isURL.js 3.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162
  1. import assertString from './util/assertString';
  2. import isFQDN from './isFQDN';
  3. import isIP from './isIP';
  4. import merge from './util/merge';
  5. /*
  6. options for isURL method
  7. require_protocol - if set as true isURL will return false if protocol is not present in the URL
  8. require_valid_protocol - isURL will check if the URL's protocol is present in the protocols option
  9. protocols - valid protocols can be modified with this option
  10. require_host - if set as false isURL will not check if host is present in the URL
  11. require_port - if set as true isURL will check if port is present in the URL
  12. allow_protocol_relative_urls - if set as true protocol relative URLs will be allowed
  13. validate_length - if set as false isURL will skip string length validation (IE maximum is 2083)
  14. */
  15. var default_url_options = {
  16. protocols: ['http', 'https', 'ftp'],
  17. require_tld: true,
  18. require_protocol: false,
  19. require_host: true,
  20. require_port: false,
  21. require_valid_protocol: true,
  22. allow_underscores: false,
  23. allow_trailing_dot: false,
  24. allow_protocol_relative_urls: false,
  25. validate_length: true
  26. };
  27. var wrapped_ipv6 = /^\[([^\]]+)\](?::([0-9]+))?$/;
  28. function isRegExp(obj) {
  29. return Object.prototype.toString.call(obj) === '[object RegExp]';
  30. }
  31. function checkHost(host, matches) {
  32. for (var i = 0; i < matches.length; i++) {
  33. var match = matches[i];
  34. if (host === match || isRegExp(match) && match.test(host)) {
  35. return true;
  36. }
  37. }
  38. return false;
  39. }
  40. export default function isURL(url, options) {
  41. assertString(url);
  42. if (!url || /[\s<>]/.test(url)) {
  43. return false;
  44. }
  45. if (url.indexOf('mailto:') === 0) {
  46. return false;
  47. }
  48. options = merge(options, default_url_options);
  49. if (options.validate_length && url.length >= 2083) {
  50. return false;
  51. }
  52. var protocol, auth, host, hostname, port, port_str, split, ipv6;
  53. split = url.split('#');
  54. url = split.shift();
  55. split = url.split('?');
  56. url = split.shift();
  57. split = url.split('://');
  58. if (split.length > 1) {
  59. protocol = split.shift().toLowerCase();
  60. if (options.require_valid_protocol && options.protocols.indexOf(protocol) === -1) {
  61. return false;
  62. }
  63. } else if (options.require_protocol) {
  64. return false;
  65. } else if (url.substr(0, 2) === '//') {
  66. if (!options.allow_protocol_relative_urls) {
  67. return false;
  68. }
  69. split[0] = url.substr(2);
  70. }
  71. url = split.join('://');
  72. if (url === '') {
  73. return false;
  74. }
  75. split = url.split('/');
  76. url = split.shift();
  77. if (url === '' && !options.require_host) {
  78. return true;
  79. }
  80. split = url.split('@');
  81. if (split.length > 1) {
  82. if (options.disallow_auth) {
  83. return false;
  84. }
  85. if (split[0] === '' || split[0].substr(0, 1) === ':') {
  86. return false;
  87. }
  88. auth = split.shift();
  89. if (auth.indexOf(':') >= 0 && auth.split(':').length > 2) {
  90. return false;
  91. }
  92. }
  93. hostname = split.join('@');
  94. port_str = null;
  95. ipv6 = null;
  96. var ipv6_match = hostname.match(wrapped_ipv6);
  97. if (ipv6_match) {
  98. host = '';
  99. ipv6 = ipv6_match[1];
  100. port_str = ipv6_match[2] || null;
  101. } else {
  102. split = hostname.split(':');
  103. host = split.shift();
  104. if (split.length) {
  105. port_str = split.join(':');
  106. }
  107. }
  108. if (port_str !== null) {
  109. port = parseInt(port_str, 10);
  110. if (!/^[0-9]+$/.test(port_str) || port <= 0 || port > 65535) {
  111. return false;
  112. }
  113. } else if (options.require_port) {
  114. return false;
  115. }
  116. if (!isIP(host) && !isFQDN(host, options) && (!ipv6 || !isIP(ipv6, 6))) {
  117. return false;
  118. }
  119. host = host || ipv6;
  120. if (options.host_whitelist && !checkHost(host, options.host_whitelist)) {
  121. return false;
  122. }
  123. if (options.host_blacklist && checkHost(host, options.host_blacklist)) {
  124. return false;
  125. }
  126. return true;
  127. }