struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (WW-4834) Improve RegEx used to validate URLs
Date Thu, 03 Aug 2017 15:37:00 GMT

    [ https://issues.apache.org/jira/browse/WW-4834?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16112948#comment-16112948
] 

ASF GitHub Bot commented on WW-4834:
------------------------------------

Github user atcazzual commented on the issue:

    https://github.com/apache/struts/pull/157
  
    The expression did not seem to work at all until I escaped the slashes, changing  `/`
 to  `\/`
    
    Once I got it working, there then seems to be a bug in the new expression when matching
on URLs that use IP addresses.   The grouping has changed causing two problems with matching
IP addresses.
    
    1. The dot `.` character that delimits the octets in an IP address only applies to the
last condition, `25[0-5]\.` on line 57, instead of all conditions for an IP octet. This makes
matching most IP address fail.   The only IPs that will match would need to have 3-digit octets
for the first three where the first two-digits are `25`.  _NOTE: This seems to have been resolved
by the commit above._
    2. The conditions for the last octet are no longer grouped (line 58) making the OR `|`
operator act on what was a higher level group.  Because of this, the fourth octet would have
to be only one or two digits.
    
    For example, only IPs like the following will pass validation:
    http://**25**3.**25**4.**25**5.1  (mostly resolved by the commit above)
    http://**25**3.**25**4.**25**5.12 (mostly resolved by the commit above)
    
    After the commit above, any IP with 3 digits in the last octet will **not** pass validation:
    http<nolink>://1.2.3.**100**
    http<nolink>://1.2.3.**255**


> Improve RegEx used to validate URLs
> -----------------------------------
>
>                 Key: WW-4834
>                 URL: https://issues.apache.org/jira/browse/WW-4834
>             Project: Struts 2
>          Issue Type: Improvement
>          Components: Core, XML Validators
>    Affects Versions: 2.3.33, 2.5.12
>            Reporter: Lukasz Lenart
>             Fix For: 2.3.34, 2.5.13
>
>




--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message