diff --git a/src/Validator/Domain.php b/src/Validator/Domain.php index aea0a21c..db385713 100644 --- a/src/Validator/Domain.php +++ b/src/Validator/Domain.php @@ -45,7 +45,11 @@ public function isValid($value): bool return false; } - if (\filter_var($value, FILTER_VALIDATE_DOMAIN) === false) { + if (\filter_var($value, FILTER_VALIDATE_DOMAIN, FILTER_FLAG_HOSTNAME) === false) { + return false; + } + + if (\str_ends_with($value, '.') || \str_ends_with($value, '-')) { return false; } diff --git a/tests/Validator/DomainTest.php b/tests/Validator/DomainTest.php index 8707bf71..fc8484a1 100644 --- a/tests/Validator/DomainTest.php +++ b/tests/Validator/DomainTest.php @@ -31,14 +31,25 @@ public function testIsValid() $this->assertEquals(true, $this->domain->isValid('example.com')); $this->assertEquals(true, $this->domain->isValid('subdomain.example.com')); $this->assertEquals(true, $this->domain->isValid('subdomain.example-app.com')); - $this->assertEquals(true, $this->domain->isValid('subdomain.example_app.com')); + $this->assertEquals(false, $this->domain->isValid('subdomain.example_app.com')); $this->assertEquals(true, $this->domain->isValid('subdomain-new.example.com')); - $this->assertEquals(true, $this->domain->isValid('subdomain_new.example.com')); + $this->assertEquals(false, $this->domain->isValid('subdomain_new.example.com')); $this->assertEquals(true, $this->domain->isValid('localhost')); $this->assertEquals(true, $this->domain->isValid('example.io')); $this->assertEquals(true, $this->domain->isValid('example.org')); $this->assertEquals(true, $this->domain->isValid('example.org')); $this->assertEquals(false, $this->domain->isValid(false)); + $this->assertEquals(false, $this->domain->isValid('api.appwrite.io.')); + $this->assertEquals(false, $this->domain->isValid('.api.appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('.api.appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('api..appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('api-.appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('api.-appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('app write.io')); + $this->assertEquals(false, $this->domain->isValid(' appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('appwrite.io ')); + $this->assertEquals(false, $this->domain->isValid('-appwrite.io')); + $this->assertEquals(false, $this->domain->isValid('appwrite.io-')); $this->assertEquals(false, $this->domain->isValid('.')); $this->assertEquals(false, $this->domain->isValid('..')); $this->assertEquals(false, $this->domain->isValid('')); diff --git a/tests/e2e/ResponseTest.php b/tests/e2e/ResponseTest.php index 64ebfef4..0a8d70ac 100644 --- a/tests/e2e/ResponseTest.php +++ b/tests/e2e/ResponseTest.php @@ -99,4 +99,27 @@ public function testAliasWithParameter(): void $this->assertEquals(200, $response['headers']['status-code']); $this->assertEquals('db2;col2', $response['body']); } + + public function testDoubleSlash() + { + $response = $this->client->call(Client::METHOD_GET, '//'); + $this->assertEquals(200, $response['headers']['status-code']); + $this->assertEquals('Hello World!', $response['body']); + + $response = $this->client->call(Client::METHOD_GET, '//path-404'); + $this->assertEquals(200, $response['headers']['status-code']); + $this->assertEquals('Hello World!', $response['body']); + + $response = $this->client->call(Client::METHOD_GET, '//value/123'); + $this->assertEquals(200, $response['headers']['status-code']); + $this->assertEmpty($response['body']); + + $response = $this->client->call(Client::METHOD_GET, '/value//123'); + $this->assertEquals(200, $response['headers']['status-code']); + $this->assertEmpty($response['body']); + + $response = $this->client->call(Client::METHOD_GET, '//value//123'); + $this->assertEquals(200, $response['headers']['status-code']); + $this->assertEmpty($response['body']); + } }