Uploaded image for project: 'EJBCA'
  1. EJBCA
  2. ECA-7889

Syