W3C home > Mailing lists > Public > www-validator-cvs@w3.org > June 2010

commit: restricted validation to public IP

From: Mercurial notifier <nobody@w3.org>
Date: Mon, 14 Jun 2010 09:22:35 -0400
To: Unicorn Updates <www-validator-cvs@w3.org>
Message-Id: <E1OO9cZ-00069M-Qn@blinky.w3.org>
changeset:   1229:504fd361c616
user:        Thomas Gambet <tgambet@w3.org>
date:        Sun Jun 13 20:47:25 2010 -0400
files:       src/org/w3c/unicorn/input/URIInputParameter.java
description:
restricted validation to public IP


diff -r 864c174ad7b0 -r 504fd361c616 src/org/w3c/unicorn/input/URIInputParameter.java
--- a/src/org/w3c/unicorn/input/URIInputParameter.java	Sun Jun 13 20:01:22 2010 -0400
+++ b/src/org/w3c/unicorn/input/URIInputParameter.java	Sun Jun 13 20:47:25 2010 -0400
@@ -3,6 +3,7 @@
 import java.io.IOException;
 import java.net.ConnectException;
 import java.net.HttpURLConnection;
+import java.net.InetAddress;
 import java.net.MalformedURLException;
 import java.net.SocketTimeoutException;
 import java.net.URL;
@@ -82,6 +83,10 @@
 			if (!docUrl.getProtocol().equals("http") && !docUrl.getProtocol().equals("https"))
 				throw new UnicornException(Message.ERROR, "$message_unsupported_protocol", null, docUrl.getProtocol());
 			
+			InetAddress add = InetAddress.getByName(docUrl.getHost());
+			if (add.isSiteLocalAddress() || add.isLoopbackAddress())
+				throw new UnicornException(Message.ERROR, "$message_local_address_provided");
+			
 			HttpURLConnection con = (HttpURLConnection) docUrl.openConnection();
 			con.setConnectTimeout(connectTimeOut);
 			con.setRequestMethod("HEAD");
Received on Monday, 14 June 2010 13:25:16 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:55:20 GMT