projects / project / luci.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 69d7840)
luci-app-acme: Validate domains
authorSergey Ponomarev <[email protected]>
Sat, 1 Jun 2024 15:47:50 +0000 (18:47 +0300)
committerToke Høiland-Jørgensen <[email protected]>
Tue, 7 Oct 2025 12:01:06 +0000 (14:01 +0200)
We can't just use the datatype = "list(hostname)" because a domain may have a wildcard.
So check the domain by a simple regexp.
Check that DNS mode is used for wildcard.
Make the wildcard allowed only the beginning.
Add lowercase requirement.

Signed-off-by: Sergey Ponomarev <[email protected]>
applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js patch | blob | history

diff --git a/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js
index 818fe39baf8eab894e57b6e40a555ae63256f4bd..07cac56416feab244ebe833f2606f1727b4a2169 100644 (file)
--- a/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js
+++ b/applications/luci-app-acme/htdocs/luci-static/resources/view/acme.js
@@ -83,6 +83,21 @@ return view.extend({
                                "The first name will be the subject name, subsequent names will be alt names. " +
                                "Note that all domain names must point at the router in the global DNS."));
                o.datatype = "list(string)";
+               o.validate = function (section_id, value) {
+                       if (!value) {
+                               return true;
+                       }
+                       if (!/^[*a-z0-9][a-z0-9.-]*$/.test(value)) {
+                               return _('Invalid domain. Allowed lowercase a-z, numbers and hyphen -');
+                       }
+                       if (value.startsWith('*')) {
+                               let method = this.section.children.filter(function (o) { return o.option == 'validation_method'; })[0].formvalue(section_id);
+                               if (method && method !== 'dns') {
+                                       return _('wildcards * require Validation method: DNS');
+                               }
+                       }
+                       return true;
+               };
 
                o = s.taboption('challenge_webroot', form.Value, 'webroot', _('Webroot directory'),
                        _("Webserver root directory. Set this to the webserver " +
Lua Configuration Interface (mirror)