php regex: find inline javascript in HTML document

Question

i need to find inline javascript with php regex. I can find external script, but not inline, can anybody help me?

Here is my pattern for external:

"/<script(.*?)src(.*?)>(.*?)<\/script\s*>/smi"

Any ideas?

what about parsing the document with a DOM parser? – KARASZI István Sep 24 '10 at 15:30 — KARASZI István, Sep 24 '10 at 15:30

KARASZI István · Accepted Answer · 2021-01-26T18:20:51.317

4

"/<script((?:(?!src=).)*?)>(.*?)<\/script>/smix"

(My first look-ahead regex ;))

Please note that you should not parse HTML with regexes, see:

edited Jan 26 '21 at 18:20

answered Sep 24 '10 at 15:23

KARASZI István

Yes, this is for all scripts, but I need the one, without src attribute in opening tag – Simon Sep 24 '10 at 15:30
cool this almost is correct :) You just need to add ? after first * : "/ – Simon Sep 24 '10 at 17:49

score 2 · Answer 2 · answered Sep 24 '10 at 15:23

2

You need to find all those cases where inline script can be used (i.e. all listener functions onClick, onBlur, onMouseDown, onMouseUp, on...)).

answered Sep 24 '10 at 15:23

Thariama

No, i haev HTML doc ant i need to find text like but not – Simon Sep 24 '10 at 15:26
1

@no, there are enough ways to run JS. Another way: ``. A better solution would be whitelisting using an application like HTML Purifier. – Lekensteyn Sep 24 '10 at 15:28

score 0 · Answer 3 · answered Sep 24 '10 at 15:23

0

"/<script[^\>]*>(.?)<\/script>/si"

answered Sep 24 '10 at 15:23

Vadim

that's not good because it'll find only one character long scripts – KARASZI István Sep 24 '10 at 15:25

3 Answers3