C# Uri.IsWellFormedUriString - Passing value like http://http://helloworld returns true. Is this by design or a bug?

Question

Sorry if this is already answered (I couldn't find it when I searched), if you pass an invalid URL value like "http://http://helloworld" should return false for Uri.IsWellFormedUriString in c#.

However, it is returning true (at least with .Net Framework 4.5). I would like to know the logic behind treating this as a well formed Uri string. Or is it a bug?

Thanks in advance!

Answer 1

You can read about this => https://msdn.microsoft.com/en-us/library/system.uri.iswellformeduristring(v=vs.110).aspx

Like the name IsWellFormedUriString() suggests, it just checks for the well-formed URI string and having HTTP 2 times in a string does not cause any discrepancy.

Answer 2

From the documentation

Beginning in .NET 4.5, strings are always considered well-formed in accordance with RFC 3986 and RFC 3987, whether or not IRI or IDN are enabled.

RFC 3986 and 3987 never said the path cannot contain

://

In fact if you scroll down to the remark section of the doc where it describes the errors

The string is an absolute URI that is missing a slash before the path.

file://c:/directory/filename

which implies that

file:///c:/directory/filename

is considered a valid Uri under RFC 3986 and 3987. It does look like an invalid Uri if you replaced file with http but still its valid under the standard.

Answer 3

It is not a bug. Uri.IsWellFormedUriString doesn't validate the format of the uri, as the documentation mentions it concerns about character escaping:

Indicates whether the string is well-formed by attempting to construct a URI with the string and ensures that the string does not require further escaping.

If you want to validate the format you can use Uri.TryCreate method.