That regex will only positively "match" non-facebook items, and will only block facebook if implemented in a whitelist.
I'm just playing the straight man to your joke. Of course it's functionally a blacklist: That's what you asked for.
My comment is not a joke but a challenge to the parent ... that they are wrong
Yes whitelist are safer ... but whitelists can be cumbersome to generate/maintain and slow you down at runtime ...
On reddit let this slide , but here we have to correct the flawed thinking.
You cant run from engineering problems without consequece
So now we have graduated to course 202: how to make a blacklist safe?
Check context, and restrict access
I wrote a regex that would allow things that aren't facebook, and then you said "No, you're not allowing things that aren't facebook, you're not allowing things that don't match not being facebook".
If it's not a white-list, it's at least an opposite-of-black-list.
But then why do you need the blacklist?
I refer to this post by vec: https://news.ycombinator.com/item?id=16208419
If you think you need a blacklist you should probably be using a whitelist. If your problem can't be solved with a whitelist then it's probably better solved in a way that doesn't involve a blacklist or a whitelist.
