isValid() would work, but you could use regex as well to check the
beginning of the string to see if there are any valid protocols at the
beginning.
.pjf
Jason Allen said the following on 12/05/10 10:36:
Hi Guys,
I had some more pressing coding to work on, so I put this on the back
burner. I'm revisiting it now. I am working on a url redirect service.
The core of it is working, but I want to integrate some better url
checking functions. Right now, if someone enters a long url to have
shortened, the form will accept anything.
The only thing I am doing is checking to see if the string has
'http://' and if not, adding it to the string. so that something like
thisismyurl.net would get saved as http://thisismyurl.net
This is obviously flawed, as if someone were to enter
ftp://thisismyurl.net it would get saved as http://ftp://thisismyurl.net
So here is my idea
Check for http://, but also check for https://, ftp://, mailto:,
file:, and news urls.
Only if there is no match after that, then add http:// to the front of
the string. This is because many people may enter in
thisismyurl.net, but if it is a url for any of the other protocols,
people will have to enter that anyway. So the only url's that won't
have a match would be standard http:// ones since only those url's are
often written without it.
After that check, I am then going to run the string through
'isvalid(url, string)'. If it passes, then I will accept the url.
Is that good enough?
I'm also going to have it setup so that any .exe, .bat, etc. files
don't do an instant redirect. With standard urls, they will redirect
automatically. With url's that contain executable files, users who use
the shortened url will get a warning page that the url contains an
executable file and that they need to click on the link at their own
risk.
In regards to checking for executables, right now i'm thinking about
just parsing the string for .exe, .bat, etc. and if any of that is
found anywhere, flag it.
What do you guys think? Sound logical? I don't want to be too
restrictive and potentially block valid url's, and many people may
have valid reasons for redirecting to executables, but i want some
order at least.
--
Open BlueDragon Public Mailing List
http://www.openbluedragon.org/ http://twitter.com/OpenBlueDragon
mailing list - http://groups.google.com/group/openbd?hl=en
!! save a network - please trim replies before posting !!
