Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[Validator] Fix validation for single level domains #43876

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 29, 2021
Merged

[Validator] Fix validation for single level domains #43876

merged 1 commit into from
Nov 29, 2021

Conversation

HypeMC
Copy link
Contributor

@HypeMC HypeMC commented Nov 1, 2021
edited by nicolas-grekas
Loading

Q A
Branch? 4.4
Bug fix? yes
New feature? no
Deprecations? no
Tickets Fix #43868, #44252
License MIT
Doc PR -

Not sure if there are any other test cases that could be added, but this seems to fix the problem.

@carsonbot carsonbot added this to the 4.4 milestone Nov 1, 2021
@nicolas-grekas
Copy link
Member

This looks strange to me because this means that ['http://☎a'] is a valid domain name, while ['http://☎'] is invalid...

@welcoMattic welcoMattic mentioned this pull request Nov 19, 2021
Closed
@welcoMattic
Copy link
Member

This looks strange to me because this means that ['http://☎a'] is a valid domain name, while ['http://☎'] is invalid...

@nicolas-grekas wasn't this case fixed by #44119?

@nicolas-grekas
Copy link
Member

#44119 is on HttpClient+Mime, this one is on Validator, so I'm not sure.

@welcoMattic
Copy link
Member

Yes you are right, at the Validator level maybe we don't have to worry about the xn-- URL format?
If so, your concern is still legitimate

@HypeMC
Copy link
Contributor Author

HypeMC commented Nov 19, 2021

@nicolas-grekas Sorry, I missed your earlier comment, will check it out later today.

@nicolas-grekas
Copy link
Member

Looks like #44252 could provide us with another test case, can you please incorporate it here also?

@HypeMC HypeMC force-pushed the url-validator-fix branch 2 times, most recently from 829372b to 6dc7c87 Compare November 29, 2021 07:34
@HypeMC
Copy link
Contributor Author

HypeMC commented Nov 29, 2021

I've split the domain part into two cases:

  1. single-level domain, the assumption here is that since there's no TLD, it's an internal domain, allows symbols, hyphens etc..
  2. multi-level domain, has a TLD. Since I haven't been able to find any clear information on which characters are allowed in a TLD I went with hyphens allowed, but not at the end, no symbols

Of course, this won't work if you have a multi-level internal domain, eg subdomain.internal☎. Any suggestions would be appreciated.

nicolas-grekas
nicolas-grekas approved these changes Nov 29, 2021
View reviewed changes
Copy link
Member

@nicolas-grekas nicolas-grekas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've update the regexp to not allow unicode chars in local domain names
I've also split it to deal with punycode separately from unicode global domain names,
and ensured that http://বিডিআইএ.বাংলা is accepted (adding \pM to the regexp) for unicode global domain names, since this host exists.

@nicolas-grekas nicolas-grekas force-pushed the url-validator-fix branch 2 times, most recently from 8b29f2c to 5cbd90e Compare November 29, 2021 14:59
@nicolas-grekas
Copy link
Member

Thank you @HypeMC.

@nicolas-grekas nicolas-grekas merged commit 382cde2 into symfony:4.4 Nov 29, 2021
@HypeMC HypeMC deleted the url-validator-fix branch November 29, 2021 15:10
This was referenced Nov 29, 2021
Merged
Merged
This was referenced Dec 29, 2021
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stof stof stof left review comments

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@GromNaN GromNaN GromNaN approved these changes

@welcoMattic welcoMattic welcoMattic approved these changes

@derrabus derrabus derrabus approved these changes

@chalasr chalasr chalasr approved these changes

Assignees
No one assigned
Labels
Bug Status: Reviewed Validator
Projects
None yet
Milestone
4.4
Development

Successfully merging this pull request may close these issues.
8 participants
@HypeMC @nicolas-grekas @welcoMattic @GromNaN @stof @derrabus @chalasr @carsonbot