From 1c0567712efb44951beefffda25c3009e0a5a313 Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Tue, 18 Apr 2023 13:11:32 +0500 Subject: [PATCH 1/6] fix: added protocols to the url along with correct port range --- lib/Url.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/Url.js b/lib/Url.js index 144c5117..c069b680 100644 --- a/lib/Url.js +++ b/lib/Url.js @@ -1,6 +1,7 @@ import TLD_REGEX from './tlds'; -const URL_WEBSITE_REGEX = `(https?:\\/\\/)?((?:www\\.)?[-a-z0-9]+?\\.)+(?:${TLD_REGEX})(?:\\:\\d{2,4}|\\b|(?=_))`; +const ALLOWED_PORTS = `([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])`; +const URL_WEBSITE_REGEX = `((ht|f|sm)tps?:\\/\\/)?((?:www\\.)?[-a-z0-9]+?\\.)+(?:${TLD_REGEX})(?:\\:${ALLOWED_PORTS}|\\b|(?=_))`; const addEscapedChar = reg => `(?:${reg}|&(?:amp|quot|#x27);)`; const URL_PATH_REGEX = `(?:${addEscapedChar('[.,=(+$!*]')}?\\/${addEscapedChar('[-\\w$@.+!*:(),=%~]')}*${addEscapedChar('[-\\w~@:%)]')}|\\/)*`; const URL_PARAM_REGEX = `(?:\\?${addEscapedChar('[-\\w$@.+!*()\\/,=%{}:;\\[\\]\\|_]')}*)?`; From 464b988eb5c89ec0818e0f7aba355320eed88a9b Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Wed, 19 Apr 2023 00:36:45 +0500 Subject: [PATCH 2/6] feat: add tests for url validation --- __tests__/URL-test.js | 50 +++++++++++++++++++++++++++++++++++++++++++ lib/Url.js | 11 +++++++--- 2 files changed, 58 insertions(+), 3 deletions(-) create mode 100644 __tests__/URL-test.js diff --git a/__tests__/URL-test.js b/__tests__/URL-test.js new file mode 100644 index 00000000..3554d552 --- /dev/null +++ b/__tests__/URL-test.js @@ -0,0 +1,50 @@ +import {URL_REGEX_WITH_REQUIRED_PROTOCOL, URL_REGEX} from '../lib/Url'; + + +describe('Mandatory protocol for URL', () => { + it('correctly tests valid urls', () => { + const regexToTest = new RegExp(`^${URL_REGEX_WITH_REQUIRED_PROTOCOL}$`, 'i'); + expect(regexToTest.test('https://google.com/')).toBeTruthy(); + expect(regexToTest.test('http://google.com/')).toBeTruthy(); + expect(regexToTest.test('ftp://google.com/')).toBeTruthy(); + + expect(regexToTest.test('https://we.are.expensify.com/how-we-got-here')).toBeTruthy(); + + expect(regexToTest.test('https://google.com:12')).toBeTruthy(); + expect(regexToTest.test('https://google.com:65535')).toBeTruthy(); + + expect(regexToTest.test('https://google.com:65535/path/my')).toBeTruthy(); + }); + + it('correctly tests invalid urls', () => { + const regexToTest = new RegExp(`^${URL_REGEX_WITH_REQUIRED_PROTOCOL}$`, 'i'); + expect(regexToTest.test('google.com')).toBeFalsy(); + + expect(regexToTest.test('https://google.com:02')).toBeFalsy(); + expect(regexToTest.test('https://google.com:65536')).toBeFalsy(); + }); +}); + + +describe('Optional protocol for URL', () => { + it('correctly tests valid urls', () => { + const regexToTest = new RegExp(`^${URL_REGEX}$`, 'i'); + expect(regexToTest.test('google.com/')).toBeTruthy(); + expect(regexToTest.test('https://google.com/')).toBeTruthy(); + expect(regexToTest.test('ftp://google.com/')).toBeTruthy(); + + expect(regexToTest.test('we.are.expensify.com/how-we-got-here')).toBeTruthy(); + + expect(regexToTest.test('google.com:12')).toBeTruthy(); + expect(regexToTest.test('google.com:65535')).toBeTruthy(); + + expect(regexToTest.test('google.com:65535/path/my')).toBeTruthy(); + }); + + it('correctly tests invalid urls', () => { + const regexToTest = new RegExp(`^${URL_REGEX}$`, 'i'); + + expect(regexToTest.test('google.com:02')).toBeFalsy(); + expect(regexToTest.test('google.com:65536')).toBeFalsy(); + }); +}); diff --git a/lib/Url.js b/lib/Url.js index c069b680..b526a7c7 100644 --- a/lib/Url.js +++ b/lib/Url.js @@ -1,17 +1,22 @@ import TLD_REGEX from './tlds'; -const ALLOWED_PORTS = `([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])`; -const URL_WEBSITE_REGEX = `((ht|f|sm)tps?:\\/\\/)?