github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 21:25:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Improve URL validation to check for a valid host.

Browse Source 
Parsing a URL with `URI` is not sufficient as the following cases
are considered valid:

URI.parse("http://https://google.com")
=> #<URI::HTTP http://https//google.com>
This commit is contained in:
Guo Xiang Tan
2017-12-21 12:27:17 +08:00
parent ba3bf9c7bb
commit 6ecf37c482
4 changed files with 52 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
spec/models/user_profile_spec.rb
View File

@ -55,18 +55,21 @@ describe UserProfile do
end
context "website validation" do
let(:user) { Fabricate(:user) }
let(:user_profile) { Fabricate.build(:user_profile, user: Fabricate(:user)) }
it "ensures website is valid" do
expect(Fabricate.build(:user_profile, user: user, website: "http://https://google.com")).not_to be_valid
expect(Fabricate.build(:user_profile, user: user, website: "http://discourse.productions")).to be_valid
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).to be_valid
it "should not allow invalid URLs" do
user_profile.website = "http://https://google.com"
expect(user_profile).to_not be_valid
end
it "validates website domain if user_website_domains_whitelist setting is present" do
SiteSetting.user_website_domains_whitelist = "discourse.org"
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).not_to be_valid
expect(Fabricate.build(:user_profile, user: user, website: "http://discourse.org")).to be_valid
user_profile.website = "https://google.com"
expect(user_profile).not_to be_valid
user_profile.website = "http://discourse.org"
expect(user_profile).to be_valid
end
end