src/net/url/url.go      | 4 +++-
 src/net/url/url_test.go | 6 ++++++

diff --git a/src/net/url/url.go b/src/net/url/url.go
index a0974b1ed1be074ce713142140a7dd0f03abd2eb..7386d53875e61981bdfcfe2f7a87b3d46eeeb33f 100644
--- a/src/net/url/url.go
+++ b/src/net/url/url.go
@@ -628,7 +628,9 @@
 // parseHost parses host as an authority without user
 // information. That is, as host[:port].
 func parseHost(host string) (string, error) {
-	if openBracketIdx := strings.LastIndex(host, "["); openBracketIdx != -1 {
+	if openBracketIdx := strings.LastIndex(host, "["); openBracketIdx > 0 {
+		return "", errors.New("invalid IP-literal")
+	} else if openBracketIdx == 0 {
 		// Parse an IP-Literal in RFC 3986 and RFC 6874.
 		// E.g., "[fe80::1]", "[fe80::1%25en0]", "[fe80::1]:80".
 		closeBracketIdx := strings.LastIndex(host, "]")
diff --git a/src/net/url/url_test.go b/src/net/url/url_test.go
index 944124d20edbf76ed8744cd766e404838590abf0..6da6b268fe3e1278c7d9c4148868f12532eae6d0 100644
--- a/src/net/url/url_test.go
+++ b/src/net/url/url_test.go
@@ -1731,6 +1731,12 @@ 		{"http://[fe80::1%foo]/", true},              // invalid zone format in brackets
 		{"http://[fe80::1", true},                    // missing closing bracket
 		{"http://fe80::1]/", true},                   // missing opening bracket
 		{"http://[test.com]/", true},                 // domain name in brackets
+		{"http://example.com[::1]", true},            // IPv6 literal doesn't start with '['
+		{"http://example.com[::1", true},
+		{"http://[::1", true},
+		{"http://.[::1]", true},
+		{"http:// [::1]", true},
+		{"hxxp://mathepqo[.]serveftp(.)com:9059", true},
 	}
 	for _, tt := range tests {
 		u, err := Parse(tt.in)