((?:www\\.)?[-a-z0-9]+?\\.)+(?:${TLD_REGEX})(?:\\:${ALLOWED_PORTS}|\\b|(?=_))`; +const ALLOWED_PORTS = '([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])'; +const URL_PROTOCOL_REGEX = '((ht|f|sm)tps?:\\/\\/)'; +const URL_WEBSITE_REGEX = `${URL_PROTOCOL_REGEX}?((?:www\\.)?[-a-z0-9]+?\\.)+(?:${TLD_REGEX})(?:\\:${ALLOWED_PORTS}|\\b|(?=_))`; const addEscapedChar = reg => `(?:${reg}|&(?:amp|quot|#x27);)`; const URL_PATH_REGEX = `(?:${addEscapedChar('[.,=(+$!*]')}?\\/${addEscapedChar('[-\\w$@.+!*:(),=%~]')}*${addEscapedChar('[-\\w~@:%)]')}|\\/)*`; const URL_PARAM_REGEX = `(?:\\?${addEscapedChar('[-\\w$@.+!*()\\/,=%{}:;\\[\\]\\|_]')}*)?`; const URL_FRAGMENT_REGEX = `(?:#${addEscapedChar('[-\\w$@.+!*()[\\],=%;\\/:~]')}*)?`; const URL_REGEX = `(${URL_WEBSITE_REGEX}${URL_PATH_REGEX}(?:${URL_PARAM_REGEX}|${URL_FRAGMENT_REGEX})*)`; +const URL_REGEX_WITH_REQUIRED_PROTOCOL = URL_REGEX.replace(`${URL_PROTOCOL_REGEX}?`, URL_PROTOCOL_REGEX); + export { URL_WEBSITE_REGEX, URL_PATH_REGEX, URL_PARAM_REGEX, URL_FRAGMENT_REGEX, - URL_REGEX + URL_REGEX, + URL_REGEX_WITH_REQUIRED_PROTOCOL, + URL_PROTOCOL_REGEX, }; From 83d301faf94d81f5b81f9f67e7cc717a037a19cf Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Wed, 19 Apr 2023 15:22:22 +0500 Subject: [PATCH 3/6] feat: remove SMTP from the allowed protocols --- lib/Url.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/Url.js b/lib/Url.js index b526a7c7..bda80db7 100644 --- a/lib/Url.js +++ b/lib/Url.js @@ -1,7 +1,7 @@ import TLD_REGEX from './tlds'; const ALLOWED_PORTS = '([1-9][0-9]{0,3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])'; -const URL_PROTOCOL_REGEX = '((ht|f|sm)tps?:\\/\\/)'; +const URL_PROTOCOL_REGEX = '((ht|f)tps?:\\/\\/)'; const URL_WEBSITE_REGEX = `${URL_PROTOCOL_REGEX}?((?:www\\.)?[-a-z0-9]+?\\.)+(?:${TLD_REGEX})(?:\\:${ALLOWED_PORTS}|\\b|(?=_))`; const addEscapedChar = reg => `(?:${reg}|&(?:amp|quot|#x27);)`; const URL_PATH_REGEX = `(?:${addEscapedChar('[.,=(+$!*]')}?\\/${addEscapedChar('[-\\w$@.+!*:(),=%~]')}*${addEscapedChar('[-\\w~@:%)]')}|\\/)*`; From 61f6c7fa46cfc2015d0c8d54c11fe727dbf85f06 Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Fri, 21 Apr 2023 14:47:10 +0500 Subject: [PATCH 4/6] Update URL-test.js Updated spaces --- __tests__/URL-test.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/__tests__/URL-test.js b/__tests__/URL-test.js index 3554d552..d08c2a7b 100644 --- a/__tests__/URL-test.js +++ b/__tests__/URL-test.js @@ -1,6 +1,5 @@ import {URL_REGEX_WITH_REQUIRED_PROTOCOL, URL_REGEX} from '../lib/Url'; - describe('Mandatory protocol for URL', () => { it('correctly tests valid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX_WITH_REQUIRED_PROTOCOL}$`, 'i'); @@ -15,7 +14,6 @@ describe('Mandatory protocol for URL', () => { expect(regexToTest.test('https://google.com:65535/path/my')).toBeTruthy(); }); - it('correctly