ajv-formats
Advanced tools
ajv-formats - npm Package Compare versions
Comparing version 1.4.0 to 1.4.1
| const { toASCII } = require('punycode'); | ||
| const { parse } = require('uri-js'); | ||
| const { tldExists } = require('tldjs'); | ||
| const hostnameRegex = /^(?=.{1,253}\.?$)[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?(?:\.[a-z0-9](?:[-0-9a-z]{0,61}[0-9a-z])?)*\.?$/i; | ||
| module.exports = value => { | ||
| const domain = toASCII(value); | ||
| return tldExists(domain) && !domain.includes(':'); | ||
| const hostname = toASCII(value); | ||
| return ( | ||
| hostname.replace(/\.$/, '').length <= 253 && | ||
| hostnameRegex.test(hostname) | ||
| ); | ||
| }; |
@@ -159,2 +159,3 @@ const assert = require('assert'); | ||
| assert.ok(validate('google.com')); | ||
| assert.ok(validate('123.example.com.')); | ||
@@ -165,2 +166,15 @@ // example from https://en.wikipedia.org/wiki/Internationalized_domain_name#Example_of_IDNA_encoding | ||
| // https://tools.ietf.org/html/rfc5890#section-2.3.2.3 | ||
| // -- An "internationalized domain name" (IDN) is a domain name that contains | ||
| // at least ONE A-label or U-label | ||
| assert.ok(validate('localhost')); | ||
| // from AJV test suite | ||
| // valid hostname - maximum length hostname (255 octets) with trailing dot | ||
| assert.ok(validate('abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxy.example.com.')); | ||
| // valid hostname - maximum length hostname (255 octets) | ||
| assert.ok(validate("abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxy.example.com")); | ||
| // valid hostname - maximum length label (63 chars) | ||
| assert.ok(validate('abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijk.example.com')); | ||
| // example from https://unicode.org/faq/idn.html#11 | ||
@@ -181,5 +195,11 @@ assert.ok(validate('öbb.at')); | ||
| // bad tld | ||
| assert.ok(!validate('example.unknown')); | ||
| assert.ok(!validate('localhost')); | ||
| // from ajv test suite | ||
| // invalid hostname - label too long (64 chars) | ||
| assert.ok(!validate('abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijkl.example.com')); | ||
| // invalid hostname - hostname too long (256 octets) | ||
| assert.ok(!validate('abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.example.com')); | ||
| // invalid hostname - hostname too long (256 octets) | ||
| assert.ok(!validate('abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.abcdefghijklmnopqrstuvwxyz.example.com.')); | ||
| // a URL, not a hostname | ||
@@ -186,0 +206,0 @@ assert.ok(!validate('http://google.com')); |
| { | ||
| "name": "ajv-formats", | ||
| "version": "1.4.0", | ||
| "version": "1.4.1", | ||
| "description": "Plugin for AJV that adds support for some of draft2019 formats.", | ||
@@ -18,3 +18,2 @@ "main": "index.js", | ||
| "schemes": "^1.1.1", | ||
| "tldjs": "^2.3.1", | ||
| "uri-js": "^4.2.2" | ||
@@ -21,0 +20,0 @@ }, |
@@ -9,11 +9,2 @@ # ajv-formats | ||
| An open question is how thoroughly to validate things like hostnames and IRIs | ||
| where the syntax and semantics diverge. Writing a regex for hostnames checks the | ||
| syntax (ie. contains only certain characters, there are multiple segments | ||
| separated by `.` and the lengths of all segments and the total length). That | ||
| won't catch obviously fake domains like `unknown.unknown`. This library goes a | ||
| step further than just checking the syntax and also attempts to check the | ||
| semantics as well. For example, when validating `idn-hostname`, this library | ||
| will also check for a valid TLD. | ||
| ## Installation | ||
@@ -124,3 +115,2 @@ | ||
| The hostname is converted to ascii with punycode and checked for a valid tld. | ||
| Note that `localhost` is technically not a valid hostname. | ||
@@ -127,0 +117,0 @@ ### duration |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by8.14%
18535
- Dependency count
- decreased by-16.67%
5
- Lines of code
- increased by7.03%
350
Worsened metrics
- Number of lines in readme file
- decreased by-7.81%
118
Dependency changes
- Removedtldjs@^2.3.1
- Removedpunycode@1.4.1(transitive)
- Removedtldjs@2.3.1(transitive)