-
Notifications
You must be signed in to change notification settings - Fork 333
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ENH Use symfony/validation logic #3009
base: 6
Are you sure you want to change the base?
ENH Use symfony/validation logic #3009
Conversation
fb6c993
to
53548d6
Compare
protected function onBeforeWrite() | ||
{ | ||
parent::onBeforeWrite(); | ||
|
||
if ($this->ExternalURL && substr($this->ExternalURL ?? '', 0, 2) !== '//') { | ||
$urlParts = parse_url($this->ExternalURL ?? ''); | ||
if ($urlParts) { | ||
if (empty($urlParts['scheme'])) { | ||
// no scheme, assume http | ||
$this->ExternalURL = 'http://' . $this->ExternalURL; | ||
} elseif (!in_array($urlParts['scheme'], [ | ||
'http', | ||
'https', | ||
])) { | ||
// we only allow http(s) urls | ||
$this->ExternalURL = ''; | ||
} | ||
} else { | ||
// malformed URL to reject | ||
$this->ExternalURL = ''; | ||
} | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No need to set false if it's invalid, because the URLField
validation won't allow an invalid value in the first place.
The trade off is we're not assuming http
by default anymore, users will have to add that themselves.
The URLField
validation has been updated to make it clear when that needs to be added.
public function getCMSFields() | ||
{ | ||
$this->beforeUpdateCMSFields(function (FieldList $fields) { | ||
// Remove all metadata fields, does not apply for redirector pages | ||
$fields->removeByName('Metadata'); | ||
$fields->dataFieldByName('ExternalURL')?->setAllowRelativeProtocol(true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As per the first condition in the now-removed onBeforeWrite()
.
@@ -171,35 +175,12 @@ public function syncLinkTracking() | |||
} | |||
} | |||
|
|||
protected function onBeforeWrite() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Need to keep this is as you can programatically save things without it going via a UrlField
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That felt very much like it was being done instead of validation. I feel like validating the value in the better option.
I can add the URL validation in the validate()
method for this class if you like? But I don't think it makes sense to alter the value that's being set, especially programatic values.
53548d6
to
9a7da82
Compare
9a7da82
to
5267cd4
Compare
Relies on changes in silverstripe/silverstripe-framework#11399
Issue
symfony/validator
for as much validation logic as we can throw at it. .github#193