Regexp for complex password

Question

Hi Guys,&nbsp;Need help for below regexp,&nbsp;when HTTP_REQUEST_DATA {&nbsp;&nbsp;set payload [URI::decode [HTTP::payload]]&nbsp;&nbsp;regexp {^.*txtURL=([^&amp;]+).*$} $payload -&gt; gotURL&nbsp;&nbsp;regexp {^.*username=([^&amp;]+).*$} $payload -&gt; username&nbsp;&nbsp;regexp {^.*password=([^&amp;]+).*$} $payload -&gt; password	HTTP::release}&nbsp;works for simpel password, but facing issue with password having following characters&nbsp;$,&amp;, % etc.&nbsp;sample string--- &lt;HTTP_REQUEST_DATA&gt;: Payload is = username=apptest&amp;password=1234&amp;1abc&amp;txtURL=https://trng.example.com:443/ssoman/c/SSA&nbsp;&nbsp;Regards,Sajid

corrado · Answer

This might work if there is always a field starting with &, like &txtURL, after the "password=" filed.

I asslumed that since you use a regex that excludes character & , but as you said passwords containing character '&' will not be matched while using this regex you will always have "&" as a character after the password so everything but last & will match.

^.*password=(\K.*)&

sajid · Answer

Hi Corrado,&nbsp;Thanks for your response.&nbsp;Got this error,&nbsp;&nbsp;warning: ["\K" has no meaning.&nbsp;Did you mean "\K" or "K"?][{^.*password=(\K.*)&amp;}]&nbsp;&nbsp;Regards,Sajid

Forum Discussion

Regexp for complex password

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Minimizing Security Complexity: Managing Distributed WAF Policies

Driving Down Cost & Complexity: App Migration in the Cloud

F5 App Study Tool with passwords stored in Vault

Password Safety & Security: Passwords vs. Passphrases

Automate scp transfers using password

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS