正規表現とセキュリティ / Regular Expressions and Their Security-Related Aspects2020/03/15 にお茶の水女子大学内でセキュリティ・キャンプ (https://www.security-camp.or.jp/) の宣伝をした際に、それに合わせて小さな講義を提供しました。これはその発表資料です。 --- 誤りを見つけたら、Twitter (https://twitter.com/lmt_swallow) の DM かポートフォリオサイト(https://shift-js.info/) で示されているメールアドレスまでご連絡ください。
substack/safe-regex: detect possibly catastrophic, exponential-time regular expressions
safe-regex detect potentially catastrophic exponential-time regular expressions by limiting the star height to 1 WARNING: This module merely seems to work given all the catastrophic regular expressions I could find scouring the internet, but I don't have enough of a background in automata to be absolutely sure that this module will catch all exponential-time cases. example
Regular expression Denial of Service - ReDoS | OWASP Foundation
This website uses cookies to analyze our traffic and only share that information with our analytics partners. Accept Introduction The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can th
HTML 5.2: 4.13. Common idioms without dedicated elements
Firefox4+Safari4+Chrome61+Opera52+Edge79+Edge (Legacy)16+Internet Explorer10+Firefox Android5+Safari iOS3.2+Chrome Android61+WebView Android61+Samsung Internet8.0+Opera Android47+ 4.10.1 Introduction This section is non-normative. A form is a component of a web page that has form controls, such as text, buttons, checkboxes, range, or color picker controls. A user can interact with such a form, pro
1
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く
GitHub - sola-da/ReDoS-vulnerabilities: A list of ReDoS vulnerabilities in npm modules found by the Software Lab at TU Darmstadt. For each vulnerability, there is a proof-of-concept exploit, showing how the slowdown may occur. The resources in this reposi
Regular Expression Denial of Service · Issue #2936 · moment/moment
Regular Expression Denial of Service (moment) | Node Security Project
