are the same thing Commented Jul 10, 2015 at 20:29

5 Answers 5

Reset to default
13

Because the first argument of the RegExp constructor is a string, not a pattern literal, you have to escape the backslashes, since you want literal backslashes in the pattern:

var r = new RegExp( '\\[(.*?)\\][ ]*\\[([0-9]+)\\]', 'g' );
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Uhm.. didn't think about those string issues. Now it's obvious. Thanks :-)
1

In addition to the pattern's backslash problem, this:

data = data.replace( r, '<a href="$2">$1</a>' );

could be dangerous. I'll assume you've already taken care of the HTML-escaping, so I won't be able to do this:

[<script>stealCookies()</script>][http://oops.example.com/]
[hover me][http://hello" onmouseover="stealCookies()]

but you'll still need to check the URL is a known-good scheme so I can't do this:

[click me][javascript:stealCookies()]

You'll probably want to use the String.replace(r, func) variant of the method, and include validation in your replacement-making 'func'.

Improve this answer

Comments

0 
var r = /\[(.*?)\][ ]*\[([0-9]+)\]/g;
data = data.replace( r, '<a href="$2">$1</a>' );
Improve this answer

Comments

0

Double escape you backslashes:

var r = new RegExp( '\\[(.*?)\\][ ]*\[([0-9]+)\\]', 'g' );
Improve this answer

Comments

0

You need to double escape:

var r = new RegExp( '\\[(.*?)\\][ ]*\\[([0-9]+)\\]', 'g' )
Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.