Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bugfix: domain name validation. #951

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

bugfix: domain name validation. #951

wants to merge 2 commits into from
+84 −4

Conversation

StuBz211
Copy link

@StuBz211 StuBz211 commented Feb 7, 2024

Updated regexp for domain validation
Add testcases for domain validation

fix issue: #950

fix small bug with domain validation

bugfix: domain name validation.
303c760 
Updated regexp for domain validation
Add testcases for domain validation

fix issue: IdentityPython#950
@StuBz211 StuBz211 mentioned this pull request Feb 7, 2024
Open
c00kiemon5ter
c00kiemon5ter requested changes Apr 23, 2024
View reviewed changes
tests/test_13_validate.py Outdated
Comment on lines 157 to 159
assert valid_domain_name("lk.domain.com:12")
assert valid_domain_name("lk.domain.com:12")
assert valid_domain_name("static.domain.xyz:12345")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

these are domains + ports; they are not just domains.

Copy link
Author

@StuBz211 StuBz211 Apr 23, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep but it can be as value in DNSName? or Not?
I think it depend of setup of IdentityProvider

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

tests/test_13_validate.py Outdated
assert valid_domain_name("domain.com")
assert valid_domain_name("domain.lu")
assert valid_domain_name("auth-domain.com")
assert valid_domain_name("domain.com:12345")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same here

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

removed

tests/test_13_validate.py Outdated
valid_domain_name("")

with raises(ValueError):
valid_domain_name("auth.domain.ljnjnfds")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why should this result to an error?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

top-level domain cannot be longer than 5 characters

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

top-level domain cannot be longer than 5 characters

According to the MDN, the longest a TLD can be is 63 characters. Cutting this down to a 5-character space would invalidate many top level domains, some that I own, some that I know others own.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated

tests/test_13_validate.py Outdated
valid_domain_name("exaple.c")

with raises(ValueError):
valid_domain_name("123example.com")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

domains can start with digits

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tryed to find it and I found,
I agree

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

src/saml2/validate.py Outdated
@@ -420,6 +420,7 @@ def valid_instance(instance):


def valid_domain_name(dns_name):
m = re.match(r"^[a-z0-9]+([-.]{ 1 }[a-z0-9]+).[a-z]{2,5}(:[0-9]{1,5})?(\/.)?$", dns_name, re.I)
m = re.match(r"^((?:[a-zA-Z](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?\.)+[a-zA-Z]{2,5})(?::\d+)?$", dns_name, re.I)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does the regex come from somewhere?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

combined with previous regex.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

reject regexp

@c00kiemon5ter
Copy link
Member

c00kiemon5ter commented Apr 23, 2024
edited
Loading

The original issue is due to the change from {1} to { 1 }.

This PR introduces a new regex. I would be good to have an explanation about the regex itself.

Further, we could also reuse existing packages for this purpose, like validators.

@StuBz211
Copy link
Author

The original issue is due to the change from {1} to { 1 }.

yep, but I found other problems with that regex.
So what we decide to do?
To use validators it's a good idea

Update after review:
d3a92dc 
- Added validators library.
- For domain validation uses validators.domain insted of regepx.
- Updated tests according to reviews.
@StuBz211
Copy link
Author

Further, we could also reuse existing packages for this purpose, like validators.

Here we go.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ephreal ephreal ephreal left review comments

@c00kiemon5ter c00kiemon5ter c00kiemon5ter requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@StuBz211 @c00kiemon5ter @ephreal