Skip to content

Commit

Permalink
add string replace category
Browse files Browse the repository at this point in the history
  • Loading branch information
xanhacks committed Feb 1, 2024
1 parent 4dbffba commit 2495231
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 1 deletion.
39 changes: 39 additions & 0 deletions content/docs/programming/javascript/behavior.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,4 +36,43 @@ for (let i = 0; i < 0x10FFFF; i++) {
7830 ẖ 1 H̱ 2
7831 ẗ 1 T̈ 2
...
```

## String Replace

### First Occurrence Replace

When using the `replace` function, only the first occurrence will be replaced by default:

```js
"<><script>alert()</script>".replace("<", "").replace(">", "");
// "<script>alert()</script>"
```

### Empty Pattern

If the pattern is an empty string, the replacement is prepended to the start of the string:

```js
"xxx".replace("", "_"); // "_xxx"
```

### Replacement String

The [replacement string](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/replace#specifying_a_string_as_the_replacement) can include the following special replacement patterns:

| Pattern | Inserts |
|-----------|--------------------------------------------------------|
| `$$` | Inserts a "$". |
| `$&` | Inserts the matched substring. |
| ``$` `` | Inserts the portion of the string that precedes the matched substring. |
| `$'` | Inserts the portion of the string that follows the matched substring. |
| `$n` | Inserts the nth (1-indexed) capturing group where n is a positive integer less than 100. |
| `$<Name>` | Inserts the named capturing group where Name is the group name. |

Here is some examples:

```js
"abcdfoo".replace(/abcd/, "$'"); // "foofoo"
"abcdfoo".replace(/foo/, "$`"); // "abcdabcd"
```
2 changes: 1 addition & 1 deletion content/docs/programming/python/format_string.md
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ A **format string** vulnerability in Python occurs when user input is directly p

### Flask

```
```python
{self.__init__.__globals__[config][API_KEY]}
{ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug]._machine_id}
{ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug].uuid._node}
Expand Down

0 comments on commit 2495231

Please sign in to comment.