From e91e9b8b17407f0a682fdbd469c75c4e611571ef Mon Sep 17 00:00:00 2001
From: thomscoder <moyelysian@icloud.com>
Date: Wed, 28 Aug 2024 12:45:44 +0100
Subject: [PATCH 1/3] fix string().url() regex

---
 src/string.ts  | 2 +-
 test/string.ts | 7 +++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/string.ts b/src/string.ts
index c193d0019..a675e0525 100644
--- a/src/string.ts
+++ b/src/string.ts
@@ -23,7 +23,7 @@ let rEmail =
 
 let rUrl =
   // eslint-disable-next-line
-  /^((https?|ftp):)?\/\/(((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:)*@)?(((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|((([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|\d|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.)+(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])*([a-z]|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])))\.?)(:\d*)?)(\/((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)+(\/(([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)*)*)?)?(\?((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|[\uE000-\uF8FF]|\/|\?)*)?(\#((([a-z]|\d|-|\.|_|~|[\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF])|(%[\da-f]{2})|[!\$&'\(\)\*\+,;=]|:|@)|\/|\?)*)?$/i;
+  /^((https?|ftp):)?\/\/(([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=:]+)@)?(((\d{1,3}\.){3}\d{1,3})|\[(\d{1,3}\.){3}\d{1,3}\]|([a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+(-[a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)*\.)+[a-z\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]{2,})(:\d{2,5})?(\/[a-z\d\-._~%!$&'()*+,;=:@\/]*)?(\?[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?(#[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?$/i
 
 // eslint-disable-next-line
 let rUUID =
diff --git a/test/string.ts b/test/string.ts
index f8c24b5c6..e8d9efeeb 100644
--- a/test/string.ts
+++ b/test/string.ts
@@ -1,12 +1,12 @@
 import * as TestHelpers from './helpers';
 
 import {
-  string,
+  AnySchema,
   number,
   object,
   ref,
+  string,
   ValidationError,
-  AnySchema,
 } from '../src';
 
 describe('String types', () => {
@@ -209,6 +209,9 @@ describe('String types', () => {
 
     return Promise.all([
       expect(v.isValid('//www.github.com/')).resolves.toBe(true),
+      expect(v.isValid('https://username:password@127.0.0.1:8080/path#fragment')).resolves.toBe(true),
+      expect(v.isValid('https://username:password@github.com/path#fragment')).resolves.toBe(true),
+      expect(v.isValid('http://127.0.0.1:8080/')).resolves.toBe(true),
       expect(v.isValid('https://www.github.com/')).resolves.toBe(true),
       expect(v.isValid('this is not a url')).resolves.toBe(false),
     ]);

From 51c58fc356444fc964dcf370693ebbceeb3160e9 Mon Sep 17 00:00:00 2001
From: thomscoder <moyelysian@icloud.com>
Date: Wed, 28 Aug 2024 13:11:23 +0100
Subject: [PATCH 2/3] add redos test

---
 src/string.ts  | 2 +-
 test/string.ts | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/string.ts b/src/string.ts
index a675e0525..be69c75d1 100644
--- a/src/string.ts
+++ b/src/string.ts
@@ -23,7 +23,7 @@ let rEmail =
 
 let rUrl =
   // eslint-disable-next-line
-  /^((https?|ftp):)?\/\/(([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=:]+)@)?(((\d{1,3}\.){3}\d{1,3})|\[(\d{1,3}\.){3}\d{1,3}\]|([a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+(-[a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)*\.)+[a-z\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]{2,})(:\d{2,5})?(\/[a-z\d\-._~%!$&'()*+,;=:@\/]*)?(\?[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?(#[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?$/i
+  /^((https?|ftp):)?\/\/(([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=:]+)@)?(((\d{1,3}\.){3}\d{1,3})|\[(\d{1,3}\.){3}\d{1,3}\]|([a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+(-[a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)*\.)+[a-z\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]{2,})(:\d{2,5})?(\/[a-z\d\-._~%!$&'()*+,;=:@\/]*)?(\?[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?(#[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?$/i;
 
