Merge pull request #4042 from Sooraj-s-98/master

sanitized url in url Validation

src/Appwrite/Network/Validator/URL.php

@@ -49,11 +49,17 @@ class URL extends Validator
      */
     public function isValid($value): bool
     {
-        if (\filter_var($value, FILTER_VALIDATE_URL) === false) {
+        $sanitizedURL = '';
+
+        foreach (str_split($value) as $character) {
+            $sanitizedURL .= (ord($character) > 127) ? rawurlencode($character) : $character;
+        }
+
+        if (\filter_var($sanitizedURL, FILTER_VALIDATE_URL) === false) {
             return false;
         }
 
-        if (!empty($this->allowedSchemes) && !\in_array(\parse_url($value, PHP_URL_SCHEME), $this->allowedSchemes)) {
+        if (!empty($this->allowedSchemes) && !\in_array(\parse_url($sanitizedURL, PHP_URL_SCHEME), $this->allowedSchemes)) {
             return false;
         }
 

tests/unit/Network/Validators/URLTest.php

@@ -43,6 +43,7 @@ class URLTest extends TestCase
         $this->assertEquals(false, $this->url->isValid('htt@s://example.com'));
         $this->assertEquals(true, $this->url->isValid('http://www.example.com/foo%2\u00c2\u00a9zbar'));
         $this->assertEquals(true, $this->url->isValid('http://www.example.com/?q=%3Casdf%3E'));
+        $this->assertEquals(true, $this->url->isValid('https://example.com/foo%2\u00c2\u00ä9zbär'));
     }
 
     public function testIsValidAllowedSchemes(): void