Bug: RegularExpressionValidator creates invalid regex in client-side

[Head0nF1re]

Issue

In "yiisoft/yii2": "~2.0.45", the yii\validators\RegularExpressionValidator generates an invalid client-side regex for hexadecimal.

Given a pattern validation rule in a Form like ['foo', 'match', 'pattern' => '/^[\x00-\xFF]{8,72}$/'], the Html::escapeJsRegularExpression, inside the getClientOptions method, returns '/^[\u00-\uFF]{8,72}$/'. The former regex, which is valid in jquery 3.7.1 (seems to be the version being used by the framework), matches a word like "password" while the latter doesn't (because of the w in this case).

I believe this preg_replace in Html::escapeJsRegularExpression is the culprit:

$pattern = preg_replace('/\\\\x\{?([0-9a-fA-F]+)\}?/', '\u$1', $regexp);

[samdark]

@Head0nF1re a pull request with a test would be awesome to have. Then reproducing it will be easy and it won't ever break again. Do you have some time for it?

[Head0nF1re]

@samdark I will have a look tomorrow this week