发表新帖
发表新帖

PHP regex for url validation, filter_var is too permisive

前端 未结
关注
3 1563
后悔当初
后悔当初 2020-12-11 21:18

First lets define a \"URL\" according to my requirements.

The only protocols optionally allowed are http:// and https://

then a man

3条回答
  • 执笔经年
    执笔经年 (楼主)
    2020-12-11 21:25

    It may vary but in most of the cases you don't really need to check the validity of any URL.

    If it's a vital information and you trust your user enough to let him give it through a URL, you can trust him enough to give a valid URL.

    If it isn't a vital information, then you just have to check for XSS attempts and display the URL that the user wanted.

    You can add manually a "http://" if you don't detect one to avoid navigation problems.

    I know, I don't give you an alternative as a solution, but maybe the best way to solve performance & validity problems is just to avoid unnecessary checks.

    0 讨论(0)
 看不清?
提交回复
热议问题