@ -1,7 +1,7 @@
'use strict' ;
var punycode = require ( 'punycode' ) ;
var util = require ( 'util' ) ;
const punycode = require ( 'punycode' ) ;
const util = require ( 'util' ) ;
exports . parse = urlParse ;
exports . resolve = urlResolve ;
@ -29,54 +29,54 @@ function Url() {
// define these here so at least they only have to be
// compiled once on the first module load.
var protocolPattern = /^([a-z0-9.+-]+:)/i ,
portPattern = /:[0-9]*$/ ,
// Special case for a simple path URL
simplePathPattern = /^(\/\/?(?!\/)[^\?\s]*)(\?[^\s]*)?$/ ,
// RFC 2396: characters reserved for delimiting URLs.
// We actually just auto-escape these.
delims = [ '<' , '>' , '"' , '`' , ' ' , '\r' , '\n' , '\t' ] ,
// RFC 2396: characters not allowed for various reasons.
unwise = [ '{' , '}' , '|' , '\\' , '^' , '`' ] . concat ( delims ) ,
// Allowed by RFCs, but cause of XSS attacks. Always escape these.
autoEscape = [ '\'' ] . concat ( unwise ) ,
// Characters that are never ever allowed in a hostname.
// Note that any invalid chars are also handled, but these
// are the ones that are *expected* to be seen, so we fast-path
// them.
nonHostChars = [ '%' , '/' , '?' , ';' , '#' ] . concat ( autoEscape ) ,
hostEndingChars = [ '/' , '?' , '#' ] ,
hostnameMaxLen = 255 ,
hostnamePartPattern = /^[+a-z0-9A-Z_-]{0,63}$/ ,
hostnamePartStart = /^([+a-z0-9A-Z_-]{0,63})(.*)$/ ,
// protocols that can allow "unsafe" and "unwise" chars.
unsafeProtocol = {
'javascript' : true ,
'javascript:' : true
} ,
// protocols that never have a hostname.
hostlessProtocol = {
'javascript' : true ,
'javascript:' : true
} ,
// protocols that always contain a // bit.
slashedProtocol = {
'http' : true ,
'https' : true ,
'ftp' : true ,
'gopher' : true ,
'file' : true ,
'http:' : true ,
'https:' : true ,
'ftp:' : true ,
'gopher:' : true ,
'file:' : true
} ,
querystring = require ( 'querystring' ) ;
const protocolPattern = /^([a-z0-9.+-]+:)/i ;
const portPattern = /:[0-9]*$/ ;
// Special case for a simple path URL
const simplePathPattern = /^(\/\/?(?!\/)[^\?\s]*)(\?[^\s]*)?$/ ;
// RFC 2396: characters reserved for delimiting URLs.
// We actually just auto-escape these.
const delims = [ '<' , '>' , '"' , '`' , ' ' , '\r' , '\n' , '\t' ] ;
// RFC 2396: characters not allowed for various reasons.
const unwise = [ '{' , '}' , '|' , '\\' , '^' , '`' ] . concat ( delims ) ;
// Allowed by RFCs, but cause of XSS attacks. Always escape these.
const autoEscape = [ '\'' ] . concat ( unwise ) ;
// Characters that are never ever allowed in a hostname.
// Note that any invalid chars are also handled, but these
// are the ones that are *expected* to be seen, so we fast-path them.
const nonHostChars = [ '%' , '/' , '?' , ';' , '#' ] . concat ( autoEscape ) ;
const hostEndingChars = [ '/' , '?' , '#' ] ;
const hostnameMaxLen = 255 ;
const hostnamePartPattern = /^[+a-z0-9A-Z_-]{0,63}$/ ;
const hostnamePartStart = /^([+a-z0-9A-Z_-]{0,63})(.*)$/ ;
// protocols that can allow "unsafe" and "unwise" chars.
const unsafeProtocol = {
'javascript' : true ,
'javascript:' : true
} ;
// protocols that never have a hostname.
const hostlessProtocol = {
'javascript' : true ,
'javascript:' : true
} ;
// protocols that always contain a // bit.
const slashedProtocol = {
'http' : true ,
'https' : true ,
'ftp' : true ,
'gopher' : true ,
'file' : true ,
'http:' : true ,
'https:' : true ,
'ftp:' : true ,
'gopher:' : true ,
'file:' : true
} ;
const querystring = require ( 'querystring' ) ;
function urlParse ( url , parseQueryString , slashesDenoteHost ) {
if ( url && util . isObject ( url ) && url instanceof Url ) return url ;