Comment # 5
on bug 12522
from Thomas W.
It does not seem consistent to me in that online tester:
Regex: @@ V\?
Input: @@ D1
Outcome (in column labelled $var = $input =~ $regex): $var is a null string
This indicates to me that there is no match.
> What if you try: xml matches "\"@@ V\"?"
The \" at the beginning could be
- an escaped quotation mark
- a backslash + a quotation mark
The \"? at the end could be
- an optional escaped quotation mark
- a backslash + an optional quotation mark
Perhaps you have hit the source of the problem: if a backslash is needed to
escape the quotation mark, then there needs to be a way of escaping the
backslash as well (\\).
If that is the case, I guess only option 2 is left:
> Expected behavior, option 2 (not preferred): a single backslash results in an invalid Regex, indicated by a red background in the display filter box. When using double backslashes, the display filter background becomes green.
Then, the documentation at https://wiki.wireshark.org/DisplayFilters should be
updated to make it clear that Wireshark does not use "clean" Regex but escaped
ones.
You are receiving this mail because:
- You are watching all bug changes.
