From c998c039ec9f40c99e718c84a1466c1f23147b85 Mon Sep 17 00:00:00 2001 From: Ragnar Laud Date: Mon, 4 Sep 2023 12:30:43 +0300 Subject: [PATCH] Fix URL validation on long/internationalized URLs (#1423) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Add URL validation tests Add test for longer TLDs Add test for internationalized TLDs * Fix URL validation with long TLDs * TLD max size match RFC 1034 --------- Co-authored-by: Jérémy M --- front/src/utils/__tests__/is-url.test.ts | 15 +++++++++++++++ front/src/utils/is-url.ts | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) diff --git a/front/src/utils/__tests__/is-url.test.ts b/front/src/utils/__tests__/is-url.test.ts index 69b106f87..a31cf0524 100644 --- a/front/src/utils/__tests__/is-url.test.ts +++ b/front/src/utils/__tests__/is-url.test.ts @@ -44,4 +44,19 @@ describe('isURL', () => { ), ).toBeTruthy(); }); + + it('should return true if the TLD is long', () => { + expect(isURL('https://example.travelinsurance')).toBeTruthy(); + }); + + it('should return true if the TLD is internationalized', () => { + // The longest TLD as of now + // https://stackoverflow.com/questions/9238640/how-long-can-a-tld-possibly-be + // curl -s http://data.iana.org/TLD/tlds-alpha-by-domain.txt \ + // | tail -n+2 \ + // | awk '{ print length, $0 }' \ + // | sort --numeric-sort --reverse \ + // | head -n 5 + expect(isURL('https://example.xn--vermgensberatung-pwb')).toBeTruthy(); + }); }); diff --git a/front/src/utils/is-url.ts b/front/src/utils/is-url.ts index 0b9fe22e9..482c3b30b 100644 --- a/front/src/utils/is-url.ts +++ b/front/src/utils/is-url.ts @@ -4,7 +4,7 @@ export function isURL(url: string | undefined | null) { return ( isDefined(url) && url.match( - /^(https?:\/\/)?(www.)?[-a-zA-Z0-9@:%._+~#=]{1,256}\.[a-z]{2,4}\b([-a-zA-Z0-9@:%_+.~#?&//=]*)/i, + /^(https?:\/\/)?(www.)?[-a-zA-Z0-9@:%._+~#=]{1,256}\.[a-z]{2,63}\b([-a-zA-Z0-9@:%_+.~#?&//=]*)/i, ) ); }