From 51cf8477956a6a0dd5db524f8a96d85db1c7c395 Mon Sep 17 00:00:00 2001
From: Steve Ayers <sayers@buf.build>
Date: Fri, 31 Jan 2025 16:23:08 -0500
Subject: [PATCH 1/6] Add additional test for URI test cases

---
 cel/library.go | 24 ++++++++++++++++++++----
 1 file changed, 20 insertions(+), 4 deletions(-)

diff --git a/cel/library.go b/cel/library.go
index 381a748..5ded8dd 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -232,8 +232,7 @@ func (l library) CompileOptions() []cel.EnvOption {
 					if !ok {
 						return types.Bool(false)
 					}
-					uri, err := url.Parse(s)
-					return types.Bool(err == nil && uri.IsAbs())
+					return types.Bool(l.validateUri(s, true))
 				}),
 			),
 		),
@@ -247,8 +246,7 @@ func (l library) CompileOptions() []cel.EnvOption {
 					if !ok {
 						return types.Bool(false)
 					}
-					_, err := url.Parse(s)
-					return types.Bool(err == nil)
+					return types.Bool(l.validateUri(s, false))
 				}),
 			),
 		),
@@ -479,6 +477,24 @@ func (l library) validateIPPrefix(p string, ver int64, strict bool) bool {
 	}
 }
 
+func (l library) validateUri(val string, checkAbs bool) bool {
+	uri, err := url.Parse(val)
+	if err != nil {
+		return false
+	}
+	if checkAbs {
+		ok := uri.IsAbs()
+		if !ok {
+			return false
+		}
+	}
+	if _, err := url.ParseQuery(uri.RawQuery); err != nil {
+		return false
+	}
+
+	return true
+}
+
 func (l library) isHostAndPort(val string, portRequired bool) bool {
 	if len(val) == 0 {
 		return false

From 3f52ad7625bec50a96cd5c42b140ce6f880477bd Mon Sep 17 00:00:00 2001
From: Steve Ayers <sayers@buf.build>
Date: Fri, 31 Jan 2025 16:42:11 -0500
Subject: [PATCH 2/6] Lint

---
 cel/library.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cel/library.go b/cel/library.go
index 5ded8dd..7b127c0 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -232,7 +232,7 @@ func (l library) CompileOptions() []cel.EnvOption {
 					if !ok {
 						return types.Bool(false)
 					}
-					return types.Bool(l.validateUri(s, true))
+					return types.Bool(l.validateURI(s, true))
 				}),
 			),
 		),
@@ -246,7 +246,7 @@ func (l library) CompileOptions() []cel.EnvOption {
 					if !ok {
 						return types.Bool(false)
 					}
-					return types.Bool(l.validateUri(s, false))
+					return types.Bool(l.validateURI(s, false))
 				}),
 			),
 		),
@@ -477,7 +477,7 @@ func (l library) validateIPPrefix(p string, ver int64, strict bool) bool {
 	}
 }
 
-func (l library) validateUri(val string, checkAbs bool) bool {
+func (l library) validateURI(val string, checkAbs bool) bool {
 	uri, err := url.Parse(val)
 	if err != nil {
 		return false

From 144d35225c5ff2aa28e7a5f4dde64de1f2c32a6f Mon Sep 17 00:00:00 2001
From: Steve Ayers <smaye81@gmail.com>
Date: Fri, 31 Jan 2025 21:24:49 -0500
Subject: [PATCH 3/6] Update cel/library.go

Co-authored-by: Chris Roche <github@rodaine.com>
---
 cel/library.go | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/cel/library.go b/cel/library.go
index 7b127c0..f8ae90e 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -488,11 +488,8 @@ func (l library) validateURI(val string, checkAbs bool) bool {
 			return false
 		}
 	}
-	if _, err := url.ParseQuery(uri.RawQuery); err != nil {
-		return false
-	}
-
-	return true
+	_, err := url.ParseQuery(uri.RawQuery)
+	return err == nil
 }
 
 func (l library) isHostAndPort(val string, portRequired bool) bool {

From 21e501879202c3126239c1e7a0654e222540cfaf Mon Sep 17 00:00:00 2001
From: Steve Ayers <smaye81@gmail.com>
Date: Fri, 31 Jan 2025 21:24:54 -0500
Subject: [PATCH 4/6] Update cel/library.go

Co-authored-by: Chris Roche <github@rodaine.com>
---
 cel/library.go | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/cel/library.go b/cel/library.go
index f8ae90e..05ff5c5 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -482,9 +482,7 @@ func (l library) validateURI(val string, checkAbs bool) bool {
 	if err != nil {
 		return false
 	}
-	if checkAbs {
-		ok := uri.IsAbs()
-		if !ok {
+	if checkAbs && !uri.IsAbs() {
 			return false
 		}
 	}

From c7db44eb5d2c7c1cae1de22ea77362e0b0147bf2 Mon Sep 17 00:00:00 2001
From: Steve Ayers <sayers@buf.build>
Date: Fri, 31 Jan 2025 21:25:09 -0500
Subject: [PATCH 5/6] Add comment for ParseQuery

---
 cel/library.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/cel/library.go b/cel/library.go
index 05ff5c5..a9c637f 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -486,6 +486,8 @@ func (l library) validateURI(val string, checkAbs bool) bool {
 			return false
 		}
 	}
+
+	// Parse the query string to validate it is formed and encoded properly
 	_, err := url.ParseQuery(uri.RawQuery)
 	return err == nil
 }

From 2ed93618e0f1ec781809f1e0771c5da5a980d91b Mon Sep 17 00:00:00 2001
From: Steve Ayers <sayers@buf.build>
Date: Fri, 31 Jan 2025 21:28:30 -0500
Subject: [PATCH 6/6] Fix syntax

---
 cel/library.go | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/cel/library.go b/cel/library.go
index a9c637f..4285798 100644
--- a/cel/library.go
+++ b/cel/library.go
@@ -483,12 +483,11 @@ func (l library) validateURI(val string, checkAbs bool) bool {
 		return false
 	}
 	if checkAbs && !uri.IsAbs() {
-			return false
-		}
+		return false
 	}
 
 	// Parse the query string to validate it is formed and encoded properly
-	_, err := url.ParseQuery(uri.RawQuery)
+	_, err = url.ParseQuery(uri.RawQuery)
 	return err == nil
 }