This method does not mutate the string value it’s called on. It returns a new string.
Unlike replace(), this method would replace all occurrences of a string, not just the first one. This is especially useful if the string is not statically known, as calling the RegExp() constructor without escaping special characters may unintentionally change its semantics.
function
unsafeRedactName
(
text
,
name)
{
return
text.
replace
(
new
RegExp
(
name,
"g"
)
,
"[REDACTED]"
)
;
}
function
safeRedactName
(
text
,
name)
{
return
text.
replaceAll
(
name,
"[REDACTED]"
)
;
}
const
report =
"A hacker called ha.*er used special characters in their name to breach the system."
;
console.
log
(
unsafeRedactName
(
report,
"ha.*er"
)
)
;
console.
log
(
safeRedactName
(
report,
"ha.*er"
)
)
;
If pattern is an object with a Symbol.replace method (including RegExp objects), that method is called with the target string and replacement as arguments. Its return value becomes the return value of replaceAll(). In this case the behavior of replaceAll() is entirely encoded by the @@replace method, and therefore will have the same result as replace() (apart from the extra input validation that the regex is global).
If the pattern is an empty string, the replacement will be inserted in between every UTF-16 code unit, similar to split() behavior.
"xxx"
.
replaceAll
(
""
,
"_"
)
;
For more information about how regex properties (especially the sticky flag) interact with replaceAll(), see RegExp.prototype[@@replace]().
