feat: add configurable URL validation options#233
Draft
nieomylnieja wants to merge 4 commits into
Draft
Conversation
Support scheme, host, user info, and hostname allow/deny checks in the URL rule. Add targeted error messages and tests to cover the new validation behavior.
|
Test coverage changes:
|
Reuse the variadic slice in `URLSchemes` instead of copying it. This removes an unnecessary allocation while preserving behavior.
Validate each URL option directly against the parsed URL instead of building an intermediate options struct, reducing indirection in rule evaluation.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Motivation
Currently URL validation only checks for the most common errors, but often times there are other common checks users are forced to implement themselves. I think it would be worthwhile to extend the current
rules.URLsignature with opt-in options, which would verify additional properties of the URL.Summary
Support scheme, host, user info, and hostname allow/deny checks in the URL rule. Add targeted error messages and tests to cover the new validation behavior.
Release Notes
Added configurable
rules.URLvalidation options for enforcing allowed schemes, required hosts, disallowed user info, and hostname allow/deny lists. URL option failures now use built-in message templates so applications can customize or translate them consistently.