Regex Tester

Our regex tester lets you write and test regular expressions in real-time with instant match highlighting. See all matches, capture groups, and match indices as you type. Supports all JavaScript regex flags (global, case-insensitive, multiline, dotAll, unicode, sticky). Includes a replace mode for search-and-replace testing, plus a comprehensive regex cheat sheet for quick reference.

star 4.9
auto_awesome AI
New

Regex Tester calculator

/ /
global | case-insensitive | multiline | dotAll | unicode
info Enter a pattern to start matching
0 matches
find_replace Replace Mode

                        

No matches yet

lightbulb Tips

  • \d = digit, \w = word, \s = space
  • Use 'g' flag to find all matches
  • Escape special chars: \. \( \[ \+
  • Use (?:...) for non-capturing groups

How to Use the Regex Tester

edit

Enter Pattern

Type your regex pattern in the pattern field. Syntax errors are highlighted in real-time.

text_fields

Add Test Text

Paste or type the text you want to test against. Matches are highlighted instantly.

tune

Toggle Flags

Enable flags like global (g), case-insensitive (i), or multiline (m) to modify matching behavior.

visibility

View Results

See all matches, capture groups, and match positions. Use replace mode to test search-and-replace.

The Formula

Regular expressions are patterns used to match character combinations in strings. The regex engine scans the test string left-to-right, attempting to match the pattern at each position. Flags modify matching behavior — 'g' finds all matches, 'i' ignores case, 'm' makes ^ and $ match line boundaries.

new RegExp(pattern, flags).exec(testString)

lightbulb Variables Explained

  • pattern The regular expression pattern to match against
  • flags Regex flags: g (global), i (case-insensitive), m (multiline), s (dotAll), u (unicode)
  • testString The input text to test the pattern against
  • exec() Returns match details including captured groups and indices

tips_and_updates Pro Tips

1

Use the 'g' flag to find all matches, not just the first one

2

Escape special characters with backslash: \. \( \) \[ \] \{ \} \+ \* \?

3

Use (?:...) for non-capturing groups when you don't need the match value

4

\d = digit, \w = word char, \s = whitespace, \b = word boundary

5

Use .+? (lazy) instead of .+ (greedy) to match as little as possible

6

The 'm' flag makes ^ and $ match start/end of each line, not just the string

7

Test edge cases: empty strings, special characters, and very long inputs

Our free regex tester lets you build, test, and debug regular expressions with live match highlighting. See matches, capture groups, and replacement results instantly as you type. Works with JavaScript regex syntax.

Online Regex Tester with Live Preview

Type your regex pattern and see matches highlighted in real-time. Our regex tester supports all JavaScript flags including:

  • global
  • case-insensitive
  • multiline
  • dotAll

Every match is highlighted with capture groups displayed separately for easy debugging.

Regex Pattern Builder & Debugger

Build complex regex patterns with our interactive tool. See exactly what your pattern matches and why.

Capture groups are numbered and displayed, making it easy to build patterns for:

  • data extraction
  • validation
  • text processing

Regex Cheat Sheet & Reference

Quick reference for common regex syntax:

  • character classes (\d, \w, \s)
  • quantifiers (+, *, ?, {n})
  • anchors (^, $, \b)
  • groups and alternation
  • lookahead and lookbehind

Everything you need to build regex patterns right next to the tester.

What Is a Regular Expression and How Does It Work?

A regular expression (regex) is a sequence of characters that defines a search pattern for matching text. The regex engine reads the pattern and scans the input string left-to-right, attempting a match at each position until it succeeds or exhausts the string.

According to MDN Web Docs, JavaScript regular expressions are objects created either with a literal (/pattern/flags) or the RegExp constructor. The formal syntax and matching semantics are defined in the ECMAScript language specification maintained by TC39, while the broader theory traces back to regular languages in formal language theory.

Most modern engines, including those in Chrome (V8), Node.js, and .NET, implement backtracking matchers that support features like backreferences and lookaround beyond pure finite automata.

How to Use Character Classes and Quantifiers in Regex

Character classes and quantifiers are the core building blocks of any regex pattern. A character class like [a-z] matches any single character in the set, while shorthand classes such as \d (digit), \w (word character), and \s (whitespace) are defined in the ECMAScript specification and documented on MDN Web Docs.

