search

kevva / url-regex

Regular expression for matching URLs
MIT License
353 stars 65 forks source link

Decode error #32

Open wadewegner opened 7 years ago

wadewegner commented 7 years ago

The presence of ).{% trailing a valid URL (e.g. http://cnn.com/).{%) causes the error:

[PATH]/node_modules/normalize-url/index.js:82
        urlObj.pathname = decodeURI(urlObj.pathname);
                          ^

URIError: URI malformed
    at decodeURI (native)
    at module.exports ([PATH]/node_modules/normalize-url/index.js:82:21)
    at [PATH]/node_modules/get-urls/index.js:14:10
    at Array.map (native)
    at module.exports ([PATH]/node_modules/get-urls/index.js:13:24)
    at [PATH]/index.js:17:16
    at Array.forEach (native)
    at [PATH]/index.js:15:9
    at [PATH]/node_modules/recursive-readdir/index.js:64:22
    at [PATH]/node_modules/recursive-readdir/index.js:64:22
wadewegner commented 7 years ago

Note that @sindresorhus punted to you. https://github.com/sindresorhus/get-urls/issues/15#issuecomment-262281028

KiranShakya commented 4 years ago

@wadewegner is it still reproducible? I tried with the latest master and the problem is probably resolved.

niftylettuce commented 4 years ago

Please use https://github.com/niftylettuce/url-regex-safe as this package has a severe vulnerability (see #70).