Fix pattern detection of URL schemes

Fix #2670.

Author: liZe

tests/test_api.py

@@ -10,6 +10,7 @@
 import unicodedata
 import wsgiref.simple_server
 import zlib
+from base64 import b64encode
 from functools import partial
 from pathlib import Path
 from urllib.parse import urljoin, uses_relative
@@ -704,6 +705,17 @@ def test_allowed_protocols(command):
     _run(command, f'<img src="{path2url(resource_path("pattern.png"))}">'.encode())
 
 
+@assert_no_logs
+@pytest.mark.parametrize('command', [
+    '- -',
+    '--allowed-protocols data - -',
+    '--allowed-protocols File,Data - -',
+])
+def test_allowed_protocols_data(command):
+    data = b64encode(resource_path('pattern.png').read_bytes()).decode()
+    _run(command, f'<img src="data:image/png;base64,{data}">'.encode())
+
+
 @pytest.mark.parametrize('command', [
     '--allowed-protocols http - -',
     '--allowed-protocols http,https - -',

weasyprint/urls.py

@@ -330,17 +330,18 @@ def fetch(self, url, headers=None):
 
         """
         # Discard URLs with no or invalid protocol.
-        if not UNICODE_SCHEME_RE.match(url):  # pragma: no cover
+        if not (match := UNICODE_SCHEME_RE.match(url)):  # pragma: no cover
             raise ValueError(f'Not an absolute URI: {url}')
+        scheme = match[1].lower()
 
         # Discard URLs with forbidden protocol.
         if self._allowed_protocols is not None:
-            if url.split('://', 1)[0].lower() not in self._allowed_protocols:
+            if scheme not in self._allowed_protocols:
                 raise ValueError(f'URI uses disallowed protocol: {url}')
 
         # Remove query and fragment parts from file URLs.
         # See https://bugs.python.org/issue34702.
-        if url.lower().startswith('file://'):
+        if scheme == 'file':
             url = url.split('?')[0]
 
         # Transform Unicode IRI to ASCII URI.