Quantifiers control repetition:

  • * means zero or more
  • + means one or more
  • ? means zero or one
  • {n,m} matches between n and m times

Combine them to build precise patterns, for example \d{3}-\d{4} for a phone fragment. Negated classes like [^0-9] match anything except the listed characters, giving you fine-grained control over exactly what text your pattern accepts.

What Are Anchors, Boundaries, and Lookaround in Regex?

Anchors and boundaries match positions rather than characters, letting you assert where a match must occur without consuming text. The caret ^ anchors to the start of the string (or line with the multiline flag), $ anchors to the end, and \b marks a word boundary between a word and non-word character, as documented by MDN Web Docs and the ECMAScript specification.

Lookaround assertions extend this idea: lookahead (?=...) and negative lookahead (?!...) check what follows, while lookbehind (?<=...) and (?

These zero-width assertions are essential for password rules, validation, and matching tokens only in specific contexts.

How to Use Named Capture Groups and Backreferences

Named capture groups let you label a captured substring for clearer, more maintainable patterns. Introduced to JavaScript in ECMAScript 2018 and documented on MDN Web Docs, the syntax (?\d{4}) assigns the name 'year' to a group, accessible via match.groups.year.

Backreferences reuse a previously captured value later in the same pattern: \1 refers to the first numbered group and \k refers to a named group. For example, (?['\"]).*?\k matches a quoted string that closes with the same quote character it opened with.

Named groups improve readability over positional indices, especially in complex patterns for parsing dates, URLs, or structured log lines.

How to Test and Debug Regex for Email and URL Validation

Regex is widely used to validate and extract emails and URLs, though full RFC compliance is deceptively hard. The email format is defined in RFC 5322, and its addressing grammar is complex enough that no short regex captures it perfectly; MDN Web Docs and the WHATWG HTML specification recommend a pragmatic pattern for the input type=email field rather than a strict RFC 5322 parser.

URLs follow the generic syntax in RFC 3986. For most applications, a lenient pattern that catches obvious errors plus real delivery or request verification is more robust than an exhaustive expression.

Use this tester to check your pattern against valid and invalid samples before shipping it, catching false negatives that could reject legitimate user input.

Is Regex Safe? Understanding ReDoS and Security Pitfalls

Regex is safe for matching but can create denial-of-service risk if patterns are written carelessly. Regular Expression Denial of Service (ReDoS), documented by OWASP, occurs when a backtracking engine hits catastrophic backtracking on crafted input, causing exponential time and freezing the process. The classic trigger is nested or overlapping quantifiers on ambiguous patterns, such as (a+)+$ against a long string of 'a' followed by a non-matching character.

OWASP recommends:

  • avoiding nested quantifiers
  • using atomic groups or possessive quantifiers where supported
  • setting execution timeouts
  • never building patterns from untrusted user input without validation

When running regex against attacker-controlled text, prefer well-tested library patterns and test worst-case inputs in this tool before deploying.

How Do Regex Flags Differ Across JavaScript, Python, and PCRE?

Regex flags share concepts across languages but differ in syntax and available features. In JavaScript, flags append to the literal (/pattern/gi) or pass as the RegExp constructor's second argument, with g, i, m, s, u, and y defined in the ECMAScript specification and explained on MDN Web Docs.

Python's re module uses inline flags like re.IGNORECASE or (?i) prefixes and lacks the sticky flag. PCRE and Perl-compatible engines used by PHP and many tools support similar modifiers plus extended features.

This tester uses the JavaScript engine, so patterns behave exactly as they will in browsers and Node.js. When porting a pattern to another language, re-verify quantifier behavior, Unicode handling, and lookbehind support, since these vary between implementations.

Common Regex Mistakes and How to Avoid Them

The most common regex mistakes involve unescaped special characters, greedy quantifiers, and forgotten flags. Metacharacters such as . ( ) [ ] { } + * ? ^ $ | \ carry special meaning and must be escaped with a backslash to match literally, per the ECMAScript specification and MDN Web Docs; a bare . matches any character, not a period.

Greedy quantifiers like .+ overshoot and swallow more than intended, so use lazy versions .+? when matching between delimiters. Forgetting the g flag returns only the first match, and omitting anchors lets patterns match unintended substrings.

Other pitfalls include ignoring Unicode with the u flag and assuming lookbehind works everywhere. Test edge cases such as empty strings, newlines, and adversarial input in this tool before relying on any pattern.

Frequently Asked Questions

sell

Tags