I want to use regular expression in JavaScript for form input validation. These is a string which should not have either < , > or any specific set of chars which I mention. The test should pass if the string don't have those chars. So how can I specify in regular expression not to have a char. Example: <pre class="prettyprint"><code>stringX = "vijay<>@$%_" </code></pre> my objective is <ol> <li>string should not have '<','>' chars.</li> <li>test should pass return true if stringX doesn't have those chars.</li> </ol> Note: I could do : <pre class="prettyprint"><code>stringX = "vijay<>@$%_" regExp=/[<>`]/; if(!rexExp.test(stringX)) { doSomthing() } </code></pre> but I don't want this. Because I will end up in a small trouble. I have a generic function called validate() <pre class="prettyprint"><code>function validate(stringX, regExp) { if(rexExp.test(stringX)) { // see there is no "!" in the condition. return true; } } </code></pre> Let's say I want to validate 2 strings. <ol> <li>Case 1: having only digits. I would use regExp : /^[\d]*$/ </li> <li>Case 2: not having <,> . I would use regExp: /^[<>`]*$ Since I don't want to specify all characters to be ALLOWED. I would like to specify the chars which are NOT ALLOWED.</li> </ol> But my validate function will work with only in the case 1. As in the case 2, I will not get the expected result. Validate() would give me true only if string has only <,>,` chars.

The regexp you are looking for is this: <pre class="prettyprint"><code>/^[^<>`]*$/ </code></pre> If you are doing this to ensure people don't inject html tags into the input, forget using javascript as validator. It will only give you a false sense of security and will not stop anyone from abusing your system. A better approach is one fo the following: <ul> <li>strip the charachters serverside</li> <li>html encode the input serverside before storing it</li> <li>store the input as is, and html encode it whenever you output it </li> </ul> The last solution is the one i usually prefer, since it is the most flexible,for instance if the user should be able to edit the original input later. Lastly, always htmlencode usergenerated content before outputting it, or you will end in trouble :)

If you are okay with literally any other characters being in the string, this will match all strings that don't have the characters <, >, and `: <pre class="prettyprint"><code>regexp=/[^<>`]*/; </code></pre> Edit: corrected expression with line start/end anchors (thanks MizardX): <pre class="prettyprint"><code>regexp=/^[^<>`]*$/; </code></pre>

negation in regular expression

I want to use regular expression in JavaScript for form input validation. These is a string which should not have either < , > or any specific set of chars which I mention. The test should pass if the string don't have those chars.

So how can I specify in regular expression not to have a char.

Example:

stringX = "vijay<>@$%_"

my objective is

string should not have '<','>' chars.
test should pass return true if stringX doesn't have those chars.

Note:

I could do :

stringX = "vijay<>@$%_"
regExp=/[<>`]/; 
if(!rexExp.test(stringX)) {
  doSomthing()
}

but I don't want this.

Because I will end up in a small trouble.

I have a generic function called validate()

function validate(stringX, regExp)
{
   if(rexExp.test(stringX)) {  // see there is no "!" in the condition.
      return true;
    }
}

Let's say I want to validate 2 strings.

Case 1: having only digits. I would use regExp : /^[\d]*$/
Case 2: not having <,> . I would use regExp: /^[<>`]*$ Since I don't want to specify all characters to be ALLOWED. I would like to specify the chars which are NOT ALLOWED.

But my validate function will work with only in the case 1. As in the case 2, I will not get the expected result. Validate() would give me true only if string has only <,>,` chars.

What is negation in regex?

Similarly, the negation variant of the character class is defined as "[^ ]" (with ^ within the square braces), it matches a single character which is not in the specified or set of possible characters. For example the regular expression [^abc] matches a single character except a or, b or, c.

Is the negation of a regular language regular?

From this it is obvious that the negation of a regular language is regular, just run the original state machine and accept if it rejects and vice versa. This clearly only requires finite state and so it corresponds to a regular language.

How do you negate a regular expression in Java?

Negation: “[^]” It defines the symbol as the negation variant of the character class. It matches all the characters that are not specified in the character class in regex in java. (eg) (i).

The regexp you are looking for is this:

/^[^<>`]*$/

If you are doing this to ensure people don't inject html tags into the input, forget using javascript as validator.

It will only give you a false sense of security and will not stop anyone from abusing your system.

A better approach is one fo the following:

strip the charachters serverside
html encode the input serverside before storing it
store the input as is, and html encode it whenever you output it

The last solution is the one i usually prefer, since it is the most flexible,for instance if the user should be able to edit the original input later.

Lastly, always htmlencode usergenerated content before outputting it, or you will end in trouble :)

If you are okay with literally any other characters being in the string, this will match all strings that don't have the characters <, >, and `:

regexp=/[^<>`]*/;

Edit: corrected expression with line start/end anchors (thanks MizardX):

regexp=/^[^<>`]*$/;

negation in regular expression

Tags:

javascript

regex

Vijay Krishna

People also ask

2 Answers

Martin Jespersen

Jason Plank

Recent Activity

Donate For Us

negation in regular expression

Tags:

javascript

regex

Vijay Krishna

People also ask

2 Answers

Martin Jespersen

Jason Plank

Related questions

Recent Activity

Donate For Us