Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow URLs with relative protocol #32

Closed
wants to merge 2 commits into from
Closed

Allow URLs with relative protocol #32

wants to merge 2 commits into from

Conversation

mbrodala
Copy link

This allows the matomoIntegrationUrl to use a relative protocol, e.g. //example.org. This is in line with the site base which also allows this.

@mbrodala
[TASK] Test that protocol-relative URLs are accepted
a8db361
@mbrodala
[TASK] Allow URL with relative protocol
eabeeb1 
Unfortunately filter_var() rejects valid URLs like "//example.org", so we now only reject empty URLs and URLs which are seriously malformed.
@mbrodala mbrodala marked this pull request as ready for review November 14, 2024 10:23
@brotkrueml brotkrueml added the enhancement New feature or request label Nov 14, 2024
brotkrueml
brotkrueml reviewed Nov 14, 2024
View reviewed changes
Copy link
Owner

@brotkrueml brotkrueml left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mbrodala Thanks for your contribution. However, I have a remark.

@mbrodala
Copy link
Author

TBH I wonder if only rejecting an empty value is enough. Everything else is up to the integrator/developer IMO. If you set an invalid URL, you should be aware of that.

@brotkrueml
Copy link
Owner

brotkrueml commented Nov 15, 2024
edited
Loading

I added the check to avoid a "url" which isn't one but does something bad in the JS code. So it should look at least like a URL. I am aware that ftp://example.com is also valid by the check. But that won't open a possible security issue but just doesn't work. The value comes from outside and cannot be trusted.

brotkrueml added a commit that referenced this pull request Nov 25, 2024
@brotkrueml
feat: allow URLs with relative protocal
3efd6fd 
related: #32
@brotkrueml
Copy link
Owner

@mbrodala Thanks for your contribution: I added the feature to the latest release 2.3.0:
https://github.com/brotkrueml/typo3-matomo-integration/releases/tag/v2.3.0

@brotkrueml brotkrueml closed this Nov 25, 2024
@mbrodala mbrodala deleted the patch-1 branch November 26, 2024 07:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brotkrueml brotkrueml brotkrueml left review comments

Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mbrodala @brotkrueml