1. Home
2. Questions
3. Unanswered
4. AI Assist Labs
5. Tags
7. Chat
8. Users
10. Companies
Teams

Ask questions, find answers and collaborate at work with Stack Overflow for Teams.
Try Teams for free Explore Teams
Teams
Ask questions, find answers and collaborate at work with Stack Overflow for Teams. Explore Teams

Return to Revisions

1 of 3

asked Feb 6, 2013 at 6:41

Is XSS possible here? Challenge

Is possible to bypass my regex and execute any javascript?



  
  function json(a){
    
  if (/^\s*$/.test(a) ? 0 : /^[\],:{}\s\u2028\u2029]*$/.test(a.replace(/\\["\\\/bfnrtu]/g, "@").replace(/"[^"\\\n\r\u2028\u2029\x00-\x08\x0a-\x1f]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, "]").replace(/(?:^|:|,)(?:[\s\u2028\u2029]*\[)+/g, ""))) 
    try{
         return eval("(" + a + ")")
    } catch (b) {}
    
    g(Error("Invalid JSON string: " + a))
  }
  
json(window.name);

asked Feb 6, 2013 at 6:41

LucasNN