Might be a bit paranoid, but I would add the requirement that after the .net
no letter or dot is allowed for the first character. If there is a top-level domain .netmal
or .net.au
(like there is .com.au
), someone could go out and register stacksnippets.netmal
/stacksnippets.net.au
and run their malware there.
So something like:
^https?://stacksnippets\.net([/?].*)?$
This would require a /
or ?
right after the base url, ensuring that the domain really is stacksnippets.net and nothing else.