Reputation: 706
Modifing a URL Validation RegEx
$regex = "_^(?:(?:https?|ftp)://)(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$_iuS";
Where do i added my Expression [A-Za-z0-9.,/&=?:_+#%-] to allow only these specific characters to be used while keeping the form of the URL as it is made in $regex,
I've tried adding it at the beginning after _^ but it finds every URL an invalid url, That after removing the _ from the Expression too.
The $regex works ok and prevents weird urls like www..doma@$#n.#@om but when it comes to the part after that like
www.domain.com/<script>alert('Hacked')</script>, It just allows every single special character to be used, So i've decided to allow only Alphanumeric and . , / & = ? : _ + # % - since they're used in every URL.
Upvotes: 0
Views: 27
Answers (1)
Reputation: 1486
Just replace [^\s] with the expression you want [A-Za-z0-9.,/&=?:_+#%-]
Example: https://regex101.com/r/kWB1q1/2
Upvotes: 1
Related Questions
- Validate URLs via Regex?
- Validate URL query string with regex
- Regex for URL Validation
- Regular expression for validating url with parameters
- Regex custom url validator
- problems with regex url validator
- How to write a regex to validate a specific URL format?
- How to write custom regular expression for url(custom url)
- Regular expression for URL Validator
- Regex to validate url