Laravel Config Database Failed to Parse URL

[gusdecool]

Laravel Version

11.24.1

PHP Version

8.1.28

Database Driver & Version

MySQL 8.0.37

Description

Laravel config parse URL is using php parse_url() which will fail the database URL password have # characters.

For example below config

// config/database.php
return [

    'default' => 'foo',
    'connections' => [

        'foo' => [
            'driver' => 'mysql',
            'url' => 'mysql://root:passwordWithHash#@localhost/foo' // this is issue
            'charset' => 'utf8mb4',
            'collation' => 'utf8mb4_unicode_ci',
            'prefix'    => '',
            'strict'    => false,
            'engine'    => null,
            'sticky'    => true,
        ],

    ],

];

The config above will throw exception message

The database configuration URL is malformed.

because the source code https://github.com/laravel/framework/blob/296f3f8b391782deacc873272e0c09550fb02c10/src/Illuminate/Support/ConfigurationUrlParser.php#L132C5-L143C6 is using function parse_url() to parse the config above and it will return false if the url contain #

Tested with Laravel v9. But I believe the same issue will happen in Laravel v11 as the source code still the same as in link above.

Steps To Reproduce

Create a database config as shown above and try to query database, we will get exception

The database configuration URL is malformed.

[rojtjo]

You have to URL encode the password, or any other value that contains an unsupported character.

mysql://root:passwordWithHash%23@localhost/foo

[gusdecool]

@rojtjo I think ideally it should work out of the box?
If Laravel found unsupported characters, Laravel will encode it if needed.

[rojtjo]

I don't think there's a safe way to automatically encode a value like this:
mysql://fr@nk:p@ss:word@localhost/example

It already correctly encodes the values when using the separate environment vars DB_USERNAME, DB_PASSWORD, etc.

[gusdecool]

I think we can use regex for that as we know the format is

[protocol][user][password][host][database]

Will back to you with the formula.

---

Sample regex

^(?'driver'[^:]+):\/\/(?'user'[^:]+):(?'pass'[^@]+)@(?'host'[^\/]+)?\/(?'db'.+)

sample data
mysql://fr@nk:pass:word@localhost/example
mysql://fr@nk:pass:word@localhost:3306/example
postgress://fr@nk:pass:word@localhost:3306/example

const we can't use @ for password :(

[gusdecool]

FYI, I tried the URL with URL encoded password.
It failed with database connection failure which indicate Laravel didn't decode the password and causing the failure.

[gusdecool]

Updates: I tried the same DSN using Doctrine and it's working fine in Doctrine.
Perhaps we can apply the same logic that used by Doctrine into Laravel.