const str = 'Test test1 test2'
const pat = 'test';
const re = new RegExp(pat, 'i'); //Found non-literal argument to RegExp Constructoreslint(security/detect-non-literal-regexp)
const result = str.replace(re, "abc");
console.log(result);
请帮我解决这个问题。在此先感谢您!
最佳答案
ESLint detect-non-literal-regexp
rule explains其背后的逻辑:
Detects RegExp(variable), which might allow an attacker to DOS your server with a long-running regular expression.
More information: Regular Expression DoS and Node.js
如果您需要动态构建正则表达式,请禁用该规则并使用您的代码。也许实现 regex match cancel timeout feature .
如果您有一个像问题中那样的简单静态模式,请使用正则表达式文字表示法:
const re = /test/i;
关于node.js - 发现 RegExp 构造函数的非文字参数 - Eslint 问题,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64480265/