• Post Reply Bookmark Topic Watch Topic
  • New Topic

Validate a given url against valid comma seperated list of domain names  RSS feed

 
Prince Manchanda
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

When my application is invoked with a redirect url, I need to validate the redirect url against a predefined list of valid domains. For example the application can be invoked as follows:



An example of the comma separated list of valid domain names that I have



Now my application will validate the url in the goto request parameter against the predefined list(as mentioned above)

My question here is
what is the best way to validate the url against the comma separated list of domain names.

One option that I have is to token-ise the domain list and then see if the url contains the valid domain or not. This requires string parsing.
The other option of using URL or URI classes for this purpose doesn't work in case of wild cards.
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Another possibility is to turn the list of domain names into a regular expression. For example, something along the lines of


Of course you only need to compile the pattern once.

This has had the very minimal testing so if you decide to follow this approach you will need to create extensive JUnit test cases.
 
Prince Manchanda
Ranch Hand
Posts: 52
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi James,

Thanks for the quick response.

This is a good idea but as you pointed out needs a rigorous JUnit test suite. Like it fails for a valid url like http://www.doo.com/myContext/a.jsp
 
James Sabre
Ranch Hand
Posts: 781
Java Netbeans IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Prince Manchanda wrote:Like it fails for a valid url like http://www.doo.com/myContext/a.jsp


www.doo.com passes! You need to extract the domain name from the URL and then test.

It would be fairly easy to extend the approach so that it tested against the url and not just the domain name but I will leave that for you to do.

Even easier would be -
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!