Regular expression for URL validation (in JavaScript)

Question

Does someone have a regex for validating urls (NOT for finding them inside a text passage)? JavaScript snippet would be preferred.

score 91 · Answer 1 · edited Jun 19 '20 at 01:34

91

In the accepted answer bobince got it right: validating only the scheme name, ://, and spaces and double quotes is usually enough. Here is how the validation can be implemented in JavaScript:

var url = 'http://www.google.com';
var valid = /^(ftp|http|https):\/\/[^ "]+$/.test(url);
// true

or

var r = /^(ftp|http|https):\/\/[^ "]+$/;
r.test('http://www.goo le.com');
// false

or

var url = 'http:www.google.com';
var r = new RegExp(/^(ftp|http|https):\/\/[^ "]+$/);
r.test(url);
// false

References for syntax:

edited Jun 19 '20 at 01:34

IanB

2,642
22
25

answered Mar 31 '13 at 20:48

Akseli Palén

27,244
10
65
75

8

@DerekHenderson Here you go, you W3Schools hater ;) – Akseli Palén Apr 29 '13 at 13:57
39

+1 for getting an unnecessary -1 for W3Schools hate. – MaxArt Feb 12 '14 at 09:47
3

This code won't work for many URLs. When detecting URLs, it's better to rely on a specialized library. [Here's why](http://stackoverflow.com/a/21925491/1269037). – Dan Dascalescu Feb 21 '14 at 06:19
var r = new RegExp(/^(ftp|http|https):\/\/[^ "]+$/); the parameter doesn't need '....' when new , just use /^(ftp|http|https):\/\/[^ "]+$/, as my try – Fanl Mar 31 '17 at 09:05
also +1 for getting an unnecessary -1 for W3Schools hate. – Yuriy Yakovenko May 05 '17 at 09:40
What does `[^ "]` mean in the regex? – sdfsdf Sep 15 '19 at 07:20
@MiLeung `[^ "]` means any character except a space or a double quote. – Akseli Palén Sep 16 '19 at 13:51

score 38 · Accepted Answer · edited Nov 04 '20 at 03:40

38

The actual URL syntax is pretty complicated and not easy to represent in regex. Most of the simple-looking regexes out there will give many false negatives as well as false positives. See for amusement these efforts but even the end result is not good.

Plus these days you would generally want to allow IRI as well as old-school URI, so we can link to valid addresses like:

http://en.wikipedia.org/wiki/Þ
http://例え.テスト/

I would go only for simple checks: does it start with a known-good method: name? Is it free of spaces and double-quotes? If so then hell, it's probably good enough.

edited Nov 04 '20 at 03:40

Community

1
1

answered Sep 11 '09 at 15:58

bobince

528,062
107
651
834

4

Ok. At least now I know it's probably not worth the effort in most cases :] Thanks. – Marek Stój Sep 11 '09 at 16:42
4

/(ftp|https?):\/\/[^ "]+$/ – Tim Lovell-Smith May 08 '13 at 20:37
1

Indeed, the right way to validate URLs is not to use a regular expression. Check out the [URI validation code in Node.js](https://github.com/joyent/node/blob/master/lib/url.js). It's far more complex than one regexp, which is why it's always better to use a specialized library rather than roll your own regular expression. – Dan Dascalescu Feb 21 '14 at 06:21
Two other things to consider: 1) tel:, mailto:, sms: are all valid hosts; 2) mobile browsers (especially iOS) allow other things instead of http/https/ftp for inter-app communication. – eliajf Apr 12 '16 at 00:09

score 26 · Answer 3 · edited May 03 '12 at 15:35

26

Try this regex

/(ftp|http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/

It works best for me.

edited May 03 '12 at 15:35

Wiseguy

20,522
8
65
81

answered May 03 '12 at 11:43

Musaddiq Khan

1,837
18
16

2

I think it is best regex for url validation – Musaddiq Khan May 04 '12 at 10:45
2

This is not working for following urls : www.google.com , gogl.com , http://google.clo , www.google.co.in , www.goo.com.in.ssd – Jay Hardia Mar 10 '13 at 15:23
1

This code won't work for many URLs. When detecting URLs, it's better to rely on a specialized library. [Here's why](http://stackoverflow.com/a/21925491/1269037). – Dan Dascalescu Feb 21 '14 at 06:19

score 7 · Answer 4 · answered Mar 15 '17 at 18:50

7

I've found some success with this:

/^((ftp|http|https):\/\/)?www\.([A-z]+)\.([A-z]{2,})/

It checks one or none of the following: ftp://, http://, or https://
It requires www.
It checks for any number of valid characters.
Finally, it checks that it has a domain and that domain is at least 2 characters.

