mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-02-25 22:51:43 +01:00
Etemplate - add a URL regex to catch some invalids that were making it through
This commit is contained in:
nathangray
parent
12ae214b76
commit
cc1fff6c17
@ -44,6 +44,8 @@ class Url extends Etemplate\Widget
|
||||
*/
|
||||
const EMAIL_PREG = "/^(([^\042',<][^,<]+|\042[^\042]+\042|\'[^\']+\'|)\s?<)?[^\x01-\x20()<>@,;:\042\[\]]+@([a-z0-9ÄÖÜäöüß](|[a-z0-9ÄÖÜäöüß_-]*[a-z0-9ÄÖÜäöüß])\.)+[a-z]{2,}>?$/iu";
|
||||
|
||||
const URL_PREG = '_^(?:(?:https?|ftp)://)?(?:\S+(?::\S*)?@)?(?:(?!10(?:\.\d{1,3}){3})(?!127(?:\.\d{1,3}){3})(?!169\.254(?:\.\d{1,3}){2})(?!192\.168(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)(?:\.(?:[a-z\x{00a1}-\x{ffff}0-9]+-?)*[a-z\x{00a1}-\x{ffff}0-9]+)*(?:\.(?:[a-z\x{00a1}-\x{ffff}]{2,})))(?::\d{2,5})?(?:/[^\s]*)?$_iuS';
|
||||
|
||||
/**
|
||||
* Validate input
|
||||
*
|
||||
@ -96,6 +98,7 @@ class Url extends Etemplate\Widget
|
||||
self::set_validation_error($form_name,lang("'%1' has an invalid format !!!",$value),'');
|
||||
return;
|
||||
}
|
||||
$this->attrs['preg'] = self::URL_PREG;
|
||||
break;
|
||||
case 'url-email':
|
||||
$this->attrs['preg'] = self::EMAIL_PREG;
|
||||
|
||||
@ -102,6 +102,7 @@ class UrlTest extends \EGroupware\Api\Etemplate\WidgetBaseTest
|
||||
array('http://userid:password@example.com/'),
|
||||
array('http://142.42.1.1/'),
|
||||
array('http://142.42.1.1:8080/'),
|
||||
array('foo.com'), // We prepend http in this case
|
||||
|
||||
// We use filter_var, and it can't handle these
|
||||
/*
|
||||
@ -151,29 +152,20 @@ class UrlTest extends \EGroupware\Api\Etemplate\WidgetBaseTest
|
||||
array('///a'),
|
||||
array('///'),
|
||||
array('http:///a'),
|
||||
array('foo.com'),
|
||||
array('rdar://1234'),
|
||||
array('h://test'),
|
||||
// We don't check protocol
|
||||
//array('rdar://1234'),
|
||||
//array('h://test'),
|
||||
//array('ftps://foo.bar/'),
|
||||
array('http:// shouldfail.com'),
|
||||
array(':// should fail'),
|
||||
array('http://foo.bar/foo(bar)baz quux'),
|
||||
array('ftps://foo.bar/'),
|
||||
array('http://-error-.invalid/'),
|
||||
array('http://a.b--c.de/'),
|
||||
array('http://-a.b.co'),
|
||||
array('http://a.b-.co'),
|
||||
array('http://0.0.0.0'),
|
||||
array('http://10.1.1.0'),
|
||||
array('http://10.1.1.255'),
|
||||
array('http://224.1.1.1'),
|
||||
array('http://1.1.1.1.1'),
|
||||
array('http://123.123.123'),
|
||||
array('http://3628126748'),
|
||||
array('http://.www.foo.bar/'),
|
||||
array('http://www.foo.bar./'),
|
||||
array('http://.www.foo.bar./'),
|
||||
array('http://10.1.1.1'),
|
||||
array('http://10.1.1.254'),
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user