diff --git a/CHANGELOG.md b/CHANGELOG.md index ebde04cb..90a97e3a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,10 @@ FEATURE: New metrics infrastructure based on OpenZiti usage events (https://gith CHANGE: The underlying database store now utilizes a `deleted` flag on all tables to implement "soft deletes". This was necessary for the new metrics infrastructure, where we need to account for metrics data that arrived after the lifetime of a share or environment; and also we're going to need this for limits, where we need to see historical information about activity in the past (https://github.com/openziti/zrok/issues/262) +# v0.3.5 + +CHANGE: `zrok config set apiEndpoint` now validates that the new API endpoint correctly starts with `http://` or `https://` (https://github.com/openziti/zrok/issues/258) + # v0.3.4 CHANGE: `zrok test endpoint` incorporates `--ziti` mode (and related flags) to allow direct endpoint listening on a Ziti service diff --git a/cmd/zrok/configSet.go b/cmd/zrok/configSet.go index 8b9837e9..a72d29f4 100644 --- a/cmd/zrok/configSet.go +++ b/cmd/zrok/configSet.go @@ -2,10 +2,12 @@ package main import ( "fmt" + "net/url" + "os" + "github.com/openziti/zrok/tui" "github.com/openziti/zrok/zrokdir" "github.com/spf13/cobra" - "os" ) func init() { @@ -42,6 +44,13 @@ func (cmd *configSetCommand) run(_ *cobra.Command, args []string) { if zrd.Cfg == nil { zrd.Cfg = &zrokdir.Config{} } + ok, err := isFullyValidUrl(value) + if err != nil { + tui.Error("unable to validate api endpoint", err) + } + if !ok { + tui.Error("invalid apiEndpoint; please make sure URL starts with http:// or https://", nil) + } zrd.Cfg.ApiEndpoint = value modified = true @@ -62,3 +71,14 @@ func (cmd *configSetCommand) run(_ *cobra.Command, args []string) { fmt.Println("zrok configuration not changed") } } + +func isFullyValidUrl(rawUrl string) (bool, error) { + u, err := url.Parse(rawUrl) + if err != nil { + return false, err + } + if u.Scheme == "" || u.Host == "" { + return false, nil + } + return true, nil +}