From cb40cb02b87509bb8359c12627ce95f2affdc630 Mon Sep 17 00:00:00 2001
From: Matt Bernhard <matber@umich.edu>
Date: Fri, 30 Sep 2016 14:22:43 -0400
Subject: [PATCH] Addressed issues #171, #186, fixed #189 I hope

---
 json.go | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/json.go b/json.go
index b85337db0..2434bd9a2 100644
--- a/json.go
+++ b/json.go
@@ -232,13 +232,11 @@ func (c *Certificate) MarshalJSON() ([]byte, error) {
 	name := c.Subject.CommonName
 	isValid := false
 
-	if len(name) > 2 && name[0] == '*' {
+	// Check for wildcards and redacts, ignore malformed urls
+	if len(name) > 2 && name[0] == '*' && name[1] == '.' {
 		isValid = govalidator.IsURL(name[2:])
-	} else if len(name) > 2 && name[0] == '?' {
+	} else if len(name) > 2 && name[0] == '?' && name[1] == '.' {
 		isValid = isValid || govalidator.IsURL(name[2:])
-	} else if !strings.Contains(name, ".") {
-		// If this is just a TLD cert, it's valid
-		isValid = true
 	} else {
 		isValid = govalidator.IsURL(name)
 	}
@@ -252,9 +250,10 @@ func (c *Certificate) MarshalJSON() ([]byte, error) {
 
 		isValid := false
 
-		if len(name) > 2 && name[0] == '*' {
+		// Check wildcards, redacts, malformed, and tlds
+		if len(name) > 2 && name[0] == '*' && name[1] == '.' {
 			isValid = govalidator.IsURL(name[2:])
-		} else if len(name) > 2 && name[0] == '?' {
+		} else if len(name) > 2 && name[0] == '?' && name[1] == '.' {
 			isValid = isValid || govalidator.IsURL(name[2:])
 		} else if !strings.Contains(name, ".") {
 			// If this is just a TLD cert, it's valid