URL validator has incorrect regexp range for scheme

Question

URL validator has incorrect regexp range for scheme

Opened this issue 6 months ago · 0 comments

The URL validator supports a scheme, at 3.1.2 the validator regex support ^[a-z]+:// while according to RFC 1738 (https://datatracker.ietf.org/doc/html/rfc1738#section-2.1) :

Scheme names consist of a sequence of characters. The lower case
   letters "a"--"z", digits, and the characters plus ("+"), period
   ("."), and hyphen ("-") are allowed.

This might break the flow of apps where you would be redirected to a url with a custom scheme causing an app to trigger, such as oauth client registrations. (https://datatracker.ietf.org/doc/html/rfc8252#section-7.1 as an example)

Actual Behavior

import wtforms
from wtforms.validators import URL

class F(wtforms.Form):
    foo = wtforms.StringField(
        validators=[URL(require_tld=False)]
    )

result = F(foo="com.example.app://callback").validate()
print(result)
> False

### Expected Behavior

```python

import wtforms
from wtforms.validators import URL

class F(wtforms.Form):
    foo = wtforms.StringField(
        validators=[URL(require_tld=False)]
    )

result = F(foo="com.example.app://callback").validate()
print(result)
> True

Environment

Python version: 3.11.6
wtforms version: 3.1.2