bug #24589 Username and password in basic auth are allowed to contain '.' (Richard Quadling)

This PR was merged into the 2.7 branch.

Discussion
----------

Username and password in basic auth are allowed to contain '.'

Initially reported by Fede Isas in https://github.com/beberlei/assert/pull/234

| Q             | A
| ------------- | ---
| Branch?       | 2.3
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets |
| License       | MIT
| Doc PR        |

Commits
-------

e5d57dd050 Username and password in basic auth are allowed to contain '.'

src/Symfony/Component/Validator/Constraints/UrlValidator.php

@@ -23,7 +23,7 @@ class UrlValidator extends ConstraintValidator
 {
     const PATTERN = '~^
             (%s)://                                 # protocol
-            (([\pL\pN-]+:)?([\pL\pN-]+)@)?          # basic auth
+            (([\.\pL\pN-]+:)?([\.\pL\pN-]+)@)?      # basic auth
             (
                 ([\pL\pN\pS-\.])+(\.?([\pL\pN]|xn\-\-[\pL\pN-]+)+\.?) # a domain name
                     |                                                 # or

src/Symfony/Component/Validator/Tests/Constraints/UrlValidatorTest.php

@@ -121,6 +121,9 @@ class UrlValidatorTest extends AbstractConstraintValidatorTest
             array('http://xn--d1abbgf6aiiy.xn--p1ai/'),
             array('http://☎.com/'),
             array('http://username:password@symfony.com'),
+            array('http://user.name:password@symfony.com'),
+            array('http://username:pass.word@symfony.com'),
+            array('http://user.name:pass.word@symfony.com'),
             array('http://user-name@symfony.com'),
             array('http://symfony.com?'),
             array('http://symfony.com?query=1'),