Comments (4)
I see what you mean and agree that the names you mentioned seem harmless.
I'm sure part of the original motivation for some of these is to prevent spoofing. Let's say these sub-domains are used on a blog platform, where the site can be fully customized. A user could create a subdomain like ftp-downloads.prodvider.ext
and create an official looking website as the primary domain and go phishing.
Maybe instead of matching the whole string we matched on boundaries. So the mx
rule for example... maybe the pattern shouldn't start with or be prefixed by an underscore or dash?
/(^|-|_)mx[0-9]+/.test('www-mx1') // true
/(^|-|_)mx[0-9]+/.test('bmx1') // false
/(^|-|_)mx[0-9]+/.test('mx1') // true
Now I also see that the rules are using +
instead of *
for the number ranges. This should probably be updated:
/(^|-|_)ftp[0-9]+/.test('ftp') // false -- this should be true
/(^|-|_)ftp[0-9]*/.test('ftp') // true -- uses * instead
from reserved-subdomains.
Okay, that seems acceptable. Maybe the same boundary rule can be applied to the end too?
/(^|-|_)ftp[0-9]*($|-|_)/
Because with something like /(^|-|_)m[0-9]*/
any domain starting with m
would fail validation
from reserved-subdomains.
Sounds reasonable. Ideally a PR addressing these things would also introduce tests so expected behavior is kept in check. The changes we've discussed would technically be a breaking change (major version bump) even if the API doesn't change. But with that said, this might be a good time to review the API ergonomics/idioms, considering TypeScript, etc...
Thanks for getting involved in the project.
from reserved-subdomains.
Yes, I think a way to add names and patterns to the bundled list would be nice. Apart from that, I also noticed that auto-import did not work for me on vscode. I'm not sure why, maybe it doesn't work for certain kinds of exports? This needs to be investigated further.
from reserved-subdomains.
Related Issues (4)
- Separate by category? HOT 1
- Single-letter words? HOT 1
- Could we adjust this pattern? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reserved-subdomains.