Also, next time, you might want to include the programming language or context, because regex processors vary greatly in feature support.

regular expression for validating website-35regular expression for validating website-77

Also, single weird leading and/or trailing characters aren’t tested for.

Just imagine you’re doing this before testing modifier to all the regexes to speed up the tests. Here’s a plain text list of all the URLs used in the test.

The actual URL syntax is pretty complicated and not easy to represent in regex.

Most of the simple-looking regexes out there will give many false negatives as well as false positives.

$/xi S#([a-z]([a-z]|\d|\ |-|\.)*):(\/\/(((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! \$&'\(\)\*\ ,;=]|:|@) (\/(([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! )|((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! \$&'\(\)\*\ ,;=]|:|@) (\/(([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[!

$&'\(\)\*\ ,;=]|:) ))\])|((\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5])\.(\d|[1-9]\d|1\d\d|2[0-4]\d|25[0-5]))|(([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! )(\/(([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! $&'\(\)\*\ ,;=]|:|@)*)*|(\/((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[! (\#((([a-z]|\d|-|\.|_|~|[\x00A0-\x D7FF\x F900-\x FDCF\x FDF0-\x FFEF])|(%[\da-f])|[!

To validate input captured with server controls, you can use the Regular Expression Validator control. Input validation can become a security issue if an attacker discovers that you have made unfounded assumptions.

To validate other forms of input, such as query strings, cookies, and HTML control input, you can use the System. The attacker can then supply carefully crafted input that compromises your application by attempting SQL injection, cross-site scripting, and other injection attacks.

To clarify, I’m looking for a decent regular expression to validate URLs that were entered as user input with.