| ▲ | kibwen 16 hours ago | |
> the linear time guarantee required by the `regex` crate Making sure this line isn't glossed over: the point of the regex crate is that it provides linear-time guarantees for arbitrary regexes, making it safe (within reason) to expose the regex engine to untrusted input without running the risk of trivial DoS. From what I can tell, supporting lookbehinds in such a context is something that researchers have only recently described. | ||
| ▲ | dmit 13 hours ago | parent [-] | |
> making it safe (within reason) to expose the regex engine to untrusted input Or even trusted input! https://blog.cloudflare.com/details-of-the-cloudflare-outage... | ||