Now that I've got regex service URLs working, what do you all think about
this regex pattern to match all of OSU's sites:
^https?://([A-Za-z0-9_-]+\.)*oregonstate\.edu(:\d+)?/.*
I want to match:
1. http or https
2. top-level domain (oregonstate.edu)
3. subdomains (foo.oregonstate.edu)
4. port specified (:80, :443) or not
5. any path
but obviously, I do not want to match something hosted by evildomain.com.
If I'm reading the bug notes for CAS-1071 correctly, this will work.
Is there an implied beginning-of-string anchor on these matches, so that
the following URL will NOT match:
http://evil.domain/foo?http://people.oregonstate.edu/~morgan/
Thanks,
Andy
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
