I can kill your browser with a simple regexp

Maciej Rz─ůsa

Short workshop - in English

Regexps are useful, neat and dangerous (as may have learned by Cloudflare accident). We write them, test if they match and push them to production happy that they solved our problems. And that's where the trouble begins. Uncarefully written regular expression may hang both frontend and backend apps severely harming user experience and causing headaches at debugging stage.

In my talk I'll scare you showing how easy it is to write a dangerous regexp. We'll see why a simple change in a regexp can lead to exponential performance degradation. To do that, I'll describe regexp engines' internals to show how regular expressions are interpreted. Participants will be learning regexp engines performance characteristics by preparing and optimizing patterns that commonly cause performance issues.

After this talk you will know what took down traps to avoid when using regexps in searching and validations. You will also understand how to optimise a regexp. Finally, you will be aware of the limitations of this tool that almost everybody uses.

Primarily for: Developers, Tester/test leads

Participant requirements: Laptops with internet access.