Hello Adolf,
thank you for working on this.
(In my point of view, the web interface lacks some input validation quite often, so it's good to see some improvements here... :-) )
Your patch looks fine to me, except when it comes to underscores in host- or domain names. While I have never seen them in production, Michael commited something allowing underscores in 2016: https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=03306ff6a25238e01a1f2b39...
Thanks, and best regards, Peter Müller
- Patch of general-functions.pl for implementation of fix provided by Bernhard Bitsch. Prevents spaces being put into hostnames
- Patch implemented into testbed system and confirmed working
Signed-off-by: Adolf Belka ahb.ipfire@gmail.com
config/cfgroot/general-functions.pl | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index 9be1e7708..318be2c01 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -640,13 +640,9 @@ sub validhostname if (length ($hostname) < 1 || length ($hostname) > 63) { return 0;} # Only valid characters are a-z, A-Z, 0-9 and -
- if ($hostname !~ /^[a-zA-Z0-9-\s]*$/) {
return 0;}- # First character can only be a letter or a digit
- if (substr ($hostname, 0, 1) !~ /^[a-zA-Z0-9]*$/) {
return 0;}- # Last character can only be a letter or a digit
- if (substr ($hostname, -1, 1) !~ /^[a-zA-Z0-9]*$/) {
- # First and last character can only be letter or decimal digit
- # else letter, decimal digits and hyphen are allowed
- if ($hostname !~ /^[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]$/) { return 0;} return 1;
}