-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
isURL(): Allow URLs to have only a username in the userinfo subcompon…
…ent (#1644) * Added some missing options to the isURL() docs * Allow URLs to have a userinfo section with only a username The 'userinfo' part of a URL may, according to RFC 1738, contain only a username followed by an '@' sign. The previous behavior of the isURL() function would return false if the userinfo section did not have a colon. In addition to the change in the function, tests have been added to ensure the following exmaples are considered valid: - http://[email protected] - http://user:@example.com - http://user:[email protected] The following are considered not valid: - http://@example.com - http://:@example.com - http://:example.com As a practical example, Sentry (https://github.com/getsentry/sentry) uses a format like http://[email protected]/10 for it's DSNs (which are just URLs).
- Loading branch information
1 parent
9ee1b6b
commit 05ceb18
Showing
3 changed files
with
29 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -350,6 +350,7 @@ describe('Validators', () => { | |
'http://www.foobar.com/~foobar', | ||
'http://user:[email protected]/', | ||
'http://user:@www.foobar.com/', | ||
'http://[email protected]', | ||
'http://127.0.0.1/', | ||
'http://10.0.0.0/', | ||
'http://189.123.14.13/', | ||
|
@@ -374,7 +375,6 @@ describe('Validators', () => { | |
'http://[::FFFF:129.144.52.38]:80/index.html', | ||
'http://[2010:836B:4179::836B:4179]', | ||
'http://example.com/example.json#/foo/bar', | ||
'http://user:@www.foobar.com', | ||
'http://1337.com', | ||
], | ||
invalid: [ | ||
|
@@ -405,6 +405,8 @@ describe('Validators', () => { | |
'http://lol: @foobar.com/', | ||
'http://www.foo_bar.com/', | ||
'http://www.foobar.com/\t', | ||
'http://@foobar.com', | ||
'http://:@foobar.com', | ||
'http://\[email protected]/', | ||
'', | ||
`http://foobar.com/${new Array(2083).join('f')}`, | ||
|
@@ -416,7 +418,6 @@ describe('Validators', () => { | |
'////foobar.com', | ||
'http:////foobar.com', | ||
'https://example.com/foo/<script>alert(\'XSS\')</script>/', | ||
'[email protected]', | ||
], | ||
}); | ||
}); | ||
|
@@ -668,6 +669,24 @@ describe('Validators', () => { | |
}); | ||
}); | ||
|
||
it('should accept urls containing authentication information', () => { | ||
test({ | ||
validator: 'isURL', | ||
args: [{ disallow_auth: false }], | ||
valid: [ | ||
'[email protected]', | ||
'user:@example.com', | ||
'user:[email protected]', | ||
], | ||
invalid: [ | ||
'user:user:[email protected]', | ||
'@example.com', | ||
':@example.com', | ||
':example.com', | ||
], | ||
}); | ||
}); | ||
|
||
it('should allow user to skip URL length validation', () => { | ||
test({ | ||
validator: 'isURL', | ||
|