Skip to content

Fix regex pattern for webhook URL validation#613

Closed
voytech-net wants to merge 1 commit into
hookdeck:mainfrom
voytech-net:patch-1
Closed

Fix regex pattern for webhook URL validation#613
voytech-net wants to merge 1 commit into
hookdeck:mainfrom
voytech-net:patch-1

Conversation

@voytech-net

Copy link
Copy Markdown
Contributor

- when using azure workflows, the generated URL has a query parameter with encoded forward slash
- the original regex pattern did not like this
Copilot AI review requested due to automatic review settings January 7, 2026 21:09
@vercel

vercel Bot commented Jan 7, 2026

Copy link
Copy Markdown

@voytech-net is attempting to deploy a commit to the Hookdeck Team on Vercel.

A member of the Team first needs to authorize it.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes the webhook URL validation regex pattern to accept URLs with percent-encoded characters, specifically to support Azure Logic Apps workflow URLs that contain encoded forward slashes (e.g., %2F) in query parameters.

Key Changes

  • Added % character to the URL path regex pattern to allow percent-encoded characters in webhook URLs

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

"description": "The URL to send webhook events to via HTTP POST",
"required": true,
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:%:?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"

Copilot AI Jan 7, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The regex pattern contains a duplicate colon character. In the path portion of the pattern, the sequence ~:%:? should be ~:%?. The duplicate colon between % and ? is unnecessary and may cause unexpected behavior in URL validation.

Suggested change
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:%:?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:%?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"

Copilot uses AI. Check for mistakes.
"description": "The URL to send webhook events to via HTTP POST",
"required": true,
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"
"pattern": "^https?:\\/\\/[\\w\\-]+(?:\\.[\\w\\-]+)*(?::\\d{1,5})?(?:\\/[\\w\\-\\/\\.~:%:?#\\[\\]@!$&'\\(\\)*+,;=]*)?$"

Copilot AI Jan 7, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The URL validation pattern has been updated to support percent-encoded characters (like %2F for forward slashes in Azure workflow URLs), but there are no tests verifying that URLs with percent-encoded characters are accepted. Consider adding a test case that validates a URL with percent-encoded characters, such as the Azure workflow URL mentioned in the PR description, to ensure the regex change works as intended and prevent regressions.

Copilot uses AI. Check for mistakes.
@alexluong

Copy link
Copy Markdown
Collaborator

hi @voytech-net, thank you so much for your contribution, this work is merged in #619 as we needed to apply this same RegEx to other destinations as well

@alexluong alexluong closed this Jan 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants