doc: improve code snippet alternative of url.parse() using WHATWG URL

styfle · aduh95 · commit 9446832905da · 2025-10-31T21:25:41.000+01:00
PR-URL: #60209 Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
diff --git a/doc/api/url.md b/doc/api/url.md
@@ -1847,7 +1847,7 @@ input. CVEs are not issued for `url.parse()` vulnerabilities. Use the
 function getURL(req) {
   const proto = req.headers['x-forwarded-proto'] || 'https';
   const host = req.headers['x-forwarded-host'] || req.headers.host || 'example.com';
-  return new URL(req.url || '/', `${proto}://${host}`);
+  return new URL(`${proto}://${host}${req.url || '/'}`);
 }
 ```
 
@@ -1857,7 +1857,7 @@ use the example below:
 
 ```js
 function getURL(req) {
-  return new URL(req.url || '/', 'https://example.com');
+  return new URL(`https://example.com${req.url || '/'}`);
 }
 ```
 

Original file line number	Diff line number	Diff line change
@@ -1847,7 +1847,7 @@ input. CVEs are not issued for `url.parse()` vulnerabilities. Use the
`1847`	`1847`	`function getURL(req) {`
`1848`	`1848`	`const proto = req.headers['x-forwarded-proto'] \|\| 'https';`
`1849`	`1849`	`const host = req.headers['x-forwarded-host'] \|\| req.headers.host \|\| 'example.com';`
`1850`		- return new URL(req.url \|\| '/', `${proto}://${host}`);
	`1850`	+ return new URL(`${proto}://${host}${req.url \|\| '/'}`);
`1851`	`1851`	`}`
`1852`	`1852`	```
`1853`	`1853`
`@@ -1857,7 +1857,7 @@ use the example below:`
`1857`	`1857`
`1858`	`1858`	```js
`1859`	`1859`	`function getURL(req) {`
`1860`		`- return new URL(req.url \|\| '/', 'https://example.com');`
	`1860`	+ return new URL(`https://example.com${req.url \|\| '/'}`);
`1861`	`1861`	`}`
`1862`	`1862`	```
`1863`	`1863`