Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-04-21 21:47:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 117
fleet/server/service/validation_setup.go
jacobshandling 748b5bcd51
Full-stack: Make "Server url" validation conditions consistent across Fleet, update Web Address form validation and submission logic per Fleet best practices (frontend/docs/patterns.md) (#27455) 
## For #27454 

Consider Fleet web URL to be valid if it:

- (Front end and back end): uses “https://” or “http://” scheme
 and
- (Front end) accepts only valid or "localhost" hosts (e.g., "a.b.cc" or
"localhost", but not "a.b")
- (Back end) accepts any host (e.g., "localhost", "a.b.cc", or even
"a.b")


### Setup flow UI URL validation:

![setup](https://github.com/user-attachments/assets/34a428d2-5731-46f2-b708-c88b790e3667)

### Org settings UI URL validation:

![org-settings](https://github.com/user-attachments/assets/147916c8-9c5b-4ae7-9e14-625c65b42d0a)

### Server URL validation:
<img width="1464" alt="invalid-url-server"
src="https://github.com/user-attachments/assets/83a112e1-6318-4b09-864d-fe66a223835d"
/>

### Invalid Fleet server URL in DB error:

![invalid-url-in-db](https://github.com/user-attachments/assets/aae591fb-6cc3-49bd-8556-22129be4c2c4)


- [x] Changes file added for user-visible changes in `changes/`,
- [x] Added/updated automated tests
- [ ] A detailed QA plan exists on the associated ticket (if it isn't
there, work with the product group's QA engineer to add it)
- [x] Manual QA for all new/changed functionality

---------

Co-authored-by: Jacob Shandling <jacob@fleetdm.com>
2025-03-27 13:56:38 -07:00

48 lines
1.2 KiB
Go
Raw Blame History

package service
import (
"context"
"errors"
"net/url"
"strings"
"github.com/fleetdm/fleet/v4/server/contexts/ctxerr"
"github.com/fleetdm/fleet/v4/server/fleet"
)
func (mw validationMiddleware) NewAppConfig(ctx context.Context, payload fleet.AppConfig) (*fleet.AppConfig, error) {
invalid := &fleet.InvalidArgumentError{}
var serverURLString string
if payload.ServerSettings.ServerURL == "" {
invalid.Append("server_url", "missing required argument")
} else {
serverURLString = cleanupURL(payload.ServerSettings.ServerURL)
}
if err := ValidateServerURL(serverURLString); err != nil {
invalid.Append("server_url", err.Error())
}
if invalid.HasErrors() {
return nil, ctxerr.Wrap(ctx, invalid)
}
return mw.Service.NewAppConfig(ctx, payload)
}
func ValidateServerURL(urlString string) error {
// TODO - implement more robust URL validation here
// no valid scheme provided
if !(strings.HasPrefix(urlString, "http://") || strings.HasPrefix(urlString, "https://")) {
return errors.New(fleet.InvalidServerURLMsg)
}
// valid scheme provided - require host
parsed, err := url.Parse(urlString)
if err != nil {
return err
}
if parsed.Host == "" {
return errors.New(fleet.InvalidServerURLMsg)
}
return nil
}
Reference in a new issue View git blame Copy permalink