You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The issue was originally reported at the server (rdap-server issue 35), but this issue is for the provider.
When a partial search is made using the only wildcard allowed "*", I still can use other wildcards to get more information in the response. Here are some cases assuming that the minimum of characters allowed for the search is 5:
"/domains?name=%%a%*" will search for all the domains that have the char 'a' in their names.
"/domains?name=__e_*" will search for all the domains that the 3rd char of its name is the char 'e' followed by at least another char.
This wildcards can be used because the queries used for the searches use the sentence "LIKE", so they should be escaped if they are going to reach the query executed at DB. The escape could be made at the models (mx.nic.rdap.sql.model) just when the wildcard "*" is replaced by "%". The issue applies only for extended searches, so the models where the solution can be applied are:
DomainModel
EntityModel
NameserverModel
The text was updated successfully, but these errors were encountered:
Verified. All the special chars used as a wildcard were escaped. The only wildcard allowed is * (asterisk). If an user executes the following searches, he receives the corresponding response:
The issue was originally reported at the server (rdap-server issue 35), but this issue is for the provider.
When a partial search is made using the only wildcard allowed "*", I still can use other wildcards to get more information in the response. Here are some cases assuming that the minimum of characters allowed for the search is 5:
"/domains?name=%%a%*" will search for all the domains that have the char 'a' in their names.
"/domains?name=__e_*" will search for all the domains that the 3rd char of its name is the char 'e' followed by at least another char.
This wildcards can be used because the queries used for the searches use the sentence "LIKE", so they should be escaped if they are going to reach the query executed at DB. The escape could be made at the models (
mx.nic.rdap.sql.model
) just when the wildcard "*" is replaced by "%". The issue applies only for extended searches, so the models where the solution can be applied are:The text was updated successfully, but these errors were encountered: