diff --git a/lib/SimpleSAML/Utils/HTTP.php b/lib/SimpleSAML/Utils/HTTP.php
index 9f5a50e40aa2d540bad8eb3c61277e629a4619d3..1acdea6726ac4508eb71a2b4c2a2bb108f7b8db7 100644
--- a/lib/SimpleSAML/Utils/HTTP.php
+++ b/lib/SimpleSAML/Utils/HTTP.php
@@ -323,8 +323,15 @@ class HTTP
         // validates the URL's host is among those allowed
         if (is_array($trustedSites)) {
             assert(is_array($trustedSites));
-            preg_match('@^https?://([^/]+)@i', $url, $matches);
-            $hostname = $matches[1];
+            preg_match('@^http(s?)://([^/:]+)((?::\d+)?)@i', $url, $matches);
+            $hostname = $matches[2];
+
+            // allow URLs with standard ports specified (non-standard ports must then be allowed explicitly)
+            if (!empty($matches[3]) &&
+                (($matches[1] === '' && $matches[3] !== ':80') || ($matches[1]) === 's' && $matches[3] !== ':443')
+            ) {
+                $hostname = $hostname.$matches[3];
+            }
 
             $self_host = self::getSelfHostWithNonStandardPort();