* Added support for gopher URLs.
* Add setting and make this user settable instead
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
;;
;; Minimum amount of time a user must exist before comments are kept when the user is deleted.
;USER_DELETE_WITH_COMMENTS_MAX_TIME = 0
+;; Valid site url schemes for user profiles
+;VALID_SITE_URL_SCHEMES=http,https
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
- `NO_REPLY_ADDRESS`: **noreply.DOMAIN** Value for the domain part of the user's email address in the git log if user has set KeepEmailPrivate to true. DOMAIN resolves to the value in server.DOMAIN.
The user's email will be replaced with a concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
- `USER_DELETE_WITH_COMMENTS_MAX_TIME`: **0** Minimum amount of time a user must exist before comments are kept when the user is deleted.
+- `VALID_SITE_URL_SCHEMES`: **http, https**: Valid site url schemes for user profiles
### Service - Expore (`service.explore`)
import (
"regexp"
+ "strings"
"time"
"code.gitea.io/gitea/modules/log"
AutoWatchOnChanges bool
DefaultOrgMemberVisible bool
UserDeleteWithCommentsMaxTime time.Duration
+ ValidSiteURLSchemes []string
// OpenID settings
EnableOpenIDSignIn bool
Service.DefaultOrgVisibilityMode = structs.VisibilityModes[Service.DefaultOrgVisibility]
Service.DefaultOrgMemberVisible = sec.Key("DEFAULT_ORG_MEMBER_VISIBLE").MustBool()
Service.UserDeleteWithCommentsMaxTime = sec.Key("USER_DELETE_WITH_COMMENTS_MAX_TIME").MustDuration(0)
+ sec.Key("VALID_SITE_URL_SCHEMES").MustString("http,https")
+ Service.ValidSiteURLSchemes = sec.Key("VALID_SITE_URL_SCHEMES").Strings(",")
+ schemes := make([]string, len(Service.ValidSiteURLSchemes))
+ for _, scheme := range Service.ValidSiteURLSchemes {
+ scheme = strings.ToLower(strings.TrimSpace(scheme))
+ if scheme != "" {
+ schemes = append(schemes, scheme)
+ }
+ }
+ Service.ValidSiteURLSchemes = schemes
if err := Cfg.Section("service.explore").MapTo(&Service.Explore); err != nil {
log.Fatal("Failed to map service.explore settings: %v", err)
func AddBindingRules() {
addGitRefNameBindingRule()
addValidURLBindingRule()
+ addValidSiteURLBindingRule()
addGlobPatternRule()
addRegexPatternRule()
addGlobOrRegexPatternRule()
})
}
+func addValidSiteURLBindingRule() {
+ // URL validation rule
+ binding.AddRule(&binding.Rule{
+ IsMatch: func(rule string) bool {
+ return strings.HasPrefix(rule, "ValidSiteUrl")
+ },
+ IsValid: func(errs binding.Errors, name string, val interface{}) (bool, binding.Errors) {
+ str := fmt.Sprintf("%v", val)
+ if len(str) != 0 && !IsValidSiteURL(str) {
+ errs.Add([]string{name}, binding.ERR_URL, "Url")
+ return false, errs
+ }
+
+ return true, errs
+ },
+ })
+}
+
func addGlobPatternRule() {
binding.AddRule(&binding.Rule{
IsMatch: func(rule string) bool {
return true
}
+// IsValidSiteURL checks if URL is valid
+func IsValidSiteURL(uri string) bool {
+ u, err := url.ParseRequestURI(uri)
+ if err != nil {
+ return false
+ }
+
+ if !validPort(portOnly(u.Host)) {
+ return false
+ }
+
+ for _, scheme := range setting.Service.ValidSiteURLSchemes {
+ if scheme == u.Scheme {
+ return true
+ }
+ }
+ return false
+}
+
// IsAPIURL checks if URL is current Gitea instance API URL
func IsAPIURL(uri string) bool {
return strings.HasPrefix(strings.ToLower(uri), strings.ToLower(setting.AppURL+"api"))
Name string `binding:"AlphaDashDot;MaxSize(40)"`
FullName string `binding:"MaxSize(100)"`
KeepEmailPrivate bool
- Website string `binding:"ValidUrl;MaxSize(255)"`
+ Website string `binding:"ValidSiteUrl;MaxSize(255)"`
Location string `binding:"MaxSize(50)"`
Language string
Description string `binding:"MaxSize(255)"`