-
Notifications
You must be signed in to change notification settings - Fork 368
Commit
Closes #750
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -141,11 +141,14 @@ func isMatchingAsLoopback(requested *url.URL, registeredURI string) bool { | |
return false | ||
} | ||
|
||
var ( | ||
regexLoopbackAddress = regexp.MustCompile(`^(127\.0\.0\.1|\[::1])(:\d+)?$`) | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
james-d-elliott
Author
Contributor
|
||
) | ||
|
||
// Check if address is either an IPv4 loopback or an IPv6 loopback- | ||
// An optional port is ignored | ||
func isLoopbackAddress(address string) bool { | ||
match, _ := regexp.MatchString("^(127.0.0.1|\\[::1\\])(:?)(\\d*)$", address) | ||
return match | ||
return regexLoopbackAddress.MatchString(address) | ||
} | ||
|
||
// IsValidRedirectURI validates a redirect_uri as specified in: | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
// Copyright © 2023 Ory Corp | ||
// SPDX-License-Identifier: Apache-2.0 | ||
|
||
package fosite | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestIsLookbackAddress(t *testing.T) { | ||
testCases := []struct { | ||
name string | ||
have string | ||
expected bool | ||
}{ | ||
{ | ||
"ShouldReturnTrueIPv4Loopback", | ||
"127.0.0.1", | ||
true, | ||
}, | ||
{ | ||
"ShouldReturnTrueIPv4LoopbackWithPort", | ||
"127.0.0.1:1230", | ||
true, | ||
}, | ||
{ | ||
"ShouldReturnTrueIPv6Loopback", | ||
"[::1]", | ||
true, | ||
}, | ||
{ | ||
"ShouldReturnTrueIPv6LoopbackWithPort", | ||
"[::1]:1230", | ||
true, | ||
}, { | ||
"ShouldReturnFalse12700255", | ||
"127.0.0.255", | ||
false, | ||
}, | ||
{ | ||
"ShouldReturnFalse12700255WithPort", | ||
"127.0.0.255:1230", | ||
false, | ||
}, | ||
{ | ||
"ShouldReturnFalseInvalidFourthOctet", | ||
"127.0.0.11230", | ||
false, | ||
}, | ||
{ | ||
"ShouldReturnFalseInvalidIPv4", | ||
"127x0x0x11230", | ||
false, | ||
}, | ||
{ | ||
"ShouldReturnFalseInvalidIPv6", | ||
"[::1]1230", | ||
false, | ||
}, | ||
} | ||
|
||
for _, tc := range testCases { | ||
t.Run(tc.name, func(t *testing.T) { | ||
assert.Equal(t, tc.expected, isLoopbackAddress(tc.have)) | ||
}) | ||
} | ||
} |
Hm, loopback addresses can be anything under
127.*
?