From b30b066138ccad4286529a999dd28cc745e4310a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Michaud?= Date: Sun, 7 Jun 2020 17:47:02 +0200 Subject: [PATCH] [MISC] Validate domain set in session is not a wildcard domain. (#1092) --- internal/configuration/validator/session.go | 4 ++++ internal/configuration/validator/session_test.go | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/internal/configuration/validator/session.go b/internal/configuration/validator/session.go index 055423523..3fb8324e4 100644 --- a/internal/configuration/validator/session.go +++ b/internal/configuration/validator/session.go @@ -46,4 +46,8 @@ func ValidateSession(configuration *schema.SessionConfiguration, validator *sche if configuration.Domain == "" { validator.Push(errors.New("Set domain of the session object")) } + + if strings.Contains(configuration.Domain, "*") { + validator.Push(errors.New("The domain of the session must be the root domain you're protecting instead of a wildcard domain")) + } } diff --git a/internal/configuration/validator/session_test.go b/internal/configuration/validator/session_test.go index 0e5355143..a0c054cf9 100644 --- a/internal/configuration/validator/session_test.go +++ b/internal/configuration/validator/session_test.go @@ -121,6 +121,17 @@ func TestShouldRaiseErrorWhenDomainNotSet(t *testing.T) { assert.EqualError(t, validator.Errors()[0], "Set domain of the session object") } +func TestShouldRaiseErrorWhenDomainIsWildcard(t *testing.T) { + validator := schema.NewStructValidator() + config := newDefaultSessionConfig() + config.Domain = "*.example.com" + + ValidateSession(&config, validator) + + assert.Len(t, validator.Errors(), 1) + assert.EqualError(t, validator.Errors()[0], "The domain of the session must be the root domain you're protecting instead of a wildcard domain") +} + func TestShouldRaiseErrorWhenBadInactivityAndExpirationSet(t *testing.T) { validator := schema.NewStructValidator() config := newDefaultSessionConfig()