From 550b6475efc8d56420c08df758a20da79ca6fb2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Thu, 12 May 2022 18:53:54 +0000 Subject: [PATCH 1/2] Upgrade hostname validator --- app/controllers/api/projects.php | 22 ++----------------- composer.lock | 14 ++++++------ .../Projects/ProjectsConsoleClientTest.php | 11 ++++++++++ 3 files changed, 20 insertions(+), 27 deletions(-) diff --git a/app/controllers/api/projects.php b/app/controllers/api/projects.php index 80bc0c5f70..cd15b35cf4 100644 --- a/app/controllers/api/projects.php +++ b/app/controllers/api/projects.php @@ -969,19 +969,10 @@ App::post('/v1/projects/:projectId/platforms') ->param('name', null, new Text(128), 'Platform name. Max length: 128 chars.') ->param('key', '', new Text(256), 'Package name for Android or bundle ID for iOS or macOS. Max length: 256 chars.', true) ->param('store', '', new Text(256), 'App store or Google Play store ID. Max length: 256 chars.', true) - ->param('hostname', '', new Text(256), 'Platform client hostname. Max length: 256 chars.', true) + ->param('hostname', '', new Hostname(), 'Platform client hostname. Max length: 256 chars.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $type, string $name, string $key, string $store, string $hostname, Response $response, Database $dbForConsole) { - - // Ensure hostname has proper structure (no port, protocol..) - if(!empty($hostname)) { - $validator = new Hostname(); - if (!is_null($hostname) && !$validator->isValid($hostname)) { - throw new Exception($validator->getDescription(), 400, Exception::ATTRIBUTE_VALUE_INVALID); - } - } - $project = $dbForConsole->getDocument('projects', $projectId); if ($project->isEmpty()) { @@ -1090,19 +1081,10 @@ App::put('/v1/projects/:projectId/platforms/:platformId') ->param('name', null, new Text(128), 'Platform name. Max length: 128 chars.') ->param('key', '', new Text(256), 'Package name for android or bundle ID for iOS. Max length: 256 chars.', true) ->param('store', '', new Text(256), 'App store or Google Play store ID. Max length: 256 chars.', true) - ->param('hostname', '', new Text(256), 'Platform client URL. Max length: 256 chars.', true) + ->param('hostname', '', new Hostname(), 'Platform client URL. Max length: 256 chars.', true) ->inject('response') ->inject('dbForConsole') ->action(function (string $projectId, string $platformId, string $name, string $key, string $store, string $hostname, Response $response, Database $dbForConsole) { - - // Ensure hostname has proper structure (no port, protocol..) - if(!empty($hostname)) { - $validator = new Hostname(); - if (!is_null($hostname) && !$validator->isValid($hostname)) { - throw new Exception($validator->getDescription(), 400, Exception::ATTRIBUTE_VALUE_INVALID); - } - } - $project = $dbForConsole->getDocument('projects', $projectId); if ($project->isEmpty()) { diff --git a/composer.lock b/composer.lock index 0eb359e413..20d500ee5c 100644 --- a/composer.lock +++ b/composer.lock @@ -2250,16 +2250,16 @@ }, { "name": "utopia-php/framework", - "version": "0.19.20", + "version": "0.19.21", "source": { "type": "git", "url": "https://github.com/utopia-php/framework.git", - "reference": "65ced168db8f6e188ceeb0d101f57552c3d8b2af" + "reference": "3b7bd8e4acf84fd7d560ced8e0142221d302575d" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/utopia-php/framework/zipball/65ced168db8f6e188ceeb0d101f57552c3d8b2af", - "reference": "65ced168db8f6e188ceeb0d101f57552c3d8b2af", + "url": "https://api.github.com/repos/utopia-php/framework/zipball/3b7bd8e4acf84fd7d560ced8e0142221d302575d", + "reference": "3b7bd8e4acf84fd7d560ced8e0142221d302575d", "shasum": "" }, "require": { @@ -2293,9 +2293,9 @@ ], "support": { "issues": "https://github.com/utopia-php/framework/issues", - "source": "https://github.com/utopia-php/framework/tree/0.19.20" + "source": "https://github.com/utopia-php/framework/tree/0.19.21" }, - "time": "2022-04-14T15:42:37+00:00" + "time": "2022-05-12T18:42:28+00:00" }, { "name": "utopia-php/image", @@ -6576,5 +6576,5 @@ "platform-overrides": { "php": "8.0" }, - "plugin-api-version": "2.1.0" + "plugin-api-version": "2.3.0" } diff --git a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php index e0a7cb158a..1154515648 100644 --- a/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php +++ b/tests/e2e/Services/Projects/ProjectsConsoleClientTest.php @@ -1910,6 +1910,17 @@ class ProjectsConsoleClientTest extends Scope $this->assertEquals(400, $response['headers']['status-code']); + $response = $this->client->call(Client::METHOD_POST, '/projects/' . $id . '/platforms', array_merge([ + 'content-type' => 'application/json', + 'x-appwrite-project' => $this->getProject()['$id'], + ], $this->getHeaders()), [ + 'type' => 'web', + 'name' => 'Too Long Hostname', + 'key' => '', + 'store' => '', + 'hostname' => \str_repeat("bestdomain", 25) . '.com' // 250 + 4 chars total (exactly above limit) + ]); + return $data; } From 01de97bbabbf372c0d365aa3717cc28e0f7e37da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Matej=20Ba=C4=8Do?= Date: Thu, 12 May 2022 19:15:47 +0000 Subject: [PATCH 2/2] Empty commit for CI/CD