如何通过检查 URI 是否引用给定域名来验证 URI? [英] How to validate URIs by checking if those refer to a given domain name?
问题描述
我正在运行 Ruby on Rails 4.1.1,我想通过检查 URI 是否在给定的域名中来验证 URI.也就是说,一个 uri
字符串可以作为 params
发送到我的控制器,我想检查 uri
是否引用"到我的应用程序域名 www.myapp.com
.当然,uri
应该是有效的URI 引用.
I am running Ruby on Rails 4.1.1 and I would like to validate URIs by checking if those are within a given domain name. That is, a uri
string can be sent as params
to my controller and I would like to check if that uri
"refers" to my application domain name www.myapp.com
. Of course, the uri
should be a valid URI reference.
# Invalid URIs
www.website.com
http://www.website.com
http://www.website.com/
https://www.website.com/
ftp://www.website.com/
ftps://www.website.com/
http://www.website.com/some/path
# Valid URIs
www.myapp.com
http://www.myapp.com
http://www.myapp.com/
https://www.myapp.com/
ftp://www.myapp.com/
ftps://www.myapp.com/
http://www.myapp.com/some/path
我怎样才能做到(也许只使用 Ruby on Rails)?
How can I make that (maybe by using just Ruby on Rails)?
注意:我正在验证 URI 以允许用户设置自定义重定向,并且我知道 漏洞.我计划在我的 application_controller.rb
中规定的方法中运行验证.
Note: I am validating URIs in order to allow users to set custom redirects and I am aware of vulnerabilities. I plan to run validations in a method stated in my application_controller.rb
.
推荐答案
require 'uri'
uri = URI.parse 'http://www.website.com/some/path'
isOK = case uri.host
when 'www.website.com' then true
else false
end
#⇒ true
希望能帮到你.
这篇关于如何通过检查 URI 是否引用给定域名来验证 URI?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!