fix: route limit to subdomains does not work #5961
Conversation
`example.com` does not match`'subdomain' => '*'`, so the route is not registered.
kenjis
added
the
bug
|
Not sure if this will work correctly if the domain name is a first level domain. |
|
@iRedds What do you mean by "first level domain"? |
|
The local resource can be named |
|
It seems Brand top-level domains. This method is not perfect from the beginning. CodeIgniter4/system/Router/RouteCollection.php Lines 1327 to 1328 in 38d5c10 |
|
Not perfect and not correct are two different cases. |
|
Tomorrow will show my solution, I have been using for several years. Because I'm leaving today |
/**
* domainFilter()
*
*
* @param mixed $allowed_domain - allowed domain format ['example.net','subdomain.example.com'] , don't use http://
* @param mixed $domain_to_check - input domain to check e.g. www.www.www.www.a1.g.h.r.r.e.e.e.e.e.e.d.subdomain.example.com
*
* @return array associates
*
* if not found:
* ['matches'] type (int) == 0
* [0] == empty array()
*
* if checked:
*
* ['matches'] type (int) == 1
* [0][0] => www. - prefix
* [0][1] => a1.g.h.r.r.e.e.e.e.e.e.d - subdomain or null if not check
* [0][2] => subdomain.example.com - domain <br>
*
*
*
*/
function domainFilter(array $allowed_domain, string $domain_to_check):array {
$result = [];//only for IDE (warning undefined variable)
$allowed_domain = implode('|', $allowed_domain);
$result['matches'] = preg_match('/^(?:(w{3})\.)*(?:((?:[a-z0-9\-\_]+\.)*[a-z0-9\-\_]+)\.)*('.$allowed_domain.')$/', $domain_to_check, $result[0]);
//remove first element from array, but first array return input param $allowed_domain
array_shift($result[0]);
return $result;
}
d(
domainFilter(['crazy.sub.domain.com', 'ci.loc'], 'www.usersubdomain.crazy.sub.domain.com')
);
d(
domainFilter(['crazy.sub.domain.com', 'ci.loc'], 'aaa.bbb.usersubdomain.crazy.sub.domain.com')
);
|
|
link to source domain filter function I use this function in other scripts. p.s. edit2: using hostname and subdomain together does not work at the moment |
|
I believe this PR fixed the bug #5959. So this PR is done. @iRedds The Bug with Brand top-level domains is another bug that exists already. @szajens Thank you for sample code. Adding like that code is an enhancement. It is better to create another PR. I think it is better to add hostname validation and logic that is more reliable to determine subdomains. |
|
That's right, because someone can dynamically replace the host. The above code eliminates the Bug with Brand top-level domains |
|
@kenjis maybe you will create new PR,because my English no perfect 😁 |
|
I am not going to send any more PR on this matter. |
|
Open to other enhancements and bugfixes, but I'm with kenjis that this addresses the issue at hand. |
Description
Fixes #5959
Checklist: