aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorGravatar Frédéric Guillot <fred@miniflux.net>2018-07-07 14:01:02 -0700
committerGravatar Frédéric Guillot <fred@miniflux.net>2018-07-07 14:01:02 -0700
commit55a1e97778f45058ff3407a92303f6d57c0b15fe (patch)
treee22818a92e4037d5ee84b97921ef611406a0fc6b
parentcda0efb731e927226cc6e007ff734e45405195b9 (diff)
Add base URL validation
-rw-r--r--config/config.go54
-rw-r--r--config/config_test.go38
2 files changed, 75 insertions, 17 deletions
diff --git a/config/config.go b/config/config.go
index 2e08434..3cb2ef2 100644
--- a/config/config.go
+++ b/config/config.go
@@ -8,6 +8,7 @@ import (
"net/url"
"os"
"strconv"
+ "strings"
"github.com/miniflux/miniflux/logger"
)
@@ -54,6 +55,35 @@ func (c *Config) getInt(key string, fallback int) int {
return v
}
+func (c *Config) parseBaseURL() {
+ baseURL := os.Getenv("BASE_URL")
+ if baseURL == "" {
+ return
+ }
+
+ if baseURL[len(baseURL)-1:] == "/" {
+ baseURL = baseURL[:len(baseURL)-1]
+ }
+
+ u, err := url.Parse(baseURL)
+ if err != nil {
+ logger.Error("Invalid BASE_URL: %v", err)
+ return
+ }
+
+ scheme := strings.ToLower(u.Scheme)
+ if scheme != "https" && scheme != "http" {
+ logger.Error("Invalid BASE_URL: scheme must be http or https")
+ return
+ }
+
+ c.baseURL = baseURL
+ c.basePath = u.Path
+
+ u.Path = ""
+ c.rootURL = u.String()
+}
+
// HasDebugMode returns true if debug mode is enabled.
func (c *Config) HasDebugMode() bool {
return c.get("DEBUG", "") != ""
@@ -61,31 +91,16 @@ func (c *Config) HasDebugMode() bool {
// BaseURL returns the application base URL with path.
func (c *Config) BaseURL() string {
- if c.baseURL == "" {
- c.baseURL = c.get("BASE_URL", defaultBaseURL)
- if c.baseURL[len(c.baseURL)-1:] == "/" {
- c.baseURL = c.baseURL[:len(c.baseURL)-1]
- }
- }
return c.baseURL
}
// RootURL returns the base URL without path.
func (c *Config) RootURL() string {
- if c.rootURL == "" {
- u, _ := url.Parse(c.BaseURL())
- u.Path = ""
- c.rootURL = u.String()
- }
return c.rootURL
}
// BasePath returns the application base path according to the base URL.
func (c *Config) BasePath() string {
- if c.basePath == "" {
- u, _ := url.Parse(c.BaseURL())
- c.basePath = u.Path
- }
return c.basePath
}
@@ -204,5 +219,12 @@ func (c *Config) PocketConsumerKey(defaultValue string) string {
// NewConfig returns a new Config.
func NewConfig() *Config {
- return &Config{IsHTTPS: os.Getenv("HTTPS") != ""}
+ cfg := &Config{
+ baseURL: defaultBaseURL,
+ rootURL: defaultBaseURL,
+ IsHTTPS: os.Getenv("HTTPS") != "",
+ }
+
+ cfg.parseBaseURL()
+ return cfg
}
diff --git a/config/config_test.go b/config/config_test.go
index 2cfec81..1f91add 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -56,7 +56,7 @@ func TestCustomBaseURLWithTrailingSlash(t *testing.T) {
}
if cfg.RootURL() != "http://example.org" {
- t.Fatalf(`Unexpected root URL, got "%s"`, cfg.BaseURL())
+ t.Fatalf(`Unexpected root URL, got "%s"`, cfg.RootURL())
}
if cfg.BasePath() != "/folder" {
@@ -64,6 +64,42 @@ func TestCustomBaseURLWithTrailingSlash(t *testing.T) {
}
}
+func TestBaseURLWithoutScheme(t *testing.T) {
+ os.Clearenv()
+ os.Setenv("BASE_URL", "example.org/folder/")
+ cfg := NewConfig()
+
+ if cfg.BaseURL() != "http://localhost" {
+ t.Fatalf(`Unexpected base URL, got "%s"`, cfg.BaseURL())
+ }
+
+ if cfg.RootURL() != "http://localhost" {
+ t.Fatalf(`Unexpected root URL, got "%s"`, cfg.RootURL())
+ }
+
+ if cfg.BasePath() != "" {
+ t.Fatalf(`Unexpected base path, got "%s"`, cfg.BasePath())
+ }
+}
+
+func TestBaseURLWithInvalidScheme(t *testing.T) {
+ os.Clearenv()
+ os.Setenv("BASE_URL", "ftp://example.org/folder/")
+ cfg := NewConfig()
+
+ if cfg.BaseURL() != "http://localhost" {
+ t.Fatalf(`Unexpected base URL, got "%s"`, cfg.BaseURL())
+ }
+
+ if cfg.RootURL() != "http://localhost" {
+ t.Fatalf(`Unexpected root URL, got "%s"`, cfg.RootURL())
+ }
+
+ if cfg.BasePath() != "" {
+ t.Fatalf(`Unexpected base path, got "%s"`, cfg.BasePath())
+ }
+}
+
func TestDefaultBaseURL(t *testing.T) {
os.Clearenv()
cfg := NewConfig()