polr icon indicating copy to clipboard operation
polr copied to clipboard

Published 20 hours ago verified publisher icon cydrobolt

Prevent reserved url endings like /admin

Open DBX12 opened this issue 5 years ago • 3 comments

Expected Behavior

I expect Polr to prevent creation of reserved url endings like /admin or /login so the created URL will always be redirected to the target page.

Current Behavior

Currently, Polr directs me to the login page instead of the target page. The creator of the link is not informed about that issue.

Possible Solution

Showing a bark (notification window top right) telling the user /admin could not be taken as link ending

Steps to Reproduce (for bugs)

  1. Create short url to example.org with custom ending admin
  2. Open an incognito window
  3. Open newly created link
  4. See login window of polr instead of example.org

Context

This may confuse users (however, creating a link with the ending admin or login is stupid but probably someone will do it anyways)

Your Environment

  • Version or latest commit hash (git rev-parse HEAD): 2.2.0
  • Environment name and version (e.g. Chrome 39, PHP 7.0, etc): PHP 7.x (not sure)
  • Instance link (optional):

DBX12 avatar Apr 15 '19 12:04 DBX12

To the list you can add all of the public directory :

/js /css /img

Which leads to content forbidden.

gabrielstuff avatar Jun 03 '19 20:06 gabrielstuff

I'm looking into this and will submit a PR soon.

DBX12 avatar Oct 01 '19 05:10 DBX12

Oh great news !

gabrielstuff avatar Oct 01 '19 07:10 gabrielstuff