Potential fix for code scanning alert no. 63: Inefficient regular expression

[kkartunov]

Potential fix for https://github.com/topcoder-platform/platform-ui/security/code-scanning/63

How to fix the problem generally:
The problem arises from ambiguity in the regular expression due to overlapping matches (e.g. when a dash can be both inside and at the boundary of a subdomain label). The common solution is to write the domain label sub-pattern so that the dash cannot appear at the beginning or end, and to avoid ambiguous repetitions by making the "greedy" parts explicit and unambiguous.

Best single fix for this code:
Modify the regular expression used in the isValidURL function so that the domain sub-pattern only allows dashes (-) in the middle of labels, never at the start or end. A common, robust pattern for a DNS label is: [a-z\d]([a-z\d-]*[a-z\d])? or, equivalently, [a-z\d](?:[a-z\d-]*[a-z\d])?. The entire label is then repeated as needed for domain/subdomain structure. This eliminates the exponential ambiguity identified by CodeQL.

Where to change:
Edit the regular expression pattern in the isValidURL function (lines 91–99), specifically the domain label part on line 93:
Currently: (([a-z\\d]([a-z\\d-]*[a-z\\d])*)\\.)+[a-z]{2,}|
Should become: (([a-z\\d](?:[a-z\\d-]*[a-z\\d])?)\\.)+[a-z]{2,}|
(Note that the inner * should be changed so a label can't be just dashes; now, every label starts and ends with alphanumerics.)

Imports/other changes needed:
No extra imports or dependencies are needed. Only the regex pattern in the isValidURL function is changed.

---

Suggested fixes powered by Copilot Autofix. Review carefully before merging.