From e1113287b42b1e667ca0128b13f749d0540a4a18 Mon Sep 17 00:00:00 2001
From: Kyle Drake <kyle@kyledrake.net>
Date: Tue, 20 Aug 2024 10:29:31 -0500
Subject: [PATCH] check for ip addresses being used for custom domains

---
 app/settings.rb | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/app/settings.rb b/app/settings.rb
index 2a50203a..09248784 100644
--- a/app/settings.rb
+++ b/app/settings.rb
@@ -1,3 +1,6 @@
+require 'socket'
+require 'ipaddr'
+
 get '/settings/?' do
   require_login
   @site = parent_site
@@ -152,6 +155,15 @@ post '/settings/:username/custom_domain' do
     redirect "/settings/#{@site.username}/#custom_domain"
   end
 
+  begin
+    addr = IPAddr.new @site.values[:domain]
+    if addr.ipv4? || addr.ipv6?
+      flash[:error] = 'IP addresses are not allowed. Please enter a valid domain name.'
+      redirect "/settings/#{@site.username}#custom_domain"
+    end
+  rescue IPAddr::InvalidAddressError
+  end
+
   begin
     Socket.gethostbyname @site.values[:domain]
   rescue SocketError, ResolutionError => e