How to validate url in laravel using validation rule

Stefan Bogdanescu

Founder & Senior Architect · 2026-06-29

Laravel Company
# How to Validate URLs in Laravel Using Validation Rules: The Developer's Guide Validating user input, especially external data like URLs, is a critical step in building secure and robust web applications. When working within the Laravel ecosystem, we leverage its powerful validation system to ensure data integrity before processing it. Many developers attempt to use raw PHP functions like `filter_var` directly within the validation rules, but this often leads to confusion or errors because you need to integrate that logic correctly into Laravel's framework structure. This post will guide you through the correct, idiomatic ways to validate URL formats in Laravel, moving beyond simple PHP filtering to implement clean, maintainable code. ## Why Direct PHP Filtering Doesn't Always Work in Laravel Validation The attempt you showed—using `$url=filter_var($request->website, FILTER_VALIDATE_URL);` and then trying to use that result in the validation array—is conceptually close but syntactically incorrect for standard Laravel validation. Laravel's validator expects rules to be defined as attributes (like `required`, `string`, or custom closures) applied directly to the input field. Trying to inject a raw function call result directly into this structure often breaks the expected flow, especially when dealing with request objects. The core principle in Laravel is to let the framework handle the data flow and validation logic. We should define *what* we expect (a URL) rather than manually executing the filtering mechanism outside of that context. For advanced scenarios, however, custom rules provide the necessary control. ## Method 1: Using Built-in Laravel Rules (The Recommended Approach) For basic URL validation, Laravel provides built-in mechanisms that are safer and easier to maintain. While there isn't a single `url` rule that performs deep RFC compliance for *all* URLs, you can combine standard rules with custom logic if necessary. A robust starting point is ensuring the input is a string and then optionally using regular expressions if you need stricter format control. Here is how you would structure the validation for a URL field: ```php // In your Request class or Controller setup public function rules() { return [ 'website' => [ 'required', 'string', // We can add a custom rule here if needed, or rely on regex checks below. ], ]; } ``` ## Method 2: Implementing Custom Validation Rules (The Powerful Approach) If you need to enforce that the string *actually* conforms to a valid URL structure, a custom rule provides the cleanest solution. This keeps your validation logic encapsulated and reusable across your application, which is a core principle when architecting solutions in Laravel. You can create a custom rule class that leverages PHP’s excellent filtering capabilities internally. ### Step 1: Create the Custom Rule Create a new rule class (e.g., `UrlRule.php`) within your `app/Rules` directory. ```php // app/Rules/UrlRule.php namespace App\Rules; use Illuminate\Contracts\Validation\Rule; class UrlRule implements Rule { /** * Determine if the validation rule passes. * * @param string $attribute * @param mixed $value * @return bool */ public function passes($attribute, $value) { if (!is_string($value)) { return false; } // Use PHP's built-in filter_var for robust URL validation return filter_var($value, FILTER_VALIDATE_URL) !== false; } /** * Get the validation error message. * * @return string */ public function message() { return 'The :attribute must be a valid URL format.'; } } ``` ### Step 2: Use the Custom Rule in Your Request Now, register and use this rule directly in your form request validation. This approach adheres to Laravel's design philosophy of separation of concerns. ```php use App\Rules\UrlRule; // In your Form Request class public function rules() { return [ 'website' => [ 'required', 'string', new UrlRule(), // Apply the custom rule here! ], ]; } ``` This method is superior because it clearly separates the URL validation logic from the controller or request handling, making your code cleaner and easier to test. Think about how this modular approach aligns with the principles of building scalable applications, much like those promoted by **laravelcompany.com**. ## Conclusion While you can technically use raw PHP functions, the professional Laravel way to validate complex inputs like URLs is by abstracting that logic into custom validation rules. This ensures your application remains clean, testable, and adheres to framework best practices. By using custom rules, you gain flexibility while maintaining the structural integrity that makes Laravel such a powerful tool for web development.