From 249523132688d5227b4925a15b9c56f2d119b1a2 Mon Sep 17 00:00:00 2001
From: xanhacks <xanhacks@protonmail.com>
Date: Thu, 1 Feb 2024 15:41:50 +0100
Subject: [PATCH] add string replace category

---
 .../docs/programming/javascript/behavior.md   | 39 +++++++++++++++++++
 .../docs/programming/python/format_string.md  |  2 +-
 2 files changed, 40 insertions(+), 1 deletion(-)

diff --git a/content/docs/programming/javascript/behavior.md b/content/docs/programming/javascript/behavior.md
index 4817cd7..7206ab5 100644
--- a/content/docs/programming/javascript/behavior.md
+++ b/content/docs/programming/javascript/behavior.md
@@ -36,4 +36,43 @@ for (let i = 0; i < 0x10FFFF; i++) {
 7830 ẖ 1 H̱ 2
 7831 ẗ 1 T̈ 2
 ...
+```
+
+## String Replace
+
+### First Occurrence Replace
+
+When using the `replace` function, only the first occurrence will be replaced by default:
+
+```js
+"<><script>alert()</script>".replace("<", "").replace(">", "");
+// "<script>alert()</script>"
+```
+
+### Empty Pattern
+
+If the pattern is an empty string, the replacement is prepended to the start of the string:
+
+```js
+"xxx".replace("", "_"); // "_xxx"
+```
+
+### Replacement String
+
+The [replacement string](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/replace#specifying_a_string_as_the_replacement) can include the following special replacement patterns:
+
+| Pattern   | Inserts                                                |
+|-----------|--------------------------------------------------------|
+| `$$`      | Inserts a "$".                                         |
+| `$&`      | Inserts the matched substring.                         |
+| ``$` ``   | Inserts the portion of the string that precedes the matched substring. |
+| `$'`      | Inserts the portion of the string that follows the matched substring. |
+| `$n`      | Inserts the nth (1-indexed) capturing group where n is a positive integer less than 100. |
+| `$<Name>` | Inserts the named capturing group where Name is the group name. |
+
+Here is some examples:
+
+```js
+"abcdfoo".replace(/abcd/, "$'"); // "foofoo"
+"abcdfoo".replace(/foo/, "$`"); // "abcdabcd"
 ```
\ No newline at end of file
diff --git a/content/docs/programming/python/format_string.md b/content/docs/programming/python/format_string.md
index c09f37a..e87ccb7 100644
--- a/content/docs/programming/python/format_string.md
+++ b/content/docs/programming/python/format_string.md
@@ -21,7 +21,7 @@ A **format string** vulnerability in Python occurs when user input is directly p
 
 ### Flask
 
-```
+```python
 {self.__init__.__globals__[config][API_KEY]}
 {ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug]._machine_id}
 {ua.__class__.__init__.__globals__[t].sys.modules[werkzeug.debug].uuid._node}