Validate hostname in uri #2846
Validate hostname in uri #2846
Conversation
There was a problem hiding this comment.
Thanks for your contribution!
I think you're on the right path, documentation might need a bit of work here since it differentiate from string.domain now.
I feel like this API would benefit greatly from supporting an array of hostnames as well, or even regexps, or a mix of both.
lib/types/string.js
Outdated
| @@ -662,6 +662,13 @@ module.exports = Any.extend({ | |||
| return helpers.error('string.domain', { value: matched }); | |||
| } | |||
|
|
|||
| if(options?.domain?.hostname){ | |||
There was a problem hiding this comment.
domain is already checked a few lines above, you can probably refactor that if to handle your case.
There was a problem hiding this comment.
Are you talking about the domain variable few lines above (line 659)?
I think it's not the same as options.domain...
There was a problem hiding this comment.
Technically, it kind of is. Look at the $_addRule just above.
options (the 3rd argument of validate) is basically the raw argument you provided.
domain (the 4th argument) is the post-processed version of that raw argument through the call to addressOptions, which I think should be augmented to validate that hostname satisfies expectations.
There was a problem hiding this comment.
I added info to the docs and also support for regex and arrays.
| @@ -639,7 +639,7 @@ module.exports = Any.extend({ | |||
| Common.assertOptions(options, ['allowRelative', 'allowQuerySquareBrackets', 'domain', 'relativeOnly', 'scheme']); | |||
|
|
|||
| if (options.domain) { | |||
| Common.assertOptions(options.domain, ['allowFullyQualified', 'allowUnicode', 'maxDomainSegments', 'minDomainSegments', 'tlds']); | |||
| Common.assertOptions(options.domain, ['allowFullyQualified', 'allowUnicode', 'maxDomainSegments', 'minDomainSegments', 'tlds', 'hostname']); | |||
There was a problem hiding this comment.
If this is going to be part of domain, you should probably exclude it from the call to isValid to avoid any possible side-effect from an evolution of that module.
lib/types/string.js
Outdated
| @@ -721,6 +728,7 @@ module.exports = Any.extend({ | |||
| 'string.pattern.invert.name': '{{#label}} with value {:[.]} matches the inverted {{#name}} pattern', | |||
| 'string.trim': '{{#label}} must not have leading or trailing whitespace', | |||
| 'string.uri': '{{#label}} must be a valid uri', | |||
| 'string.uri.hostname': '{{#label}} is not from given hostname', | |||
There was a problem hiding this comment.
The error might be more useful if it detailed what it expected, like so:
| 'string.uri.hostname': '{{#label}} is not from given hostname', | |
| 'string.uri.hostname': '{{#label}} does not match {{#expected}} hostname' |
There was a problem hiding this comment.
I made some changes to make the error more useful, following the example.
| if (domain) { | ||
|
|
||
| if ((!options.allowRelative || matched) && | ||
| !Domain.isValid(matched, domain)) { |
There was a problem hiding this comment.
This call to isValid should be avoided? @Marsup
#2690
Adds validation for given hostname.