Regular expressions considered harmful in client-side XSS filters.

Daniel Bates Adam Barth Collin Jackson

Published in: WWW (2010)

Keyphrases

regular expressions
web browser
web applications
pattern matching
finite automata
query language
semistructured data
xml schema
tree automata
regular languages
matching algorithm
query evaluation
keywords
databases
co occurrence
high level
website