validation

URL (HTTP / HTTPS) Regex Pattern

Validates URLs starting with http:// or https://. Uses a "non-empty path or host after protocol" check that avoids matching bare "http://" or malformed protocol-only strings.

/^https?:\/\/[^\s/$.?#].[^\s]*$/

What each part matches

^https?: — literal 'http' followed by optional 's'
\/\/ — literal '//' (escaped)
[^\s/$.?#] — first char after :// must NOT be whitespace or a URL delimiter (guards against empty host)
.[^\s]*$ — one required char + zero or more non-whitespace chars until end

✓ These match

  • https://example.com
  • http://sub.domain.io/path?q=1
  • https://example.com:8080/api

✗ These don't

  • ftp://example.com
  • example.com
  • https://
  • not a url

Use in your code

JavaScript

const re = /^https?:\/\/[^\s/$.?#].[^\s]*$/;
re.test(input); // → true or false

Python

import re
re.fullmatch(r"^https?:\/\/[^\s/$.?#].[^\s]*$", input)

PHP (PCRE)

preg_match('/^https?:\\/\\/[^\s\/$.?#].[^\s]*$/', $input);

Go

re := regexp.MustCompile(`^https?:\/\/[^\s/$.?#].[^\s]*$`)
re.MatchString(input)

FAQ

Does this url (http / https) regex work in JavaScript?
Yes. Every pattern in the Utilko regex library is tested to work in JavaScript RegExp, PCRE (PHP, Nginx), and Python `re`. Where flavor matters (lookbehind, named groups), the pattern page flags it.
How do I use this pattern?
Copy the pattern from the code block above. In JavaScript: new RegExp('^https?:\/\/[^\s/$.?#].[^\s]*$') or literal /^https?:\/\/[^\s/$.?#].[^\s]*$/. Or click "Try in regex tester" to open it pre-loaded in Utilko's browser-based regex tester.
Should I use this for security-critical validation?
Client-side regex is fine for UX (immediate feedback on a form). For anything security-critical — payments, auth, data integrity — always re-validate server-side using the same pattern PLUS domain-specific checks (Luhn checksum for cards, actual email delivery test, DNS resolution for domains).

Related regex patterns

← All regex patterns · Regex tester · Regex cheat sheet