我需要验证传入的字符串的文本<script.
string a = "This is a simple <script> string";
现在,我需要编写一个正则表达式,告诉我该字符串是否包含<script>标记.
我最后写了类似的东西: <* ?script.* ?>
但挑战是,传入字符串可能包含以下方式的脚本,
string a = "This is a simple <script> string";
string a = "This is a simple < script> string";
string a = "This is a simple <javascript></javascript> string";
string a = "This is a simple <script type=text/javascript> string";
因此,正则表达式应该检查开始<标记然后它应该检查script.
Mow*_*zer 31
使用:
/<script[\s\S]*?>[\s\S]*?<\/script>/gi
@ bodhizero 在以下条件下<[^>]*script错误返回的答案true:
// Not a proper script tag.
string a = "This is a simple < script> string";
// Space added before "img", otherwise the entire tag fails to render here.
string a = "This is a simple < img src='//example.com/script.jpg'> string";
// Picks up "nonsense code" just because a '<' character happens to precede a 'script' string somewhere along the way.
string a = "This is a simple for(i=0;i<5;i++){alert('script')} string";