Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 074539d

Browse files
sidzfabpot
sidz
authored and
fabpot
committed
Fix Url Validator false positives
1 parent c71e9ba commit 074539d

File tree

2 files changed

+6
-1
lines changed

2 files changed

+6
-1
lines changed

src/Symfony/Component/Validator/Constraints/UrlValidator.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ class UrlValidator extends ConstraintValidator
2626
(%s):// # protocol
2727
(((?:[\_\.\pL\pN-]|%%[0-9A-Fa-f]{2})+:)?((?:[\_\.\pL\pN-]|%%[0-9A-Fa-f]{2})+)@)? # basic auth
2828
(
29-
([\pL\pN\pS\-\_\.])+(\.?([\pL\pN]|xn\-\-[\pL\pN-]+)+\.?) # a domain name
29+
([\pL\pN\pS]+\.?[\pL\pN\pS\-\_]+)+(\.?([\pL\pN]|xn\-\-[\pL\pN-]+)+\.?) # a domain name
3030
| # or
3131
\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} # an IP address
3232
| # or

src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,7 @@ public function getValidUrls()
105105
return [
106106
['http://a.pl'],
107107
['http://www.example.com'],
108+
['http://tt.example.com'],
108109
['http://www.example.com.'],
109110
['http://www.example.museum'],
110111
['https://example.com/'],
@@ -265,6 +266,10 @@ public function getInvalidUrls()
265266
['http://example.com/exploit.html?hel lo'],
266267
['http://example.com/exploit.html?not_a%hex'],
267268
['http://'],
269+
['http://www..com'],
270+
['http://www..example.com'],
271+
['http://wwww.example..com'],
272+
['http://.www.example.com'],
268273
];
269274
}
270275

0 commit comments

Comments
 (0)