LibURL: Validate for invalid _domain_ code points for non-opaque domains

We were previously not checking for C0 control, U+0025 (%), or U+007F DELETE. This makes another good set of URL tests in WPT pass :^)
Author: https://github.com/shannonbooth Commit: fdf4f1e887 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/958 Reviewed-by: https://github.com/tcl3 ✅
2025-07-29 04:09:13 +00:00 · 2024-08-05 01:17:14 +12:00 · 2024-08-05 01:17:14 +12:00 · fdf4f1e887 · 2024-08-04 17:30:05 +00:00
commit fdf4f1e887
parent f511c0b441
2 changed files with 35 additions and 6 deletions
--- a/Tests/LibURL/TestURL.cpp
+++ b/Tests/LibURL/TestURL.cpp
@ -512,3 +512,18 @@ TEST_CASE(ascii_only_url)
        EXPECT_EQ(url.to_byte_string(), "http://example.com/iNdEx.HtMl#fRaGmEnT");
    }
 }
+
+TEST_CASE(invalid_domain_code_points)
+{
+    {
+        constexpr auto upper_case_url = "http://example%25.com"sv;
+        URL::URL url(upper_case_url);
+        EXPECT(!url.is_valid());
+    }
+
+    {
+        constexpr auto mixed_case_url = "http://thing\u0007y/'"sv;
+        URL::URL url(mixed_case_url);
+        EXPECT(!url.is_valid());
+    }
+}