Fix valid domain regex (#57)

* Fix valid domain regex Based on https://gist.github.com/dperini/729294 Stripped the following checks: - protocol (http, ftp) - short syntax (//) - basic auth (user:pass) - requirement for TLD (\. made optional) - port number (:port) - resource path (/path, #resource-path) * Revert Regex to just support localhost * Prevent matching only a few octets of the ip https://regexr.com/56tso * Add ipv4 regex * Add error for ip addresses * Add missing } Co-authored-by: Jeremy Albright <1935258+Js-Brecht@users.noreply.github.com> Co-authored-by: Jeremy Albright <1935258+Js-Brecht@users.noreply.github.com>
davewasmer · Jul 7, 2020 · 0386f33 · 0386f33
1 parent e138968
commit 0386f33
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 3 deletions.
diff --git a/src/constants.ts b/src/constants.ts
@@ -6,7 +6,8 @@ import applicationConfigPath = require('application-config-path');
 import eol from 'eol';
 import { mktmp } from './utils';
 
-export const VALID_DOMAIN = /(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]/;
+export const VALID_IP = /(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:\.(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}/;
+export const VALID_DOMAIN = /^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.?)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$/i;
 
 // Platform shortcuts
 export const isMac = process.platform === 'darwin';
@@ -77,4 +78,4 @@ export function ensureConfigDirs() {
   mkdirp(rootCADir);
 }
 
-ensureConfigDirs();
+ensureConfigDirs();
diff --git a/src/index.ts b/src/index.ts
@@ -10,7 +10,8 @@ import {
   domainsDir,
   rootCAKeyPath,
   rootCACertPath,
-  VALID_DOMAIN
+  VALID_DOMAIN,
+  VALID_IP
 } from './constants';
 import currentPlatform from './platforms';
 import installCertificateAuthority, { ensureCACertReadable, uninstall } from './certificate-authority';
@@ -66,6 +67,9 @@ type IReturnData<O extends Options = {}> = (IDomainData) & (IReturnCa<O>) & (IRe
  * as { caPath: string }
  */
 export async function certificateFor<O extends Options>(domain: string, options: O = {} as O): Promise<IReturnData<O>> {
+  if (VALID_IP.test(domain)) {
+    throw new Error('IP addresses are not supported currently');
+  }
   if (!VALID_DOMAIN.test(domain)) {
     throw new Error(`"${domain}" is not a valid domain name.`);
   }