tests invalid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX_WITH_REQUIRED_PROTOCOL}$`, 'i'); expect(regexToTest.test('google.com')).toBeFalsy(); @@ -25,7 +23,6 @@ describe('Mandatory protocol for URL', () => { }); }); - describe('Optional protocol for URL', () => { it('correctly tests valid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX}$`, 'i'); @@ -40,7 +37,6 @@ describe('Optional protocol for URL', () => { expect(regexToTest.test('google.com:65535/path/my')).toBeTruthy(); }); - it('correctly tests invalid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX}$`, 'i'); From ed7cfd39e13c522ee3d9603545ce8bb439ad99f6 Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Fri, 21 Apr 2023 15:02:55 +0500 Subject: [PATCH 5/6] Update URL-test.js Removed more spaces --- __tests__/URL-test.js | 8 -------- 1 file changed, 8 deletions(-) diff --git a/__tests__/URL-test.js b/__tests__/URL-test.js index d08c2a7b..dd41ef5e 100644 --- a/__tests__/URL-test.js +++ b/__tests__/URL-test.js @@ -6,18 +6,14 @@ describe('Mandatory protocol for URL', () => { expect(regexToTest.test('https://google.com/')).toBeTruthy(); expect(regexToTest.test('http://google.com/')).toBeTruthy(); expect(regexToTest.test('ftp://google.com/')).toBeTruthy(); - expect(regexToTest.test('https://we.are.expensify.com/how-we-got-here')).toBeTruthy(); - expect(regexToTest.test('https://google.com:12')).toBeTruthy(); expect(regexToTest.test('https://google.com:65535')).toBeTruthy(); - expect(regexToTest.test('https://google.com:65535/path/my')).toBeTruthy(); }); it('correctly tests invalid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX_WITH_REQUIRED_PROTOCOL}$`, 'i'); expect(regexToTest.test('google.com')).toBeFalsy(); - expect(regexToTest.test('https://google.com:02')).toBeFalsy(); expect(regexToTest.test('https://google.com:65536')).toBeFalsy(); }); @@ -29,17 +25,13 @@ describe('Optional protocol for URL', () => { expect(regexToTest.test('google.com/')).toBeTruthy(); expect(regexToTest.test('https://google.com/')).toBeTruthy(); expect(regexToTest.test('ftp://google.com/')).toBeTruthy(); - expect(regexToTest.test('we.are.expensify.com/how-we-got-here')).toBeTruthy(); - expect(regexToTest.test('google.com:12')).toBeTruthy(); expect(regexToTest.test('google.com:65535')).toBeTruthy(); - expect(regexToTest.test('google.com:65535/path/my')).toBeTruthy(); }); it('correctly tests invalid urls', () => { const regexToTest = new RegExp(`^${URL_REGEX}$`, 'i'); - expect(regexToTest.test('google.com:02')).toBeFalsy(); expect(regexToTest.test('google.com:65536')).toBeFalsy(); }); From 498cd218600099fedb7083a8f76eb46f47c15d7b Mon Sep 17 00:00:00 2001 From: Sibtain Ali Date: Fri, 21 Apr 2023 17:52:03 +0500 Subject: [PATCH 6/6] fix: update unit test to include smtp failure --- __tests__/URL-test.js | 1 + 1 file changed, 1 insertion(+) diff --git a/__tests__/URL-test.js b/__tests__/URL-test.js index dd41ef5e..820f91f5 100644 --- a/__tests__/URL-test.js +++ b/__tests__/URL-test.js @@ -16,6 +16,7 @@ describe('Mandatory protocol for URL', () => { expect(regexToTest.test('google.com')).toBeFalsy(); expect(regexToTest.test('https://google.com:02')).toBeFalsy(); expect(regexToTest.test('https://google.com:65536')).toBeFalsy(); + expect(regexToTest.test('smtp://google.com')).toBeFalsy(); }); });