URL Query Parameter (Single key=value) Regex for JavaScript
/(?:^|[?&])([a-zA-Z][a-zA-Z0-9_\-.]{0,99})=([^&\s#]*)/gWhat this pattern does
This page provides a well-structured, multi-part regular expression for matching url query parameter (single key=value), ported and verified for JavaScript. A rigorously tested regex reduces debugging time and protects your application from edge-case failures. The snippet below is ready to drop into your JavaScript project — whether you're validating in an Express middleware, a Next.js API route, or a client-side form.
Javascript Implementation
// URL Query Parameter (Single key=value)
// ReDoS-safe | RegexVault — Web & Network > URL
const urlQueryParameterSingleKeyvalueRegex = /(?:^|[?&])([a-zA-Z][a-zA-Z0-9_\-.]{0,99})=([^&\s#]*)/g;
function validateUrlQueryParameterSingleKeyvalue(input: string): boolean {
return urlQueryParameterSingleKeyvalueRegex.test(input);
}
// Example
console.log(validateUrlQueryParameterSingleKeyvalue("?key=value")); // trueTest Cases
Matches (Valid) | Rejects (Invalid) |
|---|---|
?key=value | ?=value |
?foo=bar&baz=qux | ? key=value |
?page=1&sort=name&order=asc | ?123key=value |
?q=hello+world | — |
?encoded=hello%20world | — |
key=value | — |
When to use this pattern
This pattern is drawn from the Web & Network > URL category and carries a ReDoS-safe certification. That matters for JavaScript developers because especially critical in long-running Node.js event loops where a ReDoS vulnerability can block the entire process. RegexVault audits patterns against known backtracking attack vectors, ensuring you have the necessary context before using this regex in a high-stakes production environment.
Common Pitfalls
Query parameter keys should not start with digits — use [a-zA-Z] as the first character class. Duplicate keys are valid in HTTP; the handling is application-specific.
Technical Notes
Use with the g flag in JS to iterate all parameters. Capture group 1 is the key, group 2 is the raw value. URL-decode values before use: decodeURIComponent(value.replace(/\+/g, ' ')).
Have a pattern that belongs in the vault?
Submit it for review — community-verified patterns get credited to your GitHub handle. Free submissions join the queue. Priority review available for $15.
Submit a Pattern