It's obviously not perfect but it handled my cases pretty well

answered Mar 15 '17 at 18:50

Joey

174
2
4

1

"requires www" is like "TLD must be .com". Don't do that. – foo Jun 22 '23 at 16:38

score 6 · Answer 5 · edited Feb 04 '21 at 20:29

This REGEX is a patch from @Aamir answer that worked for me

/((?:(?:http?|ftp)[s]*:\/\/)?[a-z0-9-%\/\&=?\.]+\.[a-z]{2,4}\/?([^\s<>\#%"\,\{\}\\|\\\^\[\]`]+)?)/gi

It matches these URL formats

yourwebsite.com
yourwebsite.com/4564564/546564/546564?=adsfasd
www.yourwebsite.com
http://yourwebsite.com
https://yourwebsite.com
ftp://www.yourwebsite.com
ftp://yourwebsite.com
http://yourwebsite.com/4564564/546564/546564?=adsfasd

Daniel Rodríguez · Answer 6 · 2019-08-09T10:58:04.777

4

You can simple use type="url" in your input and the check it with checkValidity() in js

E.g:

your.html

<input id="foo" type="url">

your.js

$("#foo").on("keyup", function() {
    if (this.checkValidity()) {
        // The url is valid
    } else {
        // The url is invalid
    }
});

edited Aug 09 '19 at 10:58

answered Aug 09 '19 at 10:42

Daniel Rodríguez

673
5
15

BTW, I have realize that is worth notice that you should also do some kind of validation in the server side to avoid Injection attacks, as this solution is 100% client-side – Daniel Rodríguez Sep 29 '21 at 15:14

score 3 · Answer 7 · answered May 02 '13 at 10:42

3

<html>
<head>
<title>URL</title>
<script type="text/javascript">
    function validate() {
        var url = document.getElementById("url").value;
        var pattern = /(ftp|http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/;
        if (pattern.test(url)) {
            alert("Url is valid");
            return true;
        } 
            alert("Url is not valid!");
            return false;

    }
</script>

</head>
<body>
URL :
<input type="text" name="url" id="url" />
<input type="submit" value="Check" onclick="validate();" />
</body>
</html>

answered May 02 '13 at 10:42

Viet Nam

39
1

This code won't work for many URLs. When validating URLs, it's better to rely on a specialized library. [Here's why](http://stackoverflow.com/a/21925491/1269037). – Dan Dascalescu Feb 21 '14 at 06:19
Using pure JavaScript is better option of validations if you want to customize the pattern you can easily do that in your pattern – Swapnil Sep 24 '14 at 07:12

score 3 · Answer 8 · answered Jul 18 '16 at 07:48

After a long research I build this reg expression. I hope it will help others too.......

url = 'https://google.co.in';
var re = /[a-z0-9-\.]+\.[a-z]{2,4}\/?([^\s<>\#%"\,\{\}\\|\\\^\[\]`]+)?$/;
if (!re.test(url)) { 
 alert("url error");
return false;
}else{
alert('success')
}

score 2 · Answer 9 · edited Nov 06 '17 at 04:37

2

Try this it works for me:

 /^(http[s]?:\/\/){0,1}(w{3,3}\.)[-a-z0-9+&@#\/%?=~_|!:,.;]*[-a-z0-9+&@#\/%=~_|]/;

edited Nov 06 '17 at 04:37

Farhad

4,119
8
43
66

answered Nov 06 '17 at 04:34

kalpana

21
2

score 2 · Answer 10 · answered Jun 03 '20 at 05:59

I couldn't find one that worked well for my needs. Written and post @ https://gist.github.com/geoffreyrobichaux/0a7774b424703b6c0fffad309ab0ad0a

function validURL(s) {
    var regexp = /^(ftp|http|https|chrome|:\/\/|\.|@){2,}(localhost|\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|\S*:\w*@)*([a-zA-Z]|(\d{1,3}|\.){7}){1,}(\w|\.{2,}|\.[a-zA-Z]{2,3}|\/|\?|&|:\d|@|=|\/|\(.*\)|#|-|%)*$/gum
    return regexp.test(s);
}

score 1 · Answer 11 · edited May 12 '15 at 21:29

1

Try this regex, it works for me:

function isUrl(s) {
    var regexp = /(ftp|http|https):\/\/(\w+:{0,1}\w*@)?(\S+)(:[0-9]+)?(\/|\/([\w#!:.?+=&%@!\-\/]))?/
    return regexp.test(s);
}

edited May 12 '15 at 21:29

insertusernamehere

23,204
9
87
126

answered Sep 11 '09 at 11:19

ennuikiller

46,381
14
112
137

1

I'd like to be sure that I will not get false negatives with this regex. You had not problems with it? – Marek Stój Sep 11 '09 at 11:30
1

