High-Performance JavaScript RegExp Escaping with Fast-Escape-Regexp

fast-escape-regexp is a high-performance JavaScript utility that escapes special characters in a string for safe use in regular expressions.

This TypeScript-written library delivers 2-3x faster performance compared to existing solutions while maintaining compatibility across all JavaScript runtimes, including browsers and Node.js.

Key Features:

• Performance optimization: Delivers 2-3x faster execution compared to alternative escaping libraries through optimized character detection algorithms.
• Unicode mode configuration: Configurable Unicode pattern compatibility for different regex engines and runtime requirements.
• Zero Dependencies: It’s a single, lightweight function written in TypeScript with no external dependencies.

Use Cases:

• Dynamic search functionality: When building search features that convert user queries into regex patterns, the library prevents special characters from breaking search logic or creating unexpected matches.
• Input validation systems: Applications requiring robust input sanitization can use the library to safely incorporate user-provided strings into validation regex patterns without security risks.
• Template and parsing engines: Template systems that generate regex patterns from user-defined rules benefit from the library’s ability to safely escape dynamic content while maintaining pattern integrity.
• Database query builders: ORM libraries and query builders that construct regex-based database queries can leverage the escaping functionality to prevent injection attacks and ensure query reliability.

How to use it:

1. Install fast-escape-regexp.

# Yarn
$ yarn add fast-escape-regexp
# NPM
$ npm install fast-escape-regexp
# PNPM
$ pnpm install fast-escape-regexp

2. Import it into your project and use the escapeRegexp function.

import { escapeRegexp } from 'fast-escape-regexp';

// OR
<script type="module">
  import { escapeRegexp } from './dist/index.mjs';
  const escapedString = escapeRegexp('https://www.cssscript.com');
  console.log(escapedString);  // https://www\.cssscript\.com
</script>

3. The library includes a configurable Unicode mode that affects how the hyphen character gets escaped. By default, Unicode mode remains enabled to ensure compatibility with modern regex engines:

// Default behavior (Unicode mode enabled)
const withUnicode = escapeRegexp('-special-chars-', true);
console.log(withUnicode); // Output: \x2d special\x2d chars\x2d 
// Unicode mode disabled for legacy compatibility
const withoutUnicode = escapeRegexp('-special-chars-', false);
console.log(withoutUnicode); // Output: -special-chars-

FAQs

Q: Why does the library escape hyphens differently in Unicode mode?
A: Unicode regex patterns enforce stricter grammar rules that require specific escaping for hyphen characters. The library uses \x2d escaping in Unicode mode to ensure compatibility with JavaScript RegExp patterns using the u flag, PCRE regex engines, and MongoDB query systems. This prevents unexpected behavior when these patterns are processed by different regex implementations.

Q: Can I use this library with existing regex validation libraries?
A: Absolutely. Fast-escape-regexp produces standard escaped output that integrates seamlessly with popular validation libraries like Joi, Yup, and Validator.js. The escaped strings work correctly with any JavaScript RegExp constructor or regex-based validation system.

Q: Does the library handle Unicode characters beyond the basic Latin set?

A: The library focuses specifically on escaping regex metacharacters rather than Unicode character normalization. Unicode characters that are not regex metacharacters pass through unchanged, while regex special characters receive appropriate escaping regardless of the surrounding Unicode context.

Related Resources:

• Fastest XSS-Safe HTML Escaping Library – fast-escape-html