You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@struts.apache.org by Adam Hardy <ah...@cyberspaceroad.com> on 2004/04/01 17:41:43 UTC

Re: URL validation

On 03/15/2004 10:16 AM Adam Hardy wrote:
> On 03/13/2004 07:46 AM rleland@apache.org wrote:
> 
>>> From: Adam Hardy I provide URL validation on a page which saves links 
>>> for
>>> users.
>>>
>>> I put together the latest build of commons-validator (1.1.2) and struts
>>> (1.2) to see what the URL validation is like.
>>>
>>> The class for server-side validation is in place, but the javascript
>>> doesn't exist.
>>>
>>> It works very strictly, too strictly for me.
>>>
>>> Most users will want to save links such as
>>>
>>> http://www.google.com
>>> http://jakarta.apache.org/
>>> http://marc.theaimsgroup.com/?l=struts-user&m=105511005106573&w=2
>>
>>
>>
>>
>> This is definately a bug and they should have passed,
>> I haven't run the unit tests against it in some time do they still
>> pass ?
>> My guess is that it might not be expecting the '/' after the domain 
>> name. This would probably only require a small tweak
>> to the regular expression thats used.
>>
>> I would apply any patches that were submitted 

Just got around to looking at a glitch in UrlValidator and I've found 
that the isValidPath() method explicitly fails when the path (after the 
port number) is '/' - e.g.

  http://www.google.com:80/?action=view expected:<true> but was:<false>

The code actually does the following:

if (path.endsWith("/")) {
     return false;
}

Surely this should not be so?


Adam


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@struts.apache.org
For additional commands, e-mail: dev-help@struts.apache.org