No problems as of yet. Why not conduct tests on the false positives your anticipating? – ennuikiller Sep 11 '09 at 11:55
1

It *would* give a false negative for symbols like ';' in the query, *except* that that's a great big `\S+` in the middle of the expression which can expand to match nearly anything, and it's not anchored at the end so you can put any trailing nonsense in. eg. ‘http://@’ or ‘http://I've got a lovely bunch of "coconuts"’ are ‘valid’. – bobince Sep 11 '09 at 11:55

Andrej · Answer 12 · 2017-11-25T10:24:08.400

I use the /^[a-z]+:[^:]+$/i regular expression for URL validation. See an example of my cross-browser InputKeyFilter code with URL validation.

<!doctype html>
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
    <title>Input Key Filter Test</title>
 <meta name="author" content="Andrej Hristoliubov anhr@mail.ru">
 <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
 
 <!-- For compatibility of IE browser with audio element in the beep() function.
 https://www.modern.ie/en-us/performance/how-to-use-x-ua-compatible -->
 <meta http-equiv="X-UA-Compatible" content="IE=9"/>
 
 <link rel="stylesheet" href="https://rawgit.com/anhr/InputKeyFilter/master/InputKeyFilter.css" type="text/css">  
 <script type="text/javascript" src="https://rawgit.com/anhr/InputKeyFilter/master/Common.js"></script>
 <script type="text/javascript" src="https://rawgit.com/anhr/InputKeyFilter/master/InputKeyFilter.js"></script>
 
</head>
<body>
URL: 
<input type="url" id="Url" value=":"/>
<script>
 CreateUrlFilter("Url", function(event){//onChange event
   inputKeyFilter.RemoveMyTooltip();
   var elementNewInteger = document.getElementById("NewUrl");
   elementNewInteger.innerHTML = this.value;
  }
  
  //onblur event. Use this function if you want set focus to the input element again if input value is NaN. (empty or invalid)
  , function(event){ this.ikf.customFilter(this); }
 );
</script>
 New URL: <span id="NewUrl"></span>

</body>
</html>

Also see my page example of the input key filter.

h://google.com is valid URL. "h:" is valid prefix See https://www.w3.org/Addressing/URL/url-spec.txt for details. Examples of valid URL: mailto:myname@domain.com https://google.com If you want filter Hypertext Transfer Protocol only, you need use /^http:\/\/[^:]+$/i regular expression — Andrej, Oct 08 '16 at 10:28

score 1 · Answer 13 · answered Feb 24 '16 at 12:53

try with this:

 var RegExp =/^(?:(?:https?|ftp):\/\/)(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\u00a1-\uffff0-9]+-?)*[a-z\u00a1-\uffff0-9]+)(?:\.(?:[a-z\u00a1-\uffff0-9]+-?)*[a-z\u00a1-\uffff0-9]+)*(?:\.(?:[a-z\u00a1-\uffff]{2,})))(?::\d{2,5})?(?:\/[^\s]*)?$/i;

score 1 · Answer 14 · answered May 30 '16 at 10:09

1

/(?:http[s]?\/\/)?(?:[\w\-]+(?::[\w\-]+)?@)?(?:[\w\-]+\.)+(?:[a-z]{2,4})(?::[0-9]+)?(?:\/[\w\-\.%]+)*(?:\?(?:[\w\-\.%]+=[\w\-\.%!]+&?)+)?(#\w+\-\.%!)?/

answered May 30 '16 at 10:09

Eru

187
4

I think your expression is missing a `:` between the protocol and `//`. Otherwise, it works fine! – Gustavo Straube Oct 18 '17 at 17:27

Tzahi Leh · Answer 15 · 2023-01-04T16:46:27.957

/^(http|ftp)s?:\/\/((?=.{3,253}$)(localhost|(([^ ]){1,63}\.[^ ]+)))$/

explanation:

URL can start with http / ftp
s can follow, but not necessarily
:// are a must right after
Maximum length of domain labels with TLD is 253. What we see here is a lookup to check that total length is min 3 (i.e http://a.b) and max of 253
Then there's either localhost or domain-name.TLD. domain-name can be made out of multiple labels, divided by a dot (i.e https://inner.sub.domain.net), and maximum length of each label is 63. I didn't see anywhere that there's limitation on the TLD length, so I didn't put there any restriction.

What @bobince answered is a real concern.

