From f3bd16244ea3013ab20ec63394f6306c7b8730e6 Mon Sep 17 00:00:00 2001
From: Denis Ryabov <dryabov@yandex.ru>
Date: Mon, 6 May 2019 14:18:50 +0300
Subject: [PATCH] Fixed issue in URL parsing

Fixed "Broken URL parsing" issue mentioned in issue #8640 [details: 1) empty username or password are allowed, 2) colon in password is allowed]
---
 js/navigation/path.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/js/navigation/path.js b/js/navigation/path.js
index 916c3f09dc5..631286b3133 100644
--- a/js/navigation/path.js
+++ b/js/navigation/path.js
@@ -57,7 +57,7 @@ $.mobile.path = path = {
 	//    [16]: ?msg=1234&type=unread
 	//    [17]: #msg-content
 	//
-	urlParseRE: /^\s*(((([^:\/#\?]+:)?(?:(\/\/)((?:(([^:@\/#\?]+)(?:\:([^:@\/#\?]+))?)@)?(([^:\/#\?\]\[]+|\[[^\/\]@#?]+\])(?:\:([0-9]+))?))?)?)?((\/?(?:[^\/\?#]+\/+)*)([^\?#]*)))?(\?[^#]+)?)(#.*)?/,
+	urlParseRE: /^\s*(((([^:\/#\?]+:)?(?:(\/\/)((?:(([^:@\/#\?]*)(?:\:([^@\/#\?]*))?)@)?(([^:\/#\?\]\[]+|\[[^\/\]@#?]+\])(?:\:([0-9]+))?))?)?)?((\/?(?:[^\/\?#]+\/+)*)([^\?#]*)))?(\?[^#]+)?)(#.*)?/,
 
 	// Abstraction to address xss (Issue #4787) by removing the authority in
 	// browsers that auto-decode it. All references to location.href should be