Comments (5)
Not sure how to proceed with this one. It's trivial to remove the TLD restriction but then the validator lets about anything through. A different alternative is to just whitelist localhost
. Suggestions?
from validator.js.
I'd say letting anything through is fine. They're still valid URLs, not all host names have TLDs. The only way you can really tell is to check to see if DNS resolves and if the host is reachable, but no one wants to do that.
from validator.js.
+1 to white-listing only localhost.
For use on LANs and similar applications where you don't have a TLD, you can use different techniques, which are faster, like supply a list of valid hostnames from a central location (DNS server?), and check only the paths without domain name, port, etc.
Localhost is the only notable exception since we use it for development, although I usually use a domain name like d1.localhost.tld
myself just to avoid cases like this.
from validator.js.
I frequently have short hostnames that I use for test sites. I think it'd be better to be lenient here and let people that need to verify host names do so in subsequent steps. I think checking for a scheme and target should be sufficient.
from validator.js.
I agree with you on most counts but I'm not game to let an arbitrary alphanumeric string pass through the validator. It's trivial to modify your hostnames to include a tld
from validator.js.
Related Issues (20)
- Invalid URL get validated HOT 2
- "Cannot find module './util/assertString'" since 13.12.0 HOT 2
- 🚧: Stale Prs HOT 5
- Update isUUID() to fully support the new UUID spec (RFC9562) HOT 4
- Should isURL accept accented urls or should make this validation optional? HOT 1
- isFQDN function continues executing with disabled require_tld option HOT 2
- isDate raise an exception on "2024-08-" HOT 6
- `isNumeric` doesn't support scientific notation HOT 3
- Create a File type validtor HOT 1
- Email address starting with double quote passes isEmail validation HOT 2
- IsMobilePhone.js - Update Regular Expression for Validating Panamanian Phone Numbers HOT 5
- Not suport phone numbers ( Netherland example) HOT 2
- Add SIP URI Validation HOT 1
- Email Validator issue for double quotes and special characters HOT 4
- normaliseEmail yandex conversion HOT 1
- `isUrl` fails for URLs that do not use domain suffixes HOT 1
- `isByteLength` does not validate correctly for multi-byte characters such as Japanese and Chinese. HOT 1
- f34112d9109fbe39c8d659b96218e0bfea950533 HOT 1
- f34112d9109fbe39c8d659b96218e0bfea950533
- The isDate function throws an error when passed a string parameter. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from validator.js.