Alright this is an official gripe/question.
First the problem.
In any given string (A ColdFusion variable)
if a undetermined length with nearly any
character in it cannot contain
*ANY* <SCRIPT> tags that the browser will
allow to pass through..
A regular expression would be the perfect
tool for this job.... right?
So I go about my merry way writing and reading
up on some of the finer points of Regular Expressions.
So I come up with a nice little regular expression
(even using one of the recommended books in the
Allaire documentation...) So I come up with a
nice little regular expression taht goes something
like this...
<CFSET strFoo = REReplaceNoCase(strFoo,"</?script.*>","<BAD>","ALL")>
Takes any string that may or may not be closing script tag
if it has anything other than a close script the
browsers wotn see it as script. So we dont have to worry
about it. So the expressions checks for zero or one
occurence of a "/" followed by script in any case upper or
lower.. then followed by any number of non newline
characters and then a closing ">". This should work
one would believe.
Given this string.. here are the resulsts.
<CFSET strFoo = "<SCRIPT adfkadfahfkaskdfh 432545fdas fad43 > Innser Script
</SCRIPT>IMDISAPPEAR <P> Inner P</P> GG">
Resulting string after my regex?
"<BAD> GG"
One ponders why it is doing this right? I know the why.
the "script.*" portion of the regex searches ALL the way
to the end of the string and then it goes backwards one
character at a time until it finds the closing ">"
which unfortunately for me is a closing </P> so it gets
from the opening <SCRIPT to the </P> and replaces it with
<BAD>
How to fix this?
Consider the following Regex in perl.
$strFoo = "<SCRIPT garbage in here =\"Javascript\"> Innser Script </SCRIPT>
IMDISAPPEAR <P> Inner P</P> GG";
$strFoo =~ s/<\/?script.*?>/<BAD>/ig;
Aside from having to escape the forward slash with the backslash
the only differene is the question mark after the *. In Perl
the expression works. Why? The questin mark says to backtrack
fowards in stead of backtrack backwards...
Great right? Coldfusion however... does not grok it very well.
In fact it ignores the very presence of it and it does not
seem to support this funcionality at all. So I have a
question, can anyone else come up with a regular
expression that will handle this problem?
My conclusion is this.. ColdFusion and Javascript regex
are crippled..
(Yep JS does the same thing....)
Jeremy Allen
[EMAIL PROTECTED]
[Insert quarter here]
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/[email protected]/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
