# coding=utf8
# the above tag defines encoding for this document and is for Python 2.x compatibility
import re
regex = r"\[(?:http://|https://)*(?:\w+\.)*(\w+(?:\.(?:com|org|net|edu|gov|info|biz|io|co|app|co|uk|de|jp|ca|dev|app|gg))+)]\((?:http://|https://)(?:\w+\.)+\w+(?:/\w+)*\)"
test_str = ("Normal links don't get caught:\n"
"[do not catch this](https://example.com)\n"
"orthis.com\n\n"
"Neither do links with full stops in the message:\n"
"(messages. with. full stops)[https://example.com]\n\n"
"even if they forget a space\n"
"[whoops.nospace](https://example.com)\n\n"
"because we catch based on tld:\n"
"[catchthis.com](https://malicious.link)\n"
"[catchthis.org](https://malicious.link)\n"
"[catchthis.net](https://malicious.link)\n"
"[catchthis.edu](https://malicious.link)\n"
"[catchthis.gov](https://malicious.link)\n"
"[catchthis.info](https://malicious.link)\n"
"[catchthis.biz](https://malicious.link)\n"
"[catchthis.io](https://malicious.link)\n"
"[catchthis.co](https://malicious.link)\n"
"[catchthis.uk](https://malicious.link)\n"
"[catchthis.de](https://malicious.link)\n"
"[catchthis.jp](https://malicious.link)\n\n"
"[www.catchthis.com](https://malicious.link)\n"
"[https://catchthis.com](https://malicious.link)\n"
"[http://catchthis.com](http://malicious.link)\n\n"
"any combination of the above also gets matched for multiple tld urls:\n"
"[link.co.jp.org.net](https://malicious.link)\n\n"
"This is perfect because we can block any malicious link with any tld or any number of subdomains, but have a controlled list of tlds that links with a fake url begin with. Since most non-standard tlds are sketchy, we don't even need that many:\n\n"
"[link.com](http://any.malicious.li.nk/anything/at/all)\n\n"
"Any number of subdomains also get caught:\n"
"[auth.google.com](https://malicious.website.com)\n"
"[any.number.at.all.com](https://malicious.link)\n\n\n"
"This method of having a set tld list means almost zero false positives, with the drawback of people having to recognise sketchy urls themselves:\n\n"
"[linkwitha.sketchytld](https://malicious.link) // not caught\n\n"
"If you want a wider net with a higher chance of false positives, replace the subdomains with the word matcher wildcard (\\w+):\n\n"
"\\[(?:\\w+\\.)*(\\w+(?:\\.(?:\\w+))+)]\\((?:http://|https://)(?:\\w+\\.)+\\w+(?:/\\w+)*\\)\n\n"
"Or a much shorter one that doesn't catch http:// links but that is short enough for Discord: [discord already blocks \"fake\" links with https in the title but not ones without it]\n\n"
"\\[(\\w+\\.?)*]\\((https?://)(\\w+\\.?)*\\)\n\n"
"a longer method with subdomain denylisting is also short enough for Discord:\n\n"
"\\[(?:(?:www|auth|login)\\.)*(\\w+(?:\\.(?:com|org|net|edu|gov|info|biz|io|co|app|co|uk|de|jp|ca|dev|app|gg))+)]\\((?:http://|https://)(?:\\w+\\.)+\\w+(?:/\\w+)*\\)\n\n"
"Since this compiles to a shorter resulting regex (add more subdomains after auth to catch more. )")
matches = re.finditer(regex, test_str, re.MULTILINE)
for matchNum, match in enumerate(matches, start=1):
print ("Match {matchNum} was found at {start}-{end}: {match}".format(matchNum = matchNum, start = match.start(), end = match.end(), match = match.group()))
for groupNum in range(0, len(match.groups())):
groupNum = groupNum + 1
print ("Group {groupNum} found at {start}-{end}: {group}".format(groupNum = groupNum, start = match.start(groupNum), end = match.end(groupNum), group = match.group(groupNum)))
# Note: for Python 2.7 compatibility, use ur"" to prefix the regex and u"" to prefix the test string and substitution.
Please keep in mind that these code samples are automatically generated and are not guaranteed to work. If you find any syntax errors, feel free to submit a bug report. For a full regex reference for Python, please visit: https://docs.python.org/3/library/re.html