Pomax
commented
8 years ago I'd rather stick with matching the pattern we know Flickr outputs based on fixed targets, and then update it when necessary in the future, rather than adding in matching for "any character" sequences. Thanks for filing the PR though!
(also, while technically not a concern here, patterns like .*[something] risk triggering a denial of service due to the time required to perform the matching, more information on that over on the OWASP website)
This is a fix for issue #88 as an alternative to PR #89.
It finds the response json regardless of what's in front of it. The current fix in #89 will brake if Flickr decides to change the comments again or if they rename the JSONP callback or make any other changes.
The regex in this fix looks for the first
{and the last}and finds the json response like that. It's not 100% safe but less likely to brake again.