diff options
| author | mrsdizzie <info@mrsdizzie.com> | 2019-05-31 05:21:15 -0400 |
|---|---|---|
| committer | zeripath <art27@cantab.net> | 2019-05-31 10:21:15 +0100 |
| commit | de6ef14d04c36272143ad822bf5903f84c7f238b (patch) | |
| tree | b22bbf05e883fc935e7c265a827edd591dabcbdd /modules/validation/helpers.go | |
| parent | 592924a34b8e671c93416c01a468b9aab0ab39aa (diff) | |
| download | gitea-de6ef14d04c36272143ad822bf5903f84c7f238b.tar.gz gitea-de6ef14d04c36272143ad822bf5903f84c7f238b.zip | |
Validate External Tracker URL Format (#7089)
* Validate External Tracker URL Format
Add some validation checks for external tracker URL format.
Fixes #7068
* Don't make {index} a hard requirement
* Fix Description
* make fmt
* move regex to package level
* fix copyright date
Diffstat (limited to 'modules/validation/helpers.go')
| -rw-r--r-- | modules/validation/helpers.go | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go index 9a4dfab7a4..c22e667a2e 100644 --- a/modules/validation/helpers.go +++ b/modules/validation/helpers.go @@ -7,6 +7,7 @@ package validation import ( "net" "net/url" + "regexp" "strings" "code.gitea.io/gitea/modules/setting" @@ -14,6 +15,8 @@ import ( var loopbackIPBlocks []*net.IPNet +var externalTrackerRegex = regexp.MustCompile(`({?)(?:user|repo|index)+?(}?)`) + func init() { for _, cidr := range []string{ "127.0.0.0/8", // IPv4 loopback @@ -75,3 +78,19 @@ func IsValidExternalURL(uri string) bool { return true } + +// IsValidExternalTrackerURLFormat checks if URL matches required syntax for external trackers +func IsValidExternalTrackerURLFormat(uri string) bool { + if !IsValidExternalURL(uri) { + return false + } + + // check for typoed variables like /{index/ or /[repo} + for _, match := range externalTrackerRegex.FindAllStringSubmatch(uri, -1) { + if (match[1] == "{" || match[2] == "}") && (match[1] != "{" || match[2] != "}") { + return false + } + } + + return true +} |