zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-05-16 17:46:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fixes to prevent IDN script mixing

Browse source
This commit is contained in:
Pinga 2025-02-11 10:53:21 +02:00
parent 657373519f
commit f0e7d8a3c7
2 changed files with 12 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

7
cp/bootstrap/helper.php
View file

@ -281,8 +281,13 @@ function validate_label($domain, $db) {
return 'Zone is not supported'; return 'Zone is not supported';
} }
// Prevent mixed IDN & ASCII domains
if ((strpos($parts['domain'], 'xn--') === 0) !== (strpos($parts['tld'], 'xn--') === 0)) {
return 'Invalid domain name: IDN (xn--) domains must have both an IDN domain and TLD.';
}
// IDN-specific validation (only if the domain contains Punycode) // IDN-specific validation (only if the domain contains Punycode)
if (strpos($parts['domain'], 'xn--') === 0) { if (strpos($parts['domain'], 'xn--') === 0 && strpos($parts['tld'], 'xn--') === 0) {
$label = idn_to_utf8($parts['domain'], IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46); $label = idn_to_utf8($parts['domain'], IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
// Fetch the IDN regex for the given TLD // Fetch the IDN regex for the given TLD

7
epp/src/helpers.php
View file

@ -255,8 +255,13 @@ function validate_label($domain, $pdo) {
return 'Zone is not supported'; return 'Zone is not supported';
} }
// Prevent mixed IDN & ASCII domains
if ((strpos($parts['domain'], 'xn--') === 0) !== (strpos($parts['tld'], 'xn--') === 0)) {
return 'Invalid domain name: IDN (xn--) domains must have both an IDN domain and TLD.';
}
// IDN-specific validation (only if the domain contains Punycode) // IDN-specific validation (only if the domain contains Punycode)
if (strpos($parts['domain'], 'xn--') === 0) { if (strpos($parts['domain'], 'xn--') === 0 && strpos($parts['tld'], 'xn--') === 0) {
$label = idn_to_utf8($parts['domain'], IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46); $label = idn_to_utf8($parts['domain'], IDNA_NONTRANSITIONAL_TO_ASCII, INTL_IDNA_VARIANT_UTS46);
// Fetch the IDN regex for the given TLD // Fetch the IDN regex for the given TLD