I also don’t want to allow every possible technically valid URL — quite the opposite.
\$&'\(\)\*\ ,;=]|:|@)*)*)|((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! ((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! Also, single weird leading and/or trailing characters aren’t tested for. Just imagine you’re doing this before testing modifier to all the regexes to speed up the tests. Here’s a plain text list of all the URLs used in the test. $/i.test(value); // Copyright (c) 2010-2013 Diego Perini, MIT licensed // https://gist.github.com/dperini/729294 // see also https://mathiasbynens.be/demo/url-regex // modified to allow protocol-relative URLs return this.optional( element ) || /^(? :[a-z\u00a1-\uffff0-9]-*)*[a-z\u00a1-\uffff0-9] )(? Assume that this regex will be used for a public URL shortener written in PHP, so URLs like shouldn’t pass (even though they’re technically valid).
Server side validation is performed by a web server, after input has been sent to the server.
Client side validation is performed by a web browser, before input is sent to a web server.
(I don't know of one for Java Script; it would probably be overkill. If you get a 404 or connection error, it's probably wrong. If you want to check whether a hostname such as ‘wwww’ actually exists, you have no choice but to look it up in the DNS. I written also a URL validation function base on rfc1738 and rfc3986 to check http and https urls. (((25[0-5]|2[0-4][0-9]|[0-1][0-9][0-9]|[1-9][0-9]|[0-9])(\.(25[0-5]|2[0-4][0-9]|[0-1][0-9][0-9]|[1-9][0-9]|[0-9])))|localhost|([a-z A-Z0-9\-\u00C0-\u017F] \.) ([a-z A-Z]))(:[0-9] )?
Certainly your current expression fails many valid URLs, and passes invalid ones. use a proper URL parser that actually follows the real rules. just trim away any leading or trailing spaces, then check it has one of your preferred schemes on the front (typically ‘ or ‘https://’), and leave it at that. attempt to use the URL and see what lies at the end, for example by sending it am HTTP HEAD request from the server-side.
So I suggest you read the API to perform more checks, for example if you want to make sure that the user entered a well formed absolute URL you may do like this: If i test this:---- /^(ftp|http|https):\/\/(\w :\w*@)?