properly handle ipv6 hosts #714
Assignees
Labels
priority: p2
Moderately-important priority. Fix may not be included in next release.
type: bug
Error or flaw in code with unintended results or allowing sub-optimal usage patterns.
Comments
vchudnov-g
added
type: bug
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We need to ensure our code works with IPv6. One aspect I noticed is the following:
We have core that defaults the host to use HTTPS. It looks like this:
However, IPv6 addresses are allowed in URLs, enclosed in brackets (ref), and IPv6 addresses use colons as separators. The code as written would never default to HTTPS for IPv6. So we should have more robust logic to allow for that.
Separately, the code above is preceded by a regex to look for the URL schema, but it only recognizes HTTP and HTTPS. I suggest we be more general and look for arbitrary schema by examining the host name until the leading colon. This is probably a pedantic point, but there are unregistered schemes being used, and more schemes could conceivably be registered. On principle, we shouldn't be more restrictive than we need to be.
The text was updated successfully, but these errors were encountered: