Added support for gopher URLs. (#14749)

author ayb <ayb@3hg.fr>

Fri, 25 Jun 2021 22:38:27 +0000 (00:38 +0200)

committer GitHub <noreply@github.com>

Fri, 25 Jun 2021 22:38:27 +0000 (18:38 -0400)
author ayb <ayb@3hg.fr>
Fri, 25 Jun 2021 22:38:27 +0000 (00:38 +0200)
committer GitHub <noreply@github.com>
Fri, 25 Jun 2021 22:38:27 +0000 (18:38 -0400)
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini

index 5adfb0546f0bf8f2044d7502aaded977468480f3..fa6a9e3fac0bce8208b7dab6f1487e9138d2ba43 100644 (file)
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -705,6 +705,8 @@ PATH =
  ;;
  ;; Minimum amount of time a user must exist before comments are kept when the user is deleted.
  ;USER_DELETE_WITH_COMMENTS_MAX_TIME = 0
+;; Valid site url schemes for user profiles
+;VALID_SITE_URL_SCHEMES=http,https
  
  
  ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md

index 5e976174fb19bab089a41a3271d036234d26c891..aa9eb7e0caee7639654a16d11b332d54a85ba150 100644 (file)
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -519,6 +519,7 @@ relation to port exhaustion.
  - `NO_REPLY_ADDRESS`: **noreply.DOMAIN** Value for the domain part of the user's email address in the git log if user has set KeepEmailPrivate to true. DOMAIN resolves to the value in server.DOMAIN.
    The user's email will be replaced with a concatenation of the user name in lower case, "@" and NO_REPLY_ADDRESS.
  - `USER_DELETE_WITH_COMMENTS_MAX_TIME`: **0** Minimum amount of time a user must exist before comments are kept when the user is deleted.
+- `VALID_SITE_URL_SCHEMES`: **http, https**: Valid site url schemes for user profiles
  
  ### Service - Expore (`service.explore`)
  
diff --git a/modules/setting/service.go b/modules/setting/service.go

index 41e834e8e61ef0a5c91373228455d2ab5583c4e2..bd70c7e6ebe5b8027122dc8c9fb01cf5f13043dd 100644 (file)
--- a/modules/setting/service.go
+++ b/modules/setting/service.go
@@ -6,6 +6,7 @@ package setting
  
  import (
         "regexp"
+       "strings"
         "time"
  
         "code.gitea.io/gitea/modules/log"
@@ -55,6 +56,7 @@ var Service struct {
         AutoWatchOnChanges                      bool
         DefaultOrgMemberVisible                 bool
         UserDeleteWithCommentsMaxTime           time.Duration
+       ValidSiteURLSchemes                     []string
  
         // OpenID settings
         EnableOpenIDSignIn bool
@@ -120,6 +122,16 @@ func newService() {
         Service.DefaultOrgVisibilityMode = structs.VisibilityModes[Service.DefaultOrgVisibility]
         Service.DefaultOrgMemberVisible = sec.Key("DEFAULT_ORG_MEMBER_VISIBLE").MustBool()
         Service.UserDeleteWithCommentsMaxTime = sec.Key("USER_DELETE_WITH_COMMENTS_MAX_TIME").MustDuration(0)
+       sec.Key("VALID_SITE_URL_SCHEMES").MustString("http,https")
+       Service.ValidSiteURLSchemes = sec.Key("VALID_SITE_URL_SCHEMES").Strings(",")
+       schemes := make([]string, len(Service.ValidSiteURLSchemes))
+       for _, scheme := range Service.ValidSiteURLSchemes {
+               scheme = strings.ToLower(strings.TrimSpace(scheme))
+               if scheme != "" {
+                       schemes = append(schemes, scheme)
+               }
+       }
+       Service.ValidSiteURLSchemes = schemes
  
         if err := Cfg.Section("service.explore").MapTo(&Service.Explore); err != nil {
                 log.Fatal("Failed to map service.explore settings: %v", err)
diff --git a/modules/validation/binding.go b/modules/validation/binding.go

