< session />

Total ReDoS: the Dangers of Regex in JavaScript

Regular expressions are complicated and can be hard to learn. On top of that, they can also be a security risk; writing the wrong pattern can open your application up to denial of service attacks. One token out of place and you invite in the dreaded ReDoS.

But how can a regular expression cause this? In this talk we’ll track down the patterns that can cause this trouble, explain why they are an issue and propose ways to fix them now and avoid them in the future. Together we’ll demystify these powerful search patterns and keep your application safe from expressions that behave in a way that is anything but regular.

< speaker_info />

About the speaker

Phil Nash

Developer Advocate, Sonar

Phil is a developer advocate for Sonar and Google Developer Expert living in Melbourne, Australia. He loves working with JavaScript or TypeScript to build web applications and tools to help developers. He once helped build a website that captured the world's favourite sandwich fillings. He has too many GitHub repositories.

Away from the keyboard, Phil listens to ska punk, hangs out with his miniature dachshund (also called Ruby), and is on a mission to discover the world's best beers.

Phil tweets at @philnash and you can find him elsewhere online at https://philna.sh.