isURL.js 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177
  1. "use strict";
  2. Object.defineProperty(exports, "__esModule", {
  3. value: true
  4. });
  5. exports.default = isURL;
  6. var _assertString = _interopRequireDefault(require("./util/assertString"));
  7. var _isFQDN = _interopRequireDefault(require("./isFQDN"));
  8. var _isIP = _interopRequireDefault(require("./isIP"));
  9. var _merge = _interopRequireDefault(require("./util/merge"));
  10. function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
  11. /*
  12. options for isURL method
  13. require_protocol - if set as true isURL will return false if protocol is not present in the URL
  14. require_valid_protocol - isURL will check if the URL's protocol is present in the protocols option
  15. protocols - valid protocols can be modified with this option
  16. require_host - if set as false isURL will not check if host is present in the URL
  17. require_port - if set as true isURL will check if port is present in the URL
  18. allow_protocol_relative_urls - if set as true protocol relative URLs will be allowed
  19. validate_length - if set as false isURL will skip string length validation (IE maximum is 2083)
  20. */
  21. var default_url_options = {
  22. protocols: ['http', 'https', 'ftp'],
  23. require_tld: true,
  24. require_protocol: false,
  25. require_host: true,
  26. require_port: false,
  27. require_valid_protocol: true,
  28. allow_underscores: false,
  29. allow_trailing_dot: false,
  30. allow_protocol_relative_urls: false,
  31. validate_length: true
  32. };
  33. var wrapped_ipv6 = /^\[([^\]]+)\](?::([0-9]+))?$/;
  34. function isRegExp(obj) {
  35. return Object.prototype.toString.call(obj) === '[object RegExp]';
  36. }
  37. function checkHost(host, matches) {
  38. for (var i = 0; i < matches.length; i++) {
  39. var match = matches[i];
  40. if (host === match || isRegExp(match) && match.test(host)) {
  41. return true;
  42. }
  43. }
  44. return false;
  45. }
  46. function isURL(url, options) {
  47. (0, _assertString.default)(url);
  48. if (!url || /[\s<>]/.test(url)) {
  49. return false;
  50. }
  51. if (url.indexOf('mailto:') === 0) {
  52. return false;
  53. }
  54. options = (0, _merge.default)(options, default_url_options);
  55. if (options.validate_length && url.length >= 2083) {
  56. return false;
  57. }
  58. var protocol, auth, host, hostname, port, port_str, split, ipv6;
  59. split = url.split('#');
  60. url = split.shift();
  61. split = url.split('?');
  62. url = split.shift();
  63. split = url.split('://');
  64. if (split.length > 1) {
  65. protocol = split.shift().toLowerCase();
  66. if (options.require_valid_protocol && options.protocols.indexOf(protocol) === -1) {
  67. return false;
  68. }
  69. } else if (options.require_protocol) {
  70. return false;
  71. } else if (url.substr(0, 2) === '//') {
  72. if (!options.allow_protocol_relative_urls) {
  73. return false;
  74. }
  75. split[0] = url.substr(2);
  76. }
  77. url = split.join('://');
  78. if (url === '') {
  79. return false;
  80. }
  81. split = url.split('/');
  82. url = split.shift();
  83. if (url === '' && !options.require_host) {
  84. return true;
  85. }
  86. split = url.split('@');
  87. if (split.length > 1) {
  88. if (options.disallow_auth) {
  89. return false;
  90. }
  91. if (split[0] === '' || split[0].substr(0, 1) === ':') {
  92. return false;
  93. }
  94. auth = split.shift();
  95. if (auth.indexOf(':') >= 0 && auth.split(':').length > 2) {
  96. return false;
  97. }
  98. }
  99. hostname = split.join('@');
  100. port_str = null;
  101. ipv6 = null;
  102. var ipv6_match = hostname.match(wrapped_ipv6);
  103. if (ipv6_match) {
  104. host = '';
  105. ipv6 = ipv6_match[1];
  106. port_str = ipv6_match[2] || null;
  107. } else {
  108. split = hostname.split(':');
  109. host = split.shift();
  110. if (split.length) {
  111. port_str = split.join(':');
  112. }
  113. }
  114. if (port_str !== null) {
  115. port = parseInt(port_str, 10);
  116. if (!/^[0-9]+$/.test(port_str) || port <= 0 || port > 65535) {
  117. return false;
  118. }
  119. } else if (options.require_port) {
  120. return false;
  121. }
  122. if (!(0, _isIP.default)(host) && !(0, _isFQDN.default)(host, options) && (!ipv6 || !(0, _isIP.default)(ipv6, 6))) {
  123. return false;
  124. }
  125. host = host || ipv6;
  126. if (options.host_whitelist && !checkHost(host, options.host_whitelist)) {
  127. return false;
  128. }
  129. if (options.host_blacklist && checkHost(host, options.host_blacklist)) {
  130. return false;
  131. }
  132. return true;
  133. }
  134. module.exports = exports.default;
  135. module.exports.default = exports.default;