According to RFC 3986, URIs should only contain :/?#[]@!$&'()*+,;= , %, A-Z, a-z, 0-9 and -._~ See also #329
@@ -12204,6 +12204,41 @@ get_uri_type(const char *uri)
/* asterisk */
return 1;
}
+
+ /* Valid URIs according to RFC 3986
+ * (https://www.ietf.org/rfc/rfc3986.txt)
+ * must only contain reserved characters :/?#[]@!$&'()*+,;=
+ * and unreserved characters A-Z a-z 0-9 and -._~
+ * and % encoded symbols.
+ */
+ for (i = 0; uri[i] != 0; i++) {
+ if (uri[i] < 33) {
+ /* control characters and spaces are invalid */
+ return 0;
+ }
+ if (uri[i] > 126) {
+ /* non-ascii characters must be % encoded */
+ } else {
+ switch (uri[i]) {
+ case '"': /* 34 */
+ case '<': /* 60 */
+ case '>': /* 62 */
+ case '\\': /* 92 */
+ case '^': /* 94 */
+ case '`': /* 96 */
+ case '{': /* 123 */
+ case '|': /* 124 */
+ case '}': /* 125 */
+ default:
+ /* character is ok */
+ break;
+ /* A relative uri starts with a / character */
if (uri[0] == '/') {
/* relative uri */
return 2;
bel