漏洞：Client ReDos From Regex Injection

// In IE6, the hash fragment and search params are incorrect if the

    // fragment contains `?`.

    getSearch: function() {

      var match = this.location.href.replace(/#.*/, '').match(/\?.+/);

      return match ? match[0] : '';

    },

// Update the hash location, either replacing the current entry, or adding

    // a new one to the browser history.

    _updateHash: function(location, fragment, replace) {

      if (replace)