mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-19 08:21:20 +00:00
fix: fix domain validator with port but no scheme and https or http
This commit is contained in:
@@ -113,14 +113,6 @@ func TestOAuthController_isRedirectSafe(t *testing.T) {
|
||||
redirectURI: "https:/malicious",
|
||||
expected: false,
|
||||
},
|
||||
{
|
||||
description: "Redirect URI without scheme returns false",
|
||||
appURL: "https://tinyauth.example.com",
|
||||
cookieDomain: "example.com",
|
||||
subdomainsEnabled: true,
|
||||
redirectURI: "tinyauth.example.com",
|
||||
expected: false,
|
||||
},
|
||||
{
|
||||
description: "Relative redirect URI returns false",
|
||||
appURL: "https://tinyauth.example.com",
|
||||
|
||||
@@ -63,7 +63,7 @@ func (v *DomainValidator) getURL(i string) (*url.URL, error) {
|
||||
return nil, ErrInvalidURL
|
||||
}
|
||||
|
||||
if v.opts.WithPort && !v.opts.WithScheme && u.Port() == "" {
|
||||
if v.opts.WithPort && u.Port() == "" && (u.Scheme != "http" && u.Scheme != "https") {
|
||||
return nil, fmt.Errorf("port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||
}
|
||||
|
||||
|
||||
@@ -104,6 +104,24 @@ func TestDomainValidator_SafeHostname(t *testing.T) {
|
||||
assert.ErrorContains(t, e, "input url is missing scheme")
|
||||
},
|
||||
},
|
||||
{
|
||||
description: "With port enabled but without scheme and url with https should work",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
input: "https://example.com",
|
||||
expected: "example.com",
|
||||
},
|
||||
{
|
||||
description: "With port enabled but without scheme and url with http should work",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
input: "http://example.com",
|
||||
expected: "example.com",
|
||||
},
|
||||
{
|
||||
description: "With port enabled but without scheme and url with port should work",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
input: "example.com:8080",
|
||||
expected: "example.com",
|
||||
},
|
||||
}
|
||||
|
||||
for _, test := range tests {
|
||||
@@ -194,7 +212,7 @@ func TestDomainValidator_Validate(t *testing.T) {
|
||||
expected: "ssh://example.com:22",
|
||||
actual: "ssh://example.com",
|
||||
errorFunc: func(t *testing.T, e error) {
|
||||
assert.ErrorContains(t, e, "failed to get effective port for url")
|
||||
assert.ErrorContains(t, e, "port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||
},
|
||||
},
|
||||
{
|
||||
@@ -203,9 +221,21 @@ func TestDomainValidator_Validate(t *testing.T) {
|
||||
expected: "ssh://example.com",
|
||||
actual: "ssh://example.com:22",
|
||||
errorFunc: func(t *testing.T, e error) {
|
||||
assert.ErrorContains(t, e, "failed to get effective port for url")
|
||||
assert.ErrorContains(t, e, "port validation is enabled but port is missing in input url and schemes are not enabled")
|
||||
},
|
||||
},
|
||||
{
|
||||
description: "Port enabled but no scheme and https scheme should pass",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
expected: "https://example.com",
|
||||
actual: "https://example.com",
|
||||
},
|
||||
{
|
||||
description: "Port enabled but no scheme and http scheme should pass",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
expected: "http://example.com",
|
||||
actual: "http://example.com",
|
||||
},
|
||||
{
|
||||
description: "Port validation with port and no scheme should fail with different port",
|
||||
options: DomainValidatorOptions{WithPort: true},
|
||||
|
||||
Reference in New Issue
Block a user