Is FILTER_VALIDATE_URL being too strict?

后端 未结 4 1269
[愿得一人]
[愿得一人] 2021-02-12 16:26

In PHP, filter_var(\'www.example.com\', FILTER_VALIDATE_URL) returns false. Is this correct? Isn\'t www.example.com a valid URL, or protoc

相关标签:
4条回答
  • 2021-02-12 17:01

    The URL have to correspond with the rules set forward in RFC 2396, and according to that spec the protocol is necessary.

    0 讨论(0)
  • 2021-02-12 17:04

    The scheme ("protocol") part is required for FILTER_VALIDATE_URL.

    0 讨论(0)
  • 2021-02-12 17:05

    In addition to Paul Dixon's answer I want to say that you can use flags for FILTER_VALIDATE_URL to specify which part of the URL must be presented.

    FILTER_FLAG_SCHEME_REQUIRED
    FILTER_FLAG_HOST_REQUIRED
    FILTER_FLAG_PATH_REQUIRED
    FILTER_FLAG_QUERY_REQUIRED
    

    Since PHP 5.2.1 FILTER_FLAG_SCHEME_REQUIRED and FILTER_FLAG_HOST_REQUIRED flags used by default and, unfortunately, there is no way to disable them (you can't do something like filter_var($url, FILTER_VALIDATE_URL, ~FILTER_FLAG_SCHEME_REQUIRED); if the existence of the URL scheme part does not necessarily). It seems like a bug for me. There is a relative bugreport.

    0 讨论(0)
  • 2021-02-12 17:11

    It's not a valid URL. Prefixing things with http:// was never a very user-friendly thing, so modern browsers assume you mean http if you just enter a domain name. Software libraries are, rightly, a little bit more picky!

    One approach you could take is passing the string through parse_url, and then adding any elements which are missing, e.g.

    if ( $parts = parse_url($url) ) {
       if ( !isset($parts["scheme"]) )
       {
           $url = "http://$url";
       }
    }
    

    Interestingly, when you use FILTER_VALIDATE_URL, it actually uses parse_url internally to figure out what the scheme is (view source). Thanks to salathe for spotting this in the comments below.

    0 讨论(0)
提交回复
热议问题