-
-
Notifications
You must be signed in to change notification settings - Fork 360
Validate URL Fields like events.event_url and events.video_url #430
Comments
What are the requirements? What kind of input do we want to accept and which should be rejected? To me, |
If the language or framework doesn't already have something built-in for our use case, then I believe any code that aims to match RFC 2396 would get us close. In PHP this involves a core method |
@Ryuno-Ki does the framework escapes the user input? If yes then simply using Else we need to think more. |
@vkWeb I assume that's using HTML 5 validation on the front-end and we'd just not worry about older browsers. I could get behind that too idea. I can't imagine the output won't be sanitized by the framework, but that's certainly something we'll want for any user provided content that's printed back to the browser. |
And/or, I'm not sure if this is active, but a package like https://www.npmjs.com/package/valid-url would seem to do the job of validating the form input. |
@allella Looks like valid-url is not active anymore. Can we implement something like this? https://github.com/adrienv1520/node-uri#checkuriuri or Is it enough if we just parse the URI and then check if the some parts of the URI are not empty? Can we parse it as shown in the gist? |
@Zeko369 do you have a suggestion on using a node package vs a regex snippet? |
Even though the For the MVP we just need to be able to show a small red error that there is something wrong, nothing special. @Ravichandra-C if you think it would be easier with the Regex you linked you can use that. |
@allella @Zeko369 @ojeytonwilliams, Can I use class-validator module decorators for fields to add the @isurl Restriction in the Mutation instead of writing a custom validator? I also saw that type graphql validations are disabled in server/src/app.ts. Could you please let me know if there any reason for that? and Can I enable them? |
YES, enable them in I'd just do |
Per #423 and #424, we agreed to add validation to check the user provided input is a valid URL.
It was suggested by @timmyichen
new URL()
wasn't the best solution and we agreed to merge in the database fields, but create a new issue.These examples of url fields are described in #378 and were added via issues #380 and #381
The text was updated successfully, but these errors were encountered: