Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Is the isNeighborUri same as isUri in iota.js? #58

Open
peter279k opened this issue Aug 24, 2018 · 3 comments
Open

Is the isNeighborUri same as isUri in iota.js? #58

peter279k opened this issue Aug 24, 2018 · 3 comments
Assignees
@peter279k
Labels
enhancement

Comments

@peter279k
Copy link
Contributor

peter279k commented Aug 24, 2018
edited
Loading

As title. Considering the isUri function in iota.js. The valid examples are as follows:

*   udp://[2001:db8:a0b:12f0::1]:14265
*   udp://[2001:db8:a0b:12f0::1]
*   udp://8.8.8.8:14265
*   udp://domain.com
*   udp://domain2.com:14265

The isNeighborUri method in IOTA\Util\ValidatorUtil class. All of the valid uris are the neighbor uri.

It seems that they're different. For example, the isUri only supports the tcp or udp.

I want to know isNeighborUri is implemented correctly?
@Techworker
Copy link
Member

Well, we use filter_var($neighborUri, FILTER_VALIDATE_URL) and this will also, for instance, allow http://www.iota.org:12345 - so it's not the same.

The isUri implementation is much more detailed and restrictive.

Im not sure if we really need to check this in detail like the JS lib does, as the IRI API commands addNeighbors and removeNeighbors should return an error if the URI is really wrong and we could handles that.

I don't want to shift the responsibility of checking everything in detail prior sending it to the API to the client, this needs to be implemented in the server and the server should react accordingly and send an error that then can be handled by the client.

So from my point of view implementing this check in detail will add technical debt to the project, especially because of the monstrous regex they are using.

If we ever get to the point that we will create our own IRI implementation in PHP it will be useful, but I doubt this will happen (even though it would be really interesting!)

@peter279k
Copy link
Contributor Author

@Techworker, thank you for your explanation. I think I agree with you because we don't validate the url strictly. Just check whether the uri is the format.

I have little question. Using the FILTER_VALIDATE_URL to validate uri and the uri can accept the path, query and fragment.

I think we can check that and validate the uri only has the authority.

What do you think?

@Techworker
Copy link
Member

I don't see the immediate need but if you want to add this functionality, go for it. Won't hurt anyone to have this check :-)

@peter279k peter279k self-assigned this Aug 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@peter279k peter279k

Labels
enhancement
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Techworker @peter279k