mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-19 08:21:20 +00:00
fix: fix domain validator with port but no scheme and https or http
This commit is contained in:
@@ -113,14 +113,6 @@ func TestOAuthController_isRedirectSafe(t *testing.T) {
|
|||||||
redirectURI: "https:/malicious",
|
redirectURI: "https:/malicious",
|
||||||
expected: false,
|
expected: false,
|
||||||
},
|
},
|
||||||
{
|
|
||||||
description: "Redirect URI without scheme returns false",
|
|
||||||
appURL: "https://tinyauth.example.com",
|
|
||||||
cookieDomain: "example.com",
|
|
||||||
subdomainsEnabled: true,
|
|
||||||
redirectURI: "tinyauth.example.com",
|
|
||||||
expected: false,
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
description: "Relative redirect URI returns false",
|
description: "Relative redirect URI returns false",
|
||||||
appURL: "https://tinyauth.example.com",
|
appURL: "https://tinyauth.example.com",
|
||||||
|
|||||||
@@ -63,7 +63,7 @@ func (v *DomainValidator) getURL(i string) (*url.URL, error) {
|
|||||||
return nil, ErrInvalidURL
|
return nil, ErrInvalidURL
|
||||||
}
|
}
|
||||||
|
|
||||||
if v.opts.WithPort && !v.opts.WithScheme && u.Port() == "" {
|
if v.opts.WithPort && u.Port() == "" && (u.Scheme != "http" && u.Scheme != "https") {
|
||||||
return nil, fmt.Errorf("port validation is enabled but port is missing in input url and schemes are not enabled")
|
return nil, fmt.Errorf("port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -104,6 +104,24 @@ func TestDomainValidator_SafeHostname(t *testing.T) {
|
|||||||
assert.ErrorContains(t, e, "input url is missing scheme")
|
assert.ErrorContains(t, e, "input url is missing scheme")
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
description: "With port enabled but without scheme and url with https should work",
|
||||||
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
input: "https://example.com",
|
||||||
|
expected: "example.com",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
description: "With port enabled but without scheme and url with http should work",
|
||||||
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
input: "http://example.com",
|
||||||
|
expected: "example.com",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
description: "With port enabled but without scheme and url with port should work",
|
||||||
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
input: "example.com:8080",
|
||||||
|
expected: "example.com",
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for _, test := range tests {
|
for _, test := range tests {
|
||||||
@@ -194,7 +212,7 @@ func TestDomainValidator_Validate(t *testing.T) {
|
|||||||
expected: "ssh://example.com:22",
|
expected: "ssh://example.com:22",
|
||||||
actual: "ssh://example.com",
|
actual: "ssh://example.com",
|
||||||
errorFunc: func(t *testing.T, e error) {
|
errorFunc: func(t *testing.T, e error) {
|
||||||
assert.ErrorContains(t, e, "failed to get effective port for url")
|
assert.ErrorContains(t, e, "port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -203,9 +221,21 @@ func TestDomainValidator_Validate(t *testing.T) {
|
|||||||
expected: "ssh://example.com",
|
expected: "ssh://example.com",
|
||||||
actual: "ssh://example.com:22",
|
actual: "ssh://example.com:22",
|
||||||
errorFunc: func(t *testing.T, e error) {
|
errorFunc: func(t *testing.T, e error) {
|
||||||
assert.ErrorContains(t, e, "failed to get effective port for url")
|
assert.ErrorContains(t, e, "port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
description: "Port enabled but no scheme and https scheme should pass",
|
||||||
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
expected: "https://example.com",
|
||||||
|
actual: "https://example.com",
|
||||||
|
},
|
||||||
|
{
|
||||||
|
description: "Port enabled but no scheme and http scheme should pass",
|
||||||
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
expected: "http://example.com",
|
||||||
|
actual: "http://example.com",
|
||||||
|
},
|
||||||
{
|
{
|
||||||
description: "Port validation with port and no scheme should fail with different port",
|
description: "Port validation with port and no scheme should fail with different port",
|
||||||
options: DomainValidatorOptions{WithPort: true},
|
options: DomainValidatorOptions{WithPort: true},
|
||||||
|
|||||||
Reference in New Issue
Block a user