diff --git a/app/validators/domain_name_validator.rb b/app/validators/domain_name_validator.rb index 0d5638b37..2652c44d6 100644 --- a/app/validators/domain_name_validator.rb +++ b/app/validators/domain_name_validator.rb @@ -33,7 +33,9 @@ class DomainNameValidator < ActiveModel::EachValidator def validate_blocked(value) return true unless value - return false if BlockedDomain.where(name: value).count.positive? + return false if BlockedDomain.where(name: value).any? + return false if BlockedDomain.where(name: SimpleIDN.to_unicode(value)).any? + DNS::Zone.where(origin: value).count.zero? end end diff --git a/test/integration/epp/domain/create/base_test.rb b/test/integration/epp/domain/create/base_test.rb index ff8da3696..ffd56ffc5 100644 --- a/test/integration/epp/domain/create/base_test.rb +++ b/test/integration/epp/domain/create/base_test.rb @@ -144,6 +144,36 @@ class EppDomainCreateBaseTest < EppTestCase assert_epp_response :data_management_policy_violation end + def test_blocked_punicode_domain_cannot_be_registered + blocked_domain = 'blockedäöüõ.test' + assert BlockedDomain.find_by(name: blocked_domain) + + request_xml = <<-XML + + + + + + #{SimpleIDN.to_ascii('blockedäöüõ.test')} + #{contacts(:john).code} + + + + + #{'test' * 2000} + + + + + XML + + assert_no_difference 'Domain.count' do + post epp_create_path, params: { frame: request_xml }, + headers: { 'HTTP_COOKIE' => 'session=api_bestnames' } + end + assert_epp_response :data_management_policy_violation + end + def test_reserved_domain_cannot_be_registered_with_wrong_registration_code request_xml = <<-XML