如何通过检查 URI 是否引用给定域名来验证 URI? [英] How to validate URIs by checking if those refer to a given domain name?

问题描述

我正在运行 Ruby on Rails 4.1.1，我想通过检查 URI 是否在给定的域名中来验证 URI.也就是说，一个 uri 字符串可以作为 params 发送到我的控制器，我想检查 uri 是否引用"到我的应用程序域名 www.myapp.com.当然，uri 应该是有效的URI 引用.

I am running Ruby on Rails 4.1.1 and I would like to validate URIs by checking if those are within a given domain name. That is, a uri string can be sent as params to my controller and I would like to check if that uri "refers" to my application domain name www.myapp.com. Of course, the uri should be a valid URI reference.

# Invalid URIs
www.website.com
http://www.website.com
http://www.website.com/
https://www.website.com/
ftp://www.website.com/
ftps://www.website.com/
http://www.website.com/some/path

# Valid URIs
www.myapp.com
http://www.myapp.com
http://www.myapp.com/
https://www.myapp.com/
ftp://www.myapp.com/
ftps://www.myapp.com/
http://www.myapp.com/some/path

我怎样才能做到(也许只使用 Ruby on Rails)?

How can I make that (maybe by using just Ruby on Rails)?

注意:我正在验证 URI 以允许用户设置自定义重定向，并且我知道 漏洞.我计划在我的 application_controller.rb 中规定的方法中运行验证.

Note: I am validating URIs in order to allow users to set custom redirects and I am aware of vulnerabilities. I plan to run validations in a method stated in my application_controller.rb.

推荐答案

require 'uri'

uri = URI.parse 'http://www.website.com/some/path'

isOK = case uri.host
       when 'www.website.com' then true
       else false
       end

#⇒ true

希望能帮到你.

这篇关于如何通过检查 URI 是否引用给定域名来验证 URI?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！