Why exclude vertical tabs?

Like horizontal tabs and other control characters, this char should not appear in a URL. We already have a check for control chars, this one can be added for completeness?

Vertical tabs are not mentioned on the URL spec: https://url.spec.whatwg.org/
We have to follow the standards.
👎

The URL spec mentions that C0 controls are forbidden, and \v is in the range of C0 control chars. Maybe I misunderstand a bit, C0 seem forbidden in hosts and domains only. Maybe this check should be done only on the host, not the whole URL

I can't see where the vertical tab needs this special handling. Please link to the exact sentences you have in mind?

I don't think the vertical tab needs a special check, the proposed patch is not a good idea as explained by your comments. Reading the spec again, I'm wondering if we should still ensure the host doesn't contain C0 control chars, as stated in https://url.spec.whatwg.org/#forbidden-host-code-point ? There are check that ensure there are no leading/trailing C0 chars in the URL, but it does not check the host if I understand correctly RequestContext and HttpClientTrait

I'm not sure. Which problem would that solve?
BTW parse_url already does something with C0 chars: https://3v4l.org/SZMC5

The code would closer follow the living standard. Indeed parse_url seems to handle it but the output seems "wrong" as the spec says it should be invalid.
If you're not convinced, let's close this PR and wait for a real world use case to appear, I'm ok with that 🙂

Let's close yes. We don't need a spec-compliant parser here. There are third party libs for that.