New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate and sanitize domain names upon initialization #10

Open
kellysutton opened this Issue Jun 23, 2015 · 4 comments

Comments

Projects
None yet
2 participants
@kellysutton
Contributor

kellysutton commented Jun 23, 2015

One of our customers ran into an issue where they accidentally provided a path component to a domain name when initializing an Imgix\UrlBuilder.

We should validate and sanitize these, failing as early as possible if necessary.

@kellysutton kellysutton self-assigned this Jun 23, 2015

@shakaran

This comment has been minimized.

Show comment
Hide comment
@shakaran

shakaran Sep 5, 2017

@kellysutton any progress with this?

A suggestion to validate domains could be use the dns A record to validate if exists:

if(!checkdnsrr($exampleDomain, 'A'))
{
    throw new Exception('Not valid domain');
}

shakaran commented Sep 5, 2017

@kellysutton any progress with this?

A suggestion to validate domains could be use the dns A record to validate if exists:

if(!checkdnsrr($exampleDomain, 'A'))
{
    throw new Exception('Not valid domain');
}
@kellysutton

This comment has been minimized.

Show comment
Hide comment
@kellysutton

kellysutton Sep 5, 2017

Contributor

Hi @shakaran,

Unfortunately, I no longer work at imgix. You'll need to coordinate with someone there to get this fixed and landed. Best of luck!

Contributor

kellysutton commented Sep 5, 2017

Hi @shakaran,

Unfortunately, I no longer work at imgix. You'll need to coordinate with someone there to get this fixed and landed. Best of luck!

@shakaran

This comment has been minimized.

Show comment
Hide comment
@shakaran

shakaran Sep 5, 2017

Oh sorry @kellysutton for disturb ;) Do you know some useful email or ex-fellow email to contact directly? Thanks.

I will try ping to the contributors, maybe it is some of them
@paulstraw @jacktasia @bjora857 @seanislegend @snowtigersoft @BenMorel

shakaran commented Sep 5, 2017

Oh sorry @kellysutton for disturb ;) Do you know some useful email or ex-fellow email to contact directly? Thanks.

I will try ping to the contributors, maybe it is some of them
@paulstraw @jacktasia @bjora857 @seanislegend @snowtigersoft @BenMorel

@kellysutton

This comment has been minimized.

Show comment
Hide comment
@kellysutton

kellysutton Sep 5, 2017

Contributor

Try dropping an email to their support address: support@imgix.com

Contributor

kellysutton commented Sep 5, 2017

Try dropping an email to their support address: support@imgix.com

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment