Skip to content

Feature: :url data type validation for restricting URIs to http schema #169

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
alexskr merged 3 commits into from
Aug 29, 2025
Merged

Feature: :url data type validation for restricting URIs to http schema #169

alexskr merged 3 commits into from
Aug 29, 2025

Conversation

@alexskr
Copy link
Member

@alexskr alexskr commented Aug 24, 2025
edited
Loading

Feature: add :url data type (restrict to HTTP/HTTPS)

What

  • Introduces :url validator that accepts only absolute HTTP/HTTPS URLs with a non-empty host.
  • Enforces a maximum length of 2048 characters (URLs longer than 2048 are rejected).
  • Leaves existing :uri semantics unchanged.

Why

:uri is intentionally broad (e.g., accepts mailto:…, file:///…, etc.).
Some attributes (e.g., pullLocation, documentation, publication) are rendered as links or used for remote fetches and should be limited to HTTP/HTTPS.

Scope

  • DataType#url? implementation (URI.parse, URI::HTTP, host present, length ≤ 2048).
  • enforce_type(:url) branch.
  • Enforce: dispatch :url to DataType.
  • Unit tests for scalar, list, mixed invalid, and shape (:list) cases.

Non-goals

Comprehensive SSRF protection (DNS/IP checks, private network blocking, allow/deny lists) — to be handled higher in the stack to keep core data validation lightweight.

see:

@alexskr
feat(validators): add :url data type to enforce http schema
6b56a44 
- Restrict URIs to HTTP/HTTPS
- Enforce max length to be less than 2048 chars
@codecov-commenter
Copy link

codecov-commenter commented Aug 24, 2025
edited
Loading

Codecov Report

❌ Patch coverage is 97.14286% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 87.73%. Comparing base (87a21a7) to head (ae14cb0).

Files with missing lines Patch % Lines
lib/goo/validators/implementations/data_type.rb 97.05% 1 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop     #169      +/-   ##
===========================================
+ Coverage    87.69%   87.73%   +0.04%     
===========================================
  Files           39       39              
  Lines         2739     2748       +9     
===========================================
+ Hits          2402     2411       +9     
  Misses         337      337
Flag Coverage Δ
unittests 87.73% <97.14%> (+0.04%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

alexskr added 2 commits August 24, 2025 16:50
@alexskr
cleanup: remove duplicate method
80be672
@alexskr
chore(lint): tidy DataType validator
ae14cb0 
- Prefer `is_a?` over `kind_of?` throughout.
- Rename predicate helpers: is_a_boolean?→boolean?, is_a_uri?→uri?, is_url?→url?
- Mark helper predicates as `private`.
- Remove unnecessary `self.` receivers in internal calls.
- Flatten control flow in `enforce_type` with guard clauses.
- Use `all?` instead of select/reject+empty? (short-circuit, fewer allocs).
- Replace `a || b` with `[:uri, RDF::URI].include?(type)` to satisfy Style/MultipleComparison.
- No functional changes; tests unchanged.
@alexskr alexskr requested a review from mdorf August 25, 2025 06:10
mdorf
mdorf reviewed Aug 25, 2025
View reviewed changes
Copy link
Member

@mdorf mdorf left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, @alexskr. I like the optimizations that you made to the existing code. Definitely improves readability, and possibly some efficiency as well.

@alexskr alexskr merged commit ca5f9d8 into develop Aug 29, 2025
8 checks passed
@alexskr alexskr mentioned this pull request Aug 29, 2025
Merged
@alexskr alexskr mentioned this pull request Oct 27, 2025
Merged
mdorf added a commit that referenced this pull request Jan 10, 2026
@mdorf
re-applied :url validator, #169
265e1e0
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mdorf mdorf mdorf left review comments

Assignees

No one assigned

Labels

enhancement

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@alexskr @codecov-commenter @mdorf