DD
DevDash

Regex for XSS Script Tag

Regex Pattern

<script[^>]*>

Detects HTML script tags (basic XSS detection)

Quick Answer

The regex pattern for xss script tag is `<script[^>]*>`. Detects HTML script tags (basic XSS detection). This works in JavaScript, Python, Ruby, PHP, Java, and most regex engines that support PCRE syntax.

Test Examples

InputResult
<script>✓ Matches
<script src="evil.js">✓ Matches
<script type="text/javascript">✓ Matches
<div>✗ No match
script✗ No match
<noscript>✗ No match

Code Examples

javascript

const regex = /<script[^>]*>/;
const isValid = regex.test(value);

python

import re
pattern = r'<script[^>]*>'
if re.match(pattern, value):
    print("valid")

ruby

pattern = /<script[^>]*>/
if value =~ pattern
  puts "valid"
end

php

if (preg_match('/<script[^>]*>/', $value)) {
    echo "valid";
}

java

String pattern = "<script[^>]*>";
boolean isValid = value.matches(pattern);

Frequently Asked Questions

Related Regex Patterns

SQL Injection Pattern

Basic SQL injection detection patterns

Path Traversal Pattern

Detects directory traversal attempts (../ or ..\)

Email Address

Validates a standard email address format

Email (RFC 5322 Compliant)

RFC 5322 compliant email validation with label length limits

URL (HTTP/HTTPS)

Validates HTTP and HTTPS URLs

URL (Any Protocol)

Matches URLs with any protocol (http, https, ftp, ws, etc.)

Want API access + no ads? Pro coming soon.