Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Request Tracker: Devel

ReferrerWhitelist wildcard domain matching

  

 
Request Tracker devel RSS feed   Index | Next | Previous | View Threaded


mtyson at redhat

Jul 11, 2012, 9:25 PM

Post #1 of 3 (388 views)
Permalink
ReferrerWhitelist wildcard domain matching
Hi,

I've attached a patch against RT to do simple wildcard matching against
domain names for the ReferrerWhitelist. This is to avoid having to
enter a domain and all of its subdomains manually.

EG
domain.com:80
foo.domain.com:80
bar.domain.com:80
baz.domain.com:80

could be entered as

*.domain.com:80

Does anyone have any interest in this or any feedback?

Regards,
Matt.
Attachments: wildcard-domain.patch (1.37 KB)


ruz at bestpractical

Jul 12, 2012, 4:39 AM

Post #2 of 3 (371 views)
Permalink
Re: ReferrerWhitelist wildcard domain matching [In reply to]
On Thu, Jul 12, 2012 at 7:25 AM, Matt Tyson <mtyson [at] redhat> wrote:
> Hi,
>
> I've attached a patch against RT to do simple wildcard matching against
> domain names for the ReferrerWhitelist. This is to avoid having to enter a
> domain and all of its subdomains manually.
>
> EG
> domain.com:80
> foo.domain.com:80
> bar.domain.com:80
> baz.domain.com:80
>
> could be entered as
>
> *.domain.com:80
>
> Does anyone have any interest in this or any feedback?

I would rather prefer to be able to put a regular expression into the list.

if ( ref $config eq 'Regexp' ) {
... if $value =~ $config;
} else {
...
}

Also, if option is regexp then it's may be better to match it against
whole URL, so for example people can whitelist corp site, but not
xxx.com/forum/... URLs.

> Regards,
> Matt.
>
> --------
> List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel
>



--
Best regards, Ruslan.
--------
List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel


trs at bestpractical

Jul 12, 2012, 10:41 AM

Post #3 of 3 (378 views)
Permalink
Re: ReferrerWhitelist wildcard domain matching [In reply to]
On 07/11/2012 09:25 PM, Matt Tyson wrote:
> I've attached a patch against RT to do simple wildcard matching against
> domain names for the ReferrerWhitelist. This is to avoid having to
> enter a domain and all of its subdomains manually.
>
> EG
> domain.com:80
> foo.domain.com:80
> bar.domain.com:80
> baz.domain.com:80
>
> could be entered as
>
> *.domain.com:80
>
> Does anyone have any interest in this or any feedback?

RT should support this syntax, yes.

The patch is not very Perlish. It looks like C. ;) A quick, untested rewrite:

my $host_port = $referer->host_port;
if ($config =~ /\*/) {
# Make *.example.com match example.com
return 1 if $config eq "*.$host_port";

# turn literal * into a non-greedy subdomain match
my $regex = join '\.',
map { $_ eq '*' ? '[a-zA-Z0-9\-]+?' : quotemeta($_) }
split /\./, $config;

return 1 if $host_port =~ /^$regex$/;
} else {
return 1 if $host_port eq $config;
}

Functional differences:

*.example.com shouldn't match foo.bar.example.com (see also how SSL cert CNs match)
foo.*.example.com shouldn't match foo..example.com (replaced * with +)
*.example.com shouldn't match #.example.com (replaced . with [a-zA-Z0-9\-])

Thomas
--------
List info: http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-devel

Request Tracker devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.