diff --git a/coding/coding_tests/url_tests.cpp b/coding/coding_tests/url_tests.cpp
index 733aaa4f24..027d40a01f 100644
--- a/coding/coding_tests/url_tests.cpp
+++ b/coding/coding_tests/url_tests.cpp
@@ -105,6 +105,20 @@ UNIT_TEST(Url_Invalid)
   TEST(!Url("").IsValid(), ());
   TEST(!Url(":/").IsValid(), ());
   TEST(!Url("//").IsValid(), ());
+
+  TEST(!Url("http://").IsValid(), ());
+
+  // Ensure URLs with invalid hosts (e.g., special characters) are invalid.
+  TEST(!Url("https://@&€:1;asf").IsValid(), ());
+
+  //Ensure URLs with invalid schemes (e.g., ftp) are invalid.
+  TEST(!Url("ftp://example.com").IsValid(), ());
+
+  //Ensure URLs with invalid host formats (e.g., starting with a hyphen) are invalid.
+  TEST(!Url("http://-example.com").IsValid(), ());
+
+  // Ensure URLs with invalid host formats (e.g., double dots) are invalid.
+  TEST(!Url("http://example..com").IsValid(), ());
 }
 
 UNIT_TEST(Url_Valid)
@@ -189,4 +203,4 @@ UNIT_TEST(UrlApi_Smoke)
   TEST(url.GetParamValue("m"), ());
 }
 
-}  // namespace url_tests
+}  // namespace url_tests
\ No newline at end of file
diff --git a/coding/url.cpp b/coding/url.cpp
index acc2bc7d66..af91bcdd52 100644
--- a/coding/url.cpp
+++ b/coding/url.cpp
@@ -4,6 +4,7 @@
 #include "base/assert.hpp"
 #include "base/string_utils.hpp"
 
+#include  <regex>
 
 namespace url
 {
@@ -30,6 +31,10 @@ bool Url::Parse(std::string const & url)
   if (start == string::npos || start == 0)
     return false;
   m_scheme = url.substr(0, start);
+  
+  //validate scheme
+  if(m_scheme != "http" && m_scheme != "https")
+    return false;
 
   // Skip slashes.
   start = url.find_first_not_of('/', start + 1);
@@ -46,6 +51,12 @@ bool Url::Parse(std::string const & url)
   else
     m_host = url.substr(start, end - start);
 
+  //validate host
+  std::regex hostRegex("^([a-zA-Z0-9.-]+)(:[0-9]+)?$");
+  if (!std::regex_match(m_host, hostRegex)) 
+  {
+      return false; 
+  }
   // Get path.
   if (url[end] == '/')
   {
@@ -64,6 +75,12 @@ bool Url::Parse(std::string const & url)
       m_path = url.substr(start, end - start);
   }
 
+  //validate path
+  if (m_path.empty())
+  {
+    return false; 
+  }
+
   // Parse query/fragment for keys and values.
   for (start = end + 1; start < url.size();)
   {
@@ -88,6 +105,12 @@ bool Url::Parse(std::string const & url)
         key = UrlDecode(url.substr(start, end - start));
       }
 
+      // Validate key and value.
+      if (key.empty() || value.empty()) 
+      {
+        return false; // Invalid key or value
+      }
+
       m_params.emplace_back(key, value);
     }