Mercurial > hg > egg-tcls
changeset 464:506977ea9d0c
urllog: Improve URL validation.
| author | Matti Hamalainen <ccr@tnsp.org> |
|---|---|
| date | Wed, 07 Feb 2018 19:01:36 +0200 |
| parents | fe478b7bd80e |
| children | ba7ed8f6d2ab |
| files | urllog.tcl |
| diffstat | 1 files changed, 12 insertions(+), 3 deletions(-) [+] |
line wrap: on
line diff
--- a/urllog.tcl Mon Dec 18 14:54:18 2017 +0200 +++ b/urllog.tcl Wed Feb 07 19:01:36 2018 +0200 @@ -290,7 +290,7 @@ ### Try to guess the URL protocol component (if it is missing) set u_checktld 1 - if {![string match "http://*" $urlStr] && ![string match "https://*" $urlStr] && ![string match "ftp://*" $urlStr]} { + if {![string match "http://*" $urlStr] && ![string match "https://*" $urlStr] && ![string match "ftp://*" $urlStr] && ![string match "*://*" $urlStr]} { if {[string match "*www.*" $urlStr]} { set urlStr "http://$urlStr" } elseif {[string match "*ftp.*" $urlStr]} { @@ -323,7 +323,16 @@ ### Get URL protocol component set urlProto "" - regexp "(\[a-z\]+)://" $urlStr urlMatch urlProto + if {[regexp "(\[a-z\]+)://" $urlStr urlMatch urlProto]} { + ### Is it a http or ftp url? + if {$urlProto != "http" && $urlProto != "https" && $urlProto != "ftp"} { + urllog_log "Broken URL from $urlNick: ($urlStr) UNSUPPORTED protocol class ($urlProto)." + return 0 + } + } else { + urllog_log "Broken URL from $urlNick: ($urlStr), no protocol specifier." + return 0 + } ### Check the PORT (if the ":" is there) set urlRecord [split $urlStr "/"] @@ -555,7 +564,7 @@ if {[utl_match_delim_list $urllog_log_channels $uchan]} { ### Do the URL checking foreach str [split $utext " "] { - if {[regexp "((ftp|http|https)://\[^\[:space:\]\]+|^(www|ftp)\.\[^\[:space:\]\]+)" $str ulink]} { + if {[regexp "(\[a-z]+://\[^\[:space:\]\]+|^(www|ftp)\.\[^\[:space:\]\]+)" $str ulink]} { urllog_check_url $str $unick $uhost $uchan } }