index 4cef48daf32d6793d31714ec8a142a315a82d152..5d5c64611f29a5110f18e4a636ecba7cd6a62cd7 100644 (file)
--- a/modules/validation/binding.go
+++ b/modules/validation/binding.go
@@ -55,6 +55,7 @@ func CheckGitRefAdditionalRulesValid(name string) bool {
  func AddBindingRules() {
         addGitRefNameBindingRule()
         addValidURLBindingRule()
+       addValidSiteURLBindingRule()
         addGlobPatternRule()
         addRegexPatternRule()
         addGlobOrRegexPatternRule()
@@ -102,6 +103,24 @@ func addValidURLBindingRule() {
         })
  }
  
+func addValidSiteURLBindingRule() {
+       // URL validation rule
+       binding.AddRule(&binding.Rule{
+               IsMatch: func(rule string) bool {
+                       return strings.HasPrefix(rule, "ValidSiteUrl")
+               },
+               IsValid: func(errs binding.Errors, name string, val interface{}) (bool, binding.Errors) {
+                       str := fmt.Sprintf("%v", val)
+                       if len(str) != 0 && !IsValidSiteURL(str) {
+                               errs.Add([]string{name}, binding.ERR_URL, "Url")
+                               return false, errs
+                       }
+
+                       return true, errs
+               },
+       })
+}
+
  func addGlobPatternRule() {
         binding.AddRule(&binding.Rule{
                 IsMatch: func(rule string) bool {
diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go

index c22e667a2ebf9ea50b9005f58f78712f77f9565e..343261aac5b599a20a3580f37cdd334dd4ecd4b0 100644 (file)
--- a/modules/validation/helpers.go
+++ b/modules/validation/helpers.go
@@ -52,6 +52,25 @@ func IsValidURL(uri string) bool {
         return true
  }
  
+// IsValidSiteURL checks if URL is valid
+func IsValidSiteURL(uri string) bool {
+       u, err := url.ParseRequestURI(uri)
+       if err != nil {
+               return false
+       }
+
+       if !validPort(portOnly(u.Host)) {
+               return false
+       }
+
+       for _, scheme := range setting.Service.ValidSiteURLSchemes {
+               if scheme == u.Scheme {
+                       return true
+               }
+       }
+       return false
+}
+
  // IsAPIURL checks if URL is current Gitea instance API URL
  func IsAPIURL(uri string) bool {
         return strings.HasPrefix(strings.ToLower(uri), strings.ToLower(setting.AppURL+"api"))
diff --git a/services/forms/user_form.go b/services/forms/user_form.go

index 2c065dc5116a8ebd8a3975a6f2309dfe290216c7..903a625da01e896e4f6b58a336ccb142efcb43d9 100644 (file)
--- a/services/forms/user_form.go
+++ b/services/forms/user_form.go
@@ -226,7 +226,7 @@ type UpdateProfileForm struct {
         Name                string `binding:"AlphaDashDot;MaxSize(40)"`
         FullName            string `binding:"MaxSize(100)"`
         KeepEmailPrivate    bool
-       Website             string `binding:"ValidUrl;MaxSize(255)"`
+       Website             string `binding:"ValidSiteUrl;MaxSize(255)"`
         Location            string `binding:"MaxSize(50)"`
         Language            string
         Description         string `binding:"MaxSize(255)"`
author	ayb <ayb@3hg.fr>
	Fri, 25 Jun 2021 22:38:27 +0000 (00:38 +0200)
committer	GitHub <noreply@github.com>
	Fri, 25 Jun 2021 22:38:27 +0000 (18:38 -0400)
custom/conf/app.example.ini		patch \| blob \| history
docs/content/doc/advanced/config-cheat-sheet.en-us.md		patch \| blob \| history
modules/setting/service.go		patch \| blob \| history
modules/validation/binding.go		patch \| blob \| history
modules/validation/helpers.go		patch \| blob \| history
services/forms/user_form.go		patch \| blob \| history