IPv6 Full (Expanded + Compressed) Regex for JavaScript

What this pattern does

This page provides a comprehensive, battle-tested regular expression for matching ipv6 full (expanded + compressed), ported and verified for JavaScript. A rigorously tested regex reduces debugging time and protects your application from edge-case failures. The snippet below is ready to drop into your JavaScript project — whether you're validating in an Express middleware, a Next.js API route, or a client-side form.

Javascript Implementation

// IPv6 Full (Expanded + Compressed)
// ReDoS-safe | RegexVault — Web & Network > IPv6

const ipv6FullExpandedCompressedRegex = /^(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:(:[0-9a-fA-F]{1,4}){1,6}|:(:[0-9a-fA-F]{1,4}){1,7}|::)$/i;

function validateIpv6FullExpandedCompressed(input: string): boolean {
  return ipv6FullExpandedCompressedRegex.test(input);
}

// Example
console.log(validateIpv6FullExpandedCompressed("2001:db8::1")); // true

Test Cases

When to use this pattern

This pattern is drawn from the Web & Network > IPv6 category and carries a ReDoS-safe certification. That matters for JavaScript developers because especially critical in long-running Node.js event loops where a ReDoS vulnerability can block the entire process. RegexVault audits patterns against known backtracking attack vectors, ensuring you have the necessary context before using this regex in a high-stakes production environment.

Common Pitfalls

Technical Notes

Each alternation handles a specific number of groups before/after ::. The :: can appear at most once (enforced by alternation structure, not lookahead). Go's RE2 may have issues with alternation of this complexity — use net.ParseIP() in Go instead.