GH-1477 Wildcard/Regex Whitelisting #497
Conversation
|
@benstrumeyer I'm also wondering if we need to add that new dependency since it's such a little amount of code. Do you want to just pull the code you're using out of it and add that code directly into the function where you used the module? Since we're validating that the pattern will be a string in the component, as it's coming in from a text input, I think all this node module is doing for you is essentially:
|
|
Looks good to me now, but requesting a review from @christophertino as I haven't touched this code much. |
|
We need to update the UI to let users know that wildcards/regex are supported. Let's update the |
| */ | ||
| addSite() { | ||
| // from node-validator | ||
| const isValidUrlRegex = /^(?!mailto:)(?:(?:https?|ftp):\/\/)?(?:\S+(?::\S*)?@)?(?:(?:(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\u00a1-\uffff0-9]+-?)*[a-z\u00a1-\uffff0-9]+)(?:\.(?:[a-z\u00a1-\uffff0-9]+-?)*[a-z\u00a1-\uffff0-9]+)*(?:\.(?:[a-z\u00a1-\uffff]{2,})))|localhost)(?::\d{2,5})?(?:\/[^\s]*)?$/i; |
christophertino
Feb 14, 2020
Member
We still need front-end validation here so that we can prevent users from adding urls in unsupported formats. You should check that the url entered is either a valid url or a valid regex, and show an error if not.
We still need front-end validation here so that we can prevent users from adding urls in unsupported formats. You should check that the url entered is either a valid url or a valid regex, and show an error if not.
benstrumeyer
Feb 18, 2020
Author
Contributor
I checked if it's a valid URL, wildcard, or regex and updated the error messages. Let me know if you'd like to change anything else
I checked if it's a valid URL, wildcard, or regex and updated the error messages. Let me know if you'd like to change anything else
* Add UTM params to Plus checkout from all locations * Update tests * Remove / from links with utm params * Refactor messaging passing
Ticket: https://cliqztix.atlassian.net/browse/GH-1477