Reject backslash in URL authority per RFC 3986

[rodrigobnogueira]

What do these changes do?

Reject URLs whose authority (netloc) component contains a backslash (\), which is not a valid character in the authority per RFC 3986. Previously, yarl silently accepted these URLs and treated the backslash as part of the host, producing unexpected parsed results.

This aligns yarl's parsing with the RFC 3986 grammar where \ is not listed among valid authority characters (unreserved / pct-encoded / sub-delims / ":" / "@").

Are there changes in behavior for the user?

Yes. URL(r"http://example.com\path") now raises ValueError instead of silently producing a misleading parsed result where the backslash becomes part of the host.

Is it a substantial burden for the maintainers to support this?

No. It is a single guard in split_url() in _parse.py, with four parametrized test cases.

Related issue number

N/A

Checklist

• I think the code is well written
• Unit tests for the changes exist
• Documentation reflects the changes
• Add a new news fragment into the CHANGES/ folder

[codspeed-hq]

Merging this PR will not alter performance

✅ 99 untouched benchmarks

---

_{Comparing rodrigobnogueira:fix-backslash-in-netloc (1cd7bc8) with master (3ca1a90)}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.48%. Comparing base (2f180d1) to head (1cd7bc8).
⚠️ Report is 1 commits behind head on master.

❌ Your project check has failed because the head coverage (97.64%) is below the target coverage (100.00%). You can increase the head coverage or adjust the target coverage.

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #1659   +/-   ##
=======================================
  Coverage   99.47%   99.48%           
=======================================
  Files          30       30           
  Lines        5942     5975   +33     
  Branches      283      285    +2     
=======================================
+ Hits         5911     5944   +33     
  Misses         22       22           
  Partials        9        9           

Flag	Coverage Δ
CI-GHA	99.48% <100.00%> (+<0.01%)	⬆️
MyPy	97.64% <100.00%> (+0.01%)	⬆️
OS-Linux	99.68% <100.00%> (-0.03%)	⬇️
OS-Windows	98.42% <100.00%> (+<0.01%)	⬆️
OS-macOS	98.57% <100.00%> (+<0.01%)	⬆️
Py-3.10.11	98.40% <100.00%> (+<0.01%)	⬆️
Py-3.10.20	99.63% <100.00%> (+<0.01%)	⬆️
Py-3.11.15	99.63% <100.00%> (+<0.01%)	⬆️
Py-3.11.9	98.40% <100.00%> (+<0.01%)	⬆️
Py-3.12.10	98.40% <100.00%> (+<0.01%)	⬆️
Py-3.12.13	99.63% <100.00%> (+<0.01%)	⬆️
Py-3.13.12	?
Py-3.13.13	99.68% <100.00%> (?)
Py-3.13.13t	99.68% <100.00%> (+<0.01%)	⬆️
Py-3.14.3	?
Py-3.14.4	99.68% <100.00%> (?)
Py-3.14.4t	99.68% <100.00%> (+<0.01%)	⬆️
Py-pypy3.10.16-7.3.19	?
VM-macos-latest	98.57% <100.00%> (+<0.01%)	⬆️
VM-ubuntu-latest	99.68% <100.00%> (-0.03%)	⬇️
VM-windows-latest	98.42% <100.00%> (+<0.01%)	⬆️
pytest	99.70% <100.00%> (-0.03%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.