 // eslint-disable-next-line
 let rUUID =
diff --git a/test/string.ts b/test/string.ts
index e8d9efeeb..42ffade36 100644
--- a/test/string.ts
+++ b/test/string.ts
@@ -213,6 +213,7 @@ describe('String types', () => {
       expect(v.isValid('https://username:password@github.com/path#fragment')).resolves.toBe(true),
       expect(v.isValid('http://127.0.0.1:8080/')).resolves.toBe(true),
       expect(v.isValid('https://www.github.com/')).resolves.toBe(true),
+      expect(v.isValid('//T.' + '0.'.repeat(3000) + '\x00')).resolves.toBe(false),
       expect(v.isValid('this is not a url')).resolves.toBe(false),
     ]);
   });

From e587d05f2468b8ce839acdefbef3b0fceb9a129c Mon Sep 17 00:00:00 2001
From: thomscoder <moyelysian@icloud.com>
Date: Wed, 28 Aug 2024 18:07:43 +0100
Subject: [PATCH 3/3] expand regex

---
 src/string.ts  | 2 +-
 test/string.ts | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/string.ts b/src/string.ts
index be69c75d1..b4fb60e59 100644
--- a/src/string.ts
+++ b/src/string.ts
@@ -23,7 +23,7 @@ let rEmail =
 
 let rUrl =
   // eslint-disable-next-line
-  /^((https?|ftp):)?\/\/(([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=:]+)@)?(((\d{1,3}\.){3}\d{1,3})|\[(\d{1,3}\.){3}\d{1,3}\]|([a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+(-[a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)*\.)+[a-z\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]{2,})(:\d{2,5})?(\/[a-z\d\-._~%!$&'()*+,;=:@\/]*)?(\?[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?(#[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?$/i;
+  /^((https?|ftp):\/\/)?((([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=]+)(:[a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF%!$&'()*+,;=]*)?)@)?((\/\/)?((([a-z\d\-._~\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)@)?((\d{1,3}\.){3}\d{1,3}|\[(([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}|[0-9a-fA-F]{1,4}(:[0-9a-fA-F]{1,4}){0,6}(:|::)[0-9a-fA-F]{1,4}|(?:[0-9a-fA-F]{1,4}:){0,6}(::[0-9a-fA-F]{1,4})|(?:[0-9a-fA-F]{1,4}:){0,5}(::[0-9a-fA-F]{1,4})|(?:[0-9a-fA-F]{1,4}:){0,4}(::[0-9a-fA-F]{1,4})|(?:[0-9a-fA-F]{1,4}:){0,3}(::[0-9a-fA-F]{1,4})|(?:[0-9a-fA-F]{1,4}:){0,2}(::[0-9a-fA-F]{1,4})|(?:[0-9a-fA-F]{1,4}:){0,1}(::[0-9a-fA-F]{1,4})|(::[0-9a-fA-F]{1,4}|::)|(::(?:\d{1,3}\.){1,3}\d{1,3}))\])|localhost|([a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+(-[a-z\d\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]+)*\.)+[a-z\u00A0-\uD7FF\uF900-\uFDCF\uFDF0-\uFFEF]{2,}))(?:\:\d{2,5})?(?:\/[a-z\d\-._~%!$&'()*+,;=:@\/]*)?(?:\?[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?(?:#[a-z\d\-._~%!$&'()*+,;=:@\/?]*)?$/i;
 
 // eslint-disable-next-line
 let rUUID =
diff --git a/test/string.ts b/test/string.ts
index 42ffade36..69285abd5 100644
--- a/test/string.ts
+++ b/test/string.ts
@@ -212,7 +212,13 @@ describe('String types', () => {
       expect(v.isValid('https://username:password@127.0.0.1:8080/path#fragment')).resolves.toBe(true),
       expect(v.isValid('https://username:password@github.com/path#fragment')).resolves.toBe(true),
       expect(v.isValid('http://127.0.0.1:8080/')).resolves.toBe(true),
+      expect(v.isValid('http://127.0.0.1/')).resolves.toBe(true),
       expect(v.isValid('https://www.github.com/')).resolves.toBe(true),
+      expect(v.isValid('http://[2001:0db8:85a3:0000:0000:8a2e:0370:7334]')).resolves.toBe(true),
+      expect(v.isValid('ftp://localhost')).resolves.toBe(true),
+      expect(v.isValid('http://[::255.255.255.255]')).resolves.toBe(true),
+      expect(v.isValid('http://localhost/')).resolves.toBe(true),
+      expect(v.isValid('http://localhost:8000/')).resolves.toBe(true),
       expect(v.isValid('//T.' + '0.'.repeat(3000) + '\x00')).resolves.toBe(false),
       expect(v.isValid('this is not a url')).resolves.toBe(false),
     ]);