The latest answers are very close (thanks @Akseli), but they all miss the obligatory dot in the URL and lengths. The answer I provide above deals with those too.

for further reading:

score 0 · Answer 16 · answered Jan 25 '23 at 15:53

From https://www.freecodecamp.org/news/how-to-validate-urls-in-javascript/

function isValidHttpUrl(str) {
  const pattern = new RegExp(
    '^(https?:\\/\\/)?' + // protocol
      '((([a-z\\d]([a-z\\d-]*[a-z\\d])*)\\.)+[a-z]{2,}|' + // domain name
      '((\\d{1,3}\\.){3}\\d{1,3}))' + // OR ip (v4) address
      '(\\:\\d+)?(\\/[-a-z\\d%_.~+]*)*' + // port and path
      '(\\?[;&a-z\\d%_.~+=-]*)?' + // query string
      '(\\#[-a-z\\d_]*)?$', // fragment locator
    'i'
  );
  return pattern.test(str);
}

console.log(isValidHttpUrl('https://www.freecodecamp.org/')); // true
console.log(isValidHttpUrl('mailto://freecodecamp.org')); // false
console.log(isValidHttpUrl('freeCodeCamp')); // false

score 0 · Answer 17 · answered Apr 26 '23 at 11:06

I have tried a few but there were a few issues so I came up with this one.

/(https?:\/\/(?:www\d*\.|(?!www\d*\.))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|www\d*\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|https?:\/\/(?:www\d*\.|(?!www\d*\.))[a-zA-Z0-9]+\.[^\s]{2,}|www\d*\.[a-zA-Z0-9]+\.[^\s]{2,})/gi;

How to use

const isValidUrl = (url = '') => {
    if (url) {
        var expression =
            /(https?:\/\/(?:www\d*\.|(?!www\d*\.))[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|www\d*\.[a-zA-Z0-9][a-zA-Z0-9-]+[a-zA-Z0-9]\.[^\s]{2,}|https?:\/\/(?:www\d*\.|(?!www\d*\.))[a-zA-Z0-9]+\.[^\s]{2,}|www\d*\.[a-zA-Z0-9]+\.[^\s]{2,})/gi;
        var regex = new RegExp(expression);
        return !!url.match(regex);
    }
    return false;
};

Breakdown

/(
  https?:\/\/                        # matches http:// or https://
  (?:www\d*\.|(?!www\d*\.)          # matches an optional "www" prefix with zero or more digits, followed by a dot,
                                    # or excludes "www" prefix followed by digits
  )[a-zA-Z0-9][a-zA-Z0-9-]+          # matches the domain name
  [a-zA-Z0-9]\.                      # matches the dot before the top-level domain
  [^\s]{2,}                          # matches the rest of the URL after the domain name
  |                                 # or
  www\d*\.[a-zA-Z0-9][a-zA-Z0-9-]+    # matches the "www" prefix with zero or more digits, followed by a dot, and the domain name
  [a-zA-Z0-9]\.                      # matches the dot before the top-level domain
  [^\s]{2,}                          # matches the rest of the URL after the domain name
  |                                 # or
  https?:\/\/                        # matches http:// or https://
  (?:www\d*\.|(?!www\d*\.)          # matches an optional "www" prefix with zero or more digits, followed by a dot,
                                    # or excludes "www" prefix followed by digits
  )[a-zA-Z0-9]+\.[^\s]{2,}          # matches the domain name and top-level domain
  |                                 # or
  www\d*\.[a-zA-Z0-9]+\.[^\s]{2,}    # matches the "www" prefix with zero or more digits, followed by a dot, and the domain name and top-level domain
)/gi;

Valid URLs

http://www.example.com
https://www.example.co.uk
http://www1.example.com
http://www2.example.com
http://www3.example.com
https://www1.example.co.uk
https://www2.example.co.uk
https://www3.example.co.uk
https://example.com
http://example.com
www.example.com
www1.example.com
www2.example.com
www3.example.com
www.example.co.uk
www1.example.co.uk
www2.example.co.uk
www3.example.co.uk

Invalid URLs

example
example.com
ftp://example.com
ftp://www.example.com
http://www.example
http://www.example.
http://www.example/
http://example./com

score 0 · Answer 18 · answered Aug 21 '23 at 01:02

Using the power of javascript only, a good approach in some cases is to use

let urlToValidate = `${decodeURIComponent(url)}`

const isValidUrl = (url = '') => {
    try {
        new URL(url);
        return true;
    } catch (error) {
        return false;
    }
};

let result = isValidUrl(urlToValidate)
console.log(result)

Regular expression for URL validation (in JavaScript)

18 Answers18

Linked

Related