Allow wildcard domains (#3033)

* Allow wildcard domains * Extend the wildcard tests
netbirdio · Dec 12, 2024 · eea02a4 · eea02a4
1 parent 41d79df
commit eea02a4
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/management/server/http/routes_handler.go b/management/server/http/routes_handler.go
@@ -350,7 +350,7 @@ func validateDomains(domains []string) (domain.List, error) {
 		return nil, fmt.Errorf("domains list exceeds maximum allowed domains: %d", maxDomains)
 	}
 
-	domainRegex := regexp.MustCompile(`^(?:(?:xn--)?[a-zA-Z0-9_](?:[a-zA-Z0-9-_]{0,61}[a-zA-Z0-9])?\.)*(?:xn--)?[a-zA-Z0-9](?:[a-zA-Z0-9-_]{0,61}[a-zA-Z0-9])?$`)
+	domainRegex := regexp.MustCompile(`^(?:\*\.)?(?:(?:xn--)?[a-zA-Z0-9_](?:[a-zA-Z0-9-_]{0,61}[a-zA-Z0-9])?\.)*(?:xn--)?[a-zA-Z0-9](?:[a-zA-Z0-9-_]{0,61}[a-zA-Z0-9])?$`)
 
 	var domainList domain.List
 

diff --git a/management/server/http/routes_handler_test.go b/management/server/http/routes_handler_test.go
@@ -330,6 +330,14 @@ func TestRoutesHandlers(t *testing.T) {
 			expectedStatus: http.StatusUnprocessableEntity,
 			expectedBody:   false,
 		},
+		{
+			name:           "POST Wildcard Domain",
+			requestType:    http.MethodPost,
+			requestPath:    "/api/routes",
+			requestBody:    bytes.NewBufferString(fmt.Sprintf(`{"Description":"Post","domains":["*.example.com"],"network_id":"awesomeNet","Peer":"%s","groups":["%s"]}`, existingPeerID, existingGroupID)),
+			expectedStatus: http.StatusOK,
+			expectedBody:   false,
+		},
 		{
 			name:        "POST UnprocessableEntity when both network and domains are provided",
 			requestType: http.MethodPost,
@@ -609,6 +617,30 @@ func TestValidateDomains(t *testing.T) {
 			expected: domain.List{"google.com"},
 			wantErr:  true,
 		},
+		{
+			name:     "Valid wildcard domain",
+			domains:  []string{"*.example.com"},
+			expected: domain.List{"*.example.com"},
+			wantErr:  false,
+		},
+		{
+			name:     "Wildcard with dot domain",
+			domains:  []string{".*.example.com"},
+			expected: nil,
+			wantErr:  true,
+		},
+		{
+			name:     "Wildcard with dot domain",
+			domains:  []string{".*.example.com"},
+			expected: nil,
+			wantErr:  true,
+		},
+		{
+			name:     "Invalid wildcard domain",
+			domains:  []string{"a.*.example.com"},
+			expected: nil,
+			wantErr:  true,
+		},
 	}
 
 	for _, tt := range tests {