mirror of
https://github.com/discourse/discourse.git
synced 2024-11-30 18:13:58 +08:00
FIX: User website allows new TLDs
This commit is contained in:
parent
1363988cd7
commit
4289dbe3e5
|
@ -1,10 +1,7 @@
|
||||||
class UserProfile < ActiveRecord::Base
|
class UserProfile < ActiveRecord::Base
|
||||||
belongs_to :user, inverse_of: :user_profile
|
belongs_to :user, inverse_of: :user_profile
|
||||||
|
|
||||||
WEBSITE_REGEXP = /(^$)|(^(http|https):\/\/[a-z0-9]+([\-\.]{1}[a-z0-9]+)*\.[a-z]{2,10}(([0-9]{1,5})?\/.*)?$)/ix
|
|
||||||
|
|
||||||
validates :bio_raw, length: { maximum: 3000 }
|
validates :bio_raw, length: { maximum: 3000 }
|
||||||
validates :website, format: { with: WEBSITE_REGEXP }, allow_blank: true, if: Proc.new { |c| c.new_record? || c.website_changed? }
|
|
||||||
validates :user, presence: true
|
validates :user, presence: true
|
||||||
before_save :cook
|
before_save :cook
|
||||||
after_save :trigger_badges
|
after_save :trigger_badges
|
||||||
|
@ -105,11 +102,13 @@ class UserProfile < ActiveRecord::Base
|
||||||
end
|
end
|
||||||
|
|
||||||
def website_domain_validator
|
def website_domain_validator
|
||||||
allowed_domains = SiteSetting.user_website_domains_whitelist
|
return if self.website.blank?
|
||||||
return if (allowed_domains.blank? || self.website.blank?)
|
domain = Addressable::URI.parse(self.website).host
|
||||||
|
self.errors.add :website, :invalid unless PublicSuffix.valid?(domain, default_rule: nil)
|
||||||
|
|
||||||
domain = URI.parse(self.website).host
|
allowed_domains = SiteSetting.user_website_domains_whitelist.split('|')
|
||||||
self.errors.add :base, (I18n.t('user.website.domain_not_allowed', domains: allowed_domains.split('|').join(", "))) unless allowed_domains.split('|').include?(domain)
|
return if allowed_domains.empty?
|
||||||
|
self.errors.add :base, (I18n.t('user.website.domain_not_allowed', domains: allowed_domains.join(", "))) unless allowed_domains.include?(domain)
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -62,6 +62,12 @@ describe UserProfile do
|
||||||
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).to be_valid
|
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).to be_valid
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "recognizes new TLDs" do
|
||||||
|
expect(Fabricate.build(:user_profile, user: user, website: "http://discourse.productions")).to be_valid
|
||||||
|
expect(Fabricate.build(:user_profile, user: user, website: "https://website.vermögensberatung")).to be_valid
|
||||||
|
expect(Fabricate.build(:user_profile, user: user, website: "http://site.notavalidtld")).not_to be_valid
|
||||||
|
end
|
||||||
|
|
||||||
it "validates website domain if user_website_domains_whitelist setting is present" do
|
it "validates website domain if user_website_domains_whitelist setting is present" do
|
||||||
SiteSetting.user_website_domains_whitelist = "discourse.org"
|
SiteSetting.user_website_domains_whitelist = "discourse.org"
|
||||||
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).not_to be_valid
|
expect(Fabricate.build(:user_profile, user: user, website: "https://google.com")).not_to be_valid
|
||||||
|
|
Loading…
Reference in New Issue
Block a user