The other day, I saw Learn regex the easy
way. This is a great resource, but I
felt the need to pen a post explaining that regexes are usually not the right
Let’s do a little exercise. I googled “URL regex” and here’s the first Stack
This is a bad regex. Here are some valid URLs that this regex fails to match:
- http://名がドメイン.com (warning: this is a parked domain)
- http://[::1] (ipv6 loopback)
Here are some invalid URLs the regex is fine with:
This answer has been revised 9 times on Stack Overflow, and this is the best
they could come up with. Go back and read the regex. Can you tell where each of
these bugs are? How long did it take you? If you received a bug report in your
application because one of these URLs was handled incorrectly, do you understand
this regex well enough to fix it? If your application has a URL regex, go find
it and see how it fares with these tests.
Complicated regexes are opaque, unmaintainable, and often wrong. The correct
approach to validating a URL is as follows:
from urllib.parse import urlparse
A regex is useful for validating simple patterns and for finding patterns in
text. For anything beyond that it’s almost certainly a terrible choice. Say you
validate an email address: try to send an email to it!
validate password strength requirements: estimate the complexity with
validate a date: use your standard library!
validate a credit card number: run the Luhn
algorithm on it!
validate a social security number: alright, use a regex. But don’t expect
the number to be assigned to someone until you ask the Social Security
Administration about it!
Get the picture?