How to check does string contain a substring in JS?

Some sophisticated tips on popular Java Script issue
07 August 2017   2815
JavaScript

JavaScript is a lightweight interpreted or JIT-compiled programming language with first-class functions

JavaScript Substring

In JavaScript, any text data is a string. There is no separate type of “symbol”, which is in other languages.

You can create string in this way:

var text = "my string";

var anotherText = 'my string 2';

var str = "012345";

In JS, there are 3 methods for taking substring, with slight differences between them: substr, substring, slice.

substring (start, end) method returns a substring from the startposition to, but not including, end.

var str = "stringify";
alert(str.substring(0,1)); // "s"

If there is no end argument, it goes to the end of the line. 

var str = "stringify";
alert(str.substring(2));

How to check, is there a substing in a string? According to Hype.Codes research, there are 6 different ways. 

1. indexOf

var string = "foo",
    substring = "oo";
string.indexOf(substring) !== -1;

String.prototype.indexOf returns the position of the string in the other string. If not found, it will return -1.

2. (ES6) includes 

var string = "foo",
    substring = "oo";
string.includes(substring);

3. search

var string = "foo",
    expr = /oo/;
string.search(expr);

4. lodash includes 

var string = "foo",
    substring = "oo";
_.includes(string, substring);

5. RegExp 

var string = "foo",
    expr = /oo/;  // no quotes here
expr.test(string);

6. Match

var string = "foo",
    expr = /oo/;
string.match(expr);

You can learn bore about stings from a video tutorial.

Supra Smart Cloud TV to be Hacked

Now hacker can replace video being watched with own content
04 June 2019   298

A vulnerability has been identified on the Supra Smart Cloud TV (CVE-2019-12477). It makes possible to replace the transmission currently being watched for the content of the attacker. As an example, the output of a bogus emergency warning is shown.

To attack, just send a specially designed network request that does not require authentication. In particular, hacker can contact the handler "/ remote / media_control? Action = setUri & uri =" by specifying the URL of the m3u8 file with the video parameters, for example "http://192.168.1.155/remote/media_control?action=setUri&uri=http://attacker .com / fake_broadcast_message.m3u8 ".

In most cases, access to the IP address of the TV is limited to the internal network, but since the request is sent via HTTP, it is possible to use methods to access internal resources when the user opens a specially designed external page (for example, under the request of a picture or using the DNS rebinding method).