diff options
Diffstat (limited to 'node_modules/is-url')
| -rw-r--r-- | node_modules/is-url/.npmignore | 3 | ||||
| -rw-r--r-- | node_modules/is-url/Makefile | 18 | ||||
| -rw-r--r-- | node_modules/is-url/Readme.md | 15 | ||||
| -rw-r--r-- | node_modules/is-url/component.json | 19 | ||||
| -rw-r--r-- | node_modules/is-url/index.js | 30 | ||||
| -rw-r--r-- | node_modules/is-url/package.json | 5 | ||||
| -rw-r--r-- | node_modules/is-url/test/index.js | 27 |
7 files changed, 63 insertions, 54 deletions
diff --git a/node_modules/is-url/.npmignore b/node_modules/is-url/.npmignore deleted file mode 100644 index d135df67c..000000000 --- a/node_modules/is-url/.npmignore +++ /dev/null @@ -1,3 +0,0 @@ -node_modules -components -build
\ No newline at end of file diff --git a/node_modules/is-url/Makefile b/node_modules/is-url/Makefile deleted file mode 100644 index 88225060e..000000000 --- a/node_modules/is-url/Makefile +++ /dev/null @@ -1,18 +0,0 @@ - -build: components index.js - @component build --dev - -clean: - @rm -fr build components node_modules - -components: component.json - @component install --dev - -node_modules: package.json - @npm install - -test: node_modules build - @./node_modules/.bin/mocha --reporter spec - @component test phantom - -.PHONY: clean test diff --git a/node_modules/is-url/Readme.md b/node_modules/is-url/Readme.md index f29dc2aba..20ed18103 100644 --- a/node_modules/is-url/Readme.md +++ b/node_modules/is-url/Readme.md @@ -1,22 +1,19 @@ # is-url - Check whether a string is a URL. +Check whether a string is a URL. ## Installation -``` -$ component install segmentio/is-url -``` -``` -$ npm install is-url +```sh +npm install is-url ``` ## API -### isUrl(string) +### `isUrl(string)` - Checks whether `string` is a URL. +Returns a Boolean indicating whether `string` is a URL. ## License - MIT +MIT diff --git a/node_modules/is-url/component.json b/node_modules/is-url/component.json deleted file mode 100644 index e7ecf768b..000000000 --- a/node_modules/is-url/component.json +++ /dev/null @@ -1,19 +0,0 @@ -{ - "name": "is-url", - "repo": "segmentio/is-url", - "version": "1.2.0", - "license": "MIT", - "description": "Check whether a string is a URL.", - "keywords": [ - "url", - "regexp", - "regex", - "validate" - ], - "scripts": [ - "index.js" - ], - "development": { - "component/assert": "*" - } -}
\ No newline at end of file diff --git a/node_modules/is-url/index.js b/node_modules/is-url/index.js index 1ef5187e4..3ea3d20db 100644 --- a/node_modules/is-url/index.js +++ b/node_modules/is-url/index.js @@ -6,10 +6,15 @@ module.exports = isUrl; /** - * Matcher. + * RegExps. + * A URL must match #1 and then at least one of #2/#3. + * Use two levels of REs to avoid REDOS. */ -var matcher = /^(?:\w+:)?\/\/([^\s\.]+\.\S{2}|localhost[\:?\d]*)\S*$/; +var protocolAndDomainRE = /^(?:\w+:)?\/\/(\S+)$/; + +var localhostDomainRE = /^localhost[\:?\d]*(?:[^\:?\d]\S*)?$/ +var nonLocalhostDomainRE = /^[^\s\.]+\.\S{2,}$/; /** * Loosely validate a URL `string`. @@ -19,5 +24,24 @@ var matcher = /^(?:\w+:)?\/\/([^\s\.]+\.\S{2}|localhost[\:?\d]*)\S*$/; */ function isUrl(string){ - return matcher.test(string); + if (typeof string !== 'string') { + return false; + } + + var match = string.match(protocolAndDomainRE); + if (!match) { + return false; + } + + var everythingAfterProtocol = match[1]; + if (!everythingAfterProtocol) { + return false; + } + + if (localhostDomainRE.test(everythingAfterProtocol) || + nonLocalhostDomainRE.test(everythingAfterProtocol)) { + return true; + } + + return false; } diff --git a/node_modules/is-url/package.json b/node_modules/is-url/package.json index 14b3744db..34b3ac118 100644 --- a/node_modules/is-url/package.json +++ b/node_modules/is-url/package.json @@ -1,9 +1,10 @@ { "name": "is-url", + "description": "Check whether a string is a URL.", "repository": "https://github.com/segmentio/is-url", - "version": "1.2.2", + "version": "1.2.4", "scripts": { - "test": "make test" + "test": "mocha --reporter spec" }, "license": "MIT", "devDependencies": { diff --git a/node_modules/is-url/test/index.js b/node_modules/is-url/test/index.js index 5f7aebce1..404e1b6f0 100644 --- a/node_modules/is-url/test/index.js +++ b/node_modules/is-url/test/index.js @@ -118,5 +118,32 @@ describe('is-url', function () { it('google.com', function () { assert(!url('google.com')); }); + + it('empty', function () { + assert(!url('')); + }); + + it('undef', function () { + assert(!url(undefined)); + }); + + it('object', function () { + assert(!url({})); + }); + + it('re', function () { + assert(!url(/abc/)); + }); + }); + + describe('redos', function () { + it('redos exploit', function () { + // Invalid. This should be discovered in under 1 second. + var attackString = 'a://localhost' + '9'.repeat(100000) + '\t'; + var before = process.hrtime(); + assert(!url(attackString), 'attackString was valid'); + var elapsed = process.hrtime(before); + assert(elapsed[0] < 1, 'attackString took ' + elapsed[0] + ' > 1 seconds'); + }); }); }); |