Index: t3lib/class.t3lib_div.php
===================================================================
--- t3lib/class.t3lib_div.php	(revision 8463)
+++ t3lib/class.t3lib_div.php	(working copy)
@@ -3601,17 +3601,19 @@
 		$decodedUrl = rawurldecode($url);
 		$decodedParts = @parse_url($decodedUrl);
 
-		$whitelistPattern = '/^(\p{Nd}|\p{L}|[_\/\.&=\?\+-~])+$/u';
+		$whitelistPattern = '/^([a-z0-9_\/\.&=\?\+~-])+$/i';
 
 			// Only http and https are allowed as scheme, and at least a path must be given:
 		if (isset($decodedParts['scheme']) && !t3lib_div::inList('http,https', $decodedParts['scheme']) || !isset($decodedParts['path'])) {
 			$url = '';
 			// Check all URL parts for invalid characters:
 		} else {
-			foreach ($decodedParts as $part) {
-				if (!preg_match($whitelistPattern, $part)) {
-					$url = '';
-					break;
+			foreach ($decodedParts as $partName => $part) {
+				if (t3lib_div::inList('path,query,fragment,user,pass', $partName)) {
+					if (!preg_match($whitelistPattern, $part)) {
+						$url = '';
+						break;
+					}
 				}
 			}
 		}