今晚在这个房子周围转了一圈。我要做的就是在以下脚本中提取 csrf-token 但是它会返回nil
local html = '<meta content="authenticity_token" name="csrf-param" /><meta content="ndcZ+Vp8MuM/hF6LizdrvJqgcRh22zF8w/DnIX0DvR0=" name="csrf-token" />'
local csrf_token = string.match(html, 'content="(.*)" name="csrf-token"')
如果我修改脚本并去掉“-token”部分,它会匹配something,但当然不是正确的。
我知道它是连字符,因为如果我将字符串修改为“csrftoken”并且它找到的匹配项按预期工作。
我试图逃避 - 就像这样,\-但这引发了一个错误......
帮助...
There are two problems:
The - does need to be escaped, but Lua uses % instead of \.
Further, the reason why you get something odd is due to the fact the . can match anything, including across tags (or attributes) and tries to take as much as possible (since the engine will return the left-most possible match, ungreedy quantifiers wouldn't help either). What you should do is restrict the allowed characters, so that the captured thing cannot go outside of the attribute quotes - like [^"] (any character except quotes):
Taking all of that together:
local csrf_token = string.match(html, 'content="([^"]*)" name="csrf%-token"')
In any case, you shouldn't actually be matching HTML with regular expressions.
name="csrf-token'"
在此行的末尾有一个额外的撇号。
我也会转义 " = 和连字符,尽管这对于所有这些字符可能不是必需的。