From 66a134e69e45cfe507c19983760035a3beb48f8a Mon Sep 17 00:00:00 2001
From: Johannes Ernst <jernst@indiecomputing.com>
Date: Wed, 6 Jul 2016 23:51:04 +0000
Subject: Disallow certain malformed domain names even if they match the
 trusted domain expression Stricter checking for valid domain names

---
 tests/lib/Security/TrustedDomainHelperTest.php | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'tests')

diff --git a/tests/lib/Security/TrustedDomainHelperTest.php b/tests/lib/Security/TrustedDomainHelperTest.php
index 6c254dcaa79..1beb7a66717 100644
--- a/tests/lib/Security/TrustedDomainHelperTest.php
+++ b/tests/lib/Security/TrustedDomainHelperTest.php
@@ -102,6 +102,10 @@ class TrustedDomainHelperTest extends \Test\TestCase {
 			[$trustedHostTestList, 'abc.leadingwith.port:1234', false],
 			[$trustedHostTestList, 'trailingwith.port.abc:456', true],
 			[$trustedHostTestList, 'trailingwith.port.abc:123', false],
+			// bad hostname
+			[$trustedHostTestList, '-bad', false],
+			[$trustedHostTestList, '-bad.leading.host', false],
+			[$trustedHostTestList, 'bad..der.leading.host', false],
 		];
 	}
 }
-- 
cgit v1.2.3