regex, but also accepts ftps because both cURL and php support it. It no longer accepts thing like 'foo http://bar bax'
which was my main concern
Note the previous regex kind of looks more restrictive, but is not since saying "anything not containing a space
optionally followed by anything not containing a bunch of characters including a space" is the same as saying anything
with no spaces. See also r83296. This obviously doesn't catch all cases, but I personally think its sufficient.
At the very least it is a very significant improvement over the previous version that caught almost nothing.
incorrect revision ID is passed.
* Trim the form field for uploading by url to remove extra spaces which could
cause confusing error messages.
+* (bug 27854) Http::isValidURI is way too lax.
=== API changes in 1.18 ===
* (bug 26339) Throw warning when truncating an overlarge API result
}
/**
- * Checks that the given URI is a valid one
+ * Checks that the given URI is a valid one. Hardcoding the
+ * protocols, because we only want protocols that both cURL
+ * and php support.
*
* @param $uri Mixed: URI to check for validity
* @returns Boolean
*/
public static function isValidURI( $uri ) {
return preg_match(
- '/(ftp|http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/',
- $uri,
- $matches
+ '/^(f|ht)tps?:\/\/[^\/\s]\S*$/D',
+ $uri
);
}
}