Fixed issue in URL parsing

Fixed "Broken URL parsing" issue mentioned in issue jquery-archive#8640 [details: 1) empty username or password are allowed, 2) colon in password is allowed]
dryabov · May 6, 2019 · f3bd162 · f3bd162
1 parent 1f0cec9
commit f3bd162
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/js/navigation/path.js b/js/navigation/path.js
@@ -57,7 +57,7 @@ $.mobile.path = path = {
 	//    [16]: ?msg=1234&type=unread
 	//    [17]: #msg-content
 	//
-	urlParseRE: /^\s*(((([^:\/#\?]+:)?(?:(\/\/)((?:(([^:@\/#\?]+)(?:\:([^:@\/#\?]+))?)@)?(([^:\/#\?\]\[]+|\[[^\/\]@#?]+\])(?:\:([0-9]+))?))?)?)?((\/?(?:[^\/\?#]+\/+)*)([^\?#]*)))?(\?[^#]+)?)(#.*)?/,
+	urlParseRE: /^\s*(((([^:\/#\?]+:)?(?:(\/\/)((?:(([^:@\/#\?]*)(?:\:([^@\/#\?]*))?)@)?(([^:\/#\?\]\[]+|\[[^\/\]@#?]+\])(?:\:([0-9]+))?))?)?)?((\/?(?:[^\/\?#]+\/+)*)([^\?#]*)))?(\?[^#]+)?)(#.*)?/,
 
 	// Abstraction to address xss (Issue #4787) by removing the authority in
 	// browsers that auto-decode it. All references to location.href should be