Skip to content

Commit f6437b0

Browse files
committed
Return an error when a wildcard record is suspected
1 parent b006acb commit f6437b0

File tree

2 files changed

+39
-11
lines changed

2 files changed

+39
-11
lines changed

lib/github-pages-health-check/domain.rb

Lines changed: 13 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -126,6 +126,7 @@ def check!
126126
raise Errors::InvalidCNAMEError.new :domain => self if invalid_cname?
127127
raise Errors::InvalidAAAARecordError.new :domain => self if invalid_aaaa_record?
128128
raise Errors::NotServedByPagesError.new :domain => self unless served_by_pages?
129+
raise Errors::WildcardRecordError.new(domain: self, parent_domain: parent_domain) if maybe_wildcard?
129130

130131
true
131132
end
@@ -444,20 +445,21 @@ def served_by_pages?
444445
end
445446
end
446447

448+
def parent_domain
449+
parsed = PublicSuffix.parse(host)
450+
parent = host.split(".", 2).last
451+
if parent == parsed.tld
452+
return nil
453+
end
454+
parent
455+
rescue PublicSuffix::DomainNotAllowed
456+
nil
457+
end
458+
447459
def maybe_wildcard?
448460
return @maybe_wildcard if defined? @maybe_wildcard
449461
return false unless dns_resolves?
450-
451-
parent_domain = begin
452-
parsed = PublicSuffix.parse(host)
453-
parent = host.split(".", 2).last
454-
if parent == parsed.tld
455-
return false
456-
end
457-
parent
458-
rescue PublicSuffix::DomainNotAllowed
459-
return false
460-
end
462+
return false unless parent_domain
461463

462464
sibling_domain = SecureRandom.alphanumeric(20) + "." + parent_domain
463465

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,26 @@
1+
# frozen_string_literal: true
2+
3+
module GitHubPages
4+
module HealthCheck
5+
module Errors
6+
class WildcardRecordError < GitHubPages::HealthCheck::Error
7+
DOCUMENTATION_PATH = "/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages"
8+
9+
attr_reader :parent_domain
10+
11+
def initialize(repository: nil, domain: nil, parent_domain:)
12+
super(repository: repository, domain: domain)
13+
@parent_domain = parent_domain
14+
end
15+
16+
def message
17+
<<-MSG
18+
The DNS record for your domain appears to be *.#{parent_domain}, a wildcard record.
19+
Your GitHub Pages site will still work, but unless you verify ownership of #{parent_domain},
20+
any GitHub Pages user can serve their content from an arbitrary subdomain of it.
21+
MSG
22+
end
23+
end
24+
end
25+
end
26+
end

0 commit comments

Comments
 (0)