Ticket #2269 (closed enhancement: fixed)
Allow customers to use URIs for domain redirects
| Reported by: | JCD | Owned by: | tomdooley |
|---|---|---|---|
| Priority: | patch | Milestone: | ispCP ω 1.0.7 |
| Component: | Frontend (GUI) | Version: | ispCP ω 1.0.4 |
| Severity: | Medium | Keywords: | |
| Cc: |
Description
Currently customers can't redirect domains to URIs. Only redirects to domains are allowed. This is a hard constraint.
I've tried create a new function for input_checks.php which validates an URI to the current standards e.g. RFC 3986, 3987. It also makes use of the domain name validating function already implemented.
function validates_uri($uri) {
global $validation_err_msg;
$validation_err_msg = tr('Invalid URL!');
// Authentification part e.g. user:pass@
$pattern = "/^(?:(?:(?:[\w\.\-\+!$&'\(\)*\+,;=]|%[0-9a-f]{2})+:)*(?:[\w\.\-\+%!$&'\(\)*\+,;=]|%[0-9a-f]{2})+@)?";
// Domain part
$pattern .= "((?:[^:\/\?]|%[0-9a-f]{2})+)";
// Port number
$pattern .= "(?::[0-9]{1,5})?";
// Path segment
$pattern .= "(?:[\/|\?](?:[\w\.\-\?\+&=@!$'~*,#!:;\/\(\)\[\]]|%[0-9a-f]{2})*)?$/i";
/* @todo: Up to which length do we allow URIs */
if(strlen($uri) >255) {
$validation_err_msg = tr('Wrong domain name lenght!');
return false;
}
$matches = array();
// Grep the domain part...
if( ($ret = preg_match($pattern, $uri, $matches)) ) {
// ...and validate it
if(substr_count($matches[1], '.') <= 2) {
$ret = validates_dname($matches[1]);
} else {
$ret = validates_dname($matches[1], true);
}
if($ret) {
return true;
}
}
return false;
} // end validates_uri()
I've tested it against several URI variations. Up to now it validates correctly.
Note: The scheme will not be checked as it is handled separately in alias_add.php etc.
Change History
comment:2 in reply to: ↑ 1 Changed 2 years ago by JCD
Replying to kilburn:
Hmm... If we want to allow arbitrary URIs there we should just use php's parse_url function to get the URI's parts and then validate them, instead of splitting the thing with custom functions.
You're right. Didn't think about splitting it up and validating each part separately. That gives more opportunities to validate. I'll think about it.
comment:3 Changed 2 years ago by nuxwin
- Priority changed from normal to minor
- Severity changed from Don't know to Medium
- Milestone changed from Working to ispCP ω 1.0.6
I think that is good feature.
Hmm... If we want to allow arbitrary URIs there we should just use php's parse_url function to get the URI's parts and then validate them, instead of splitting the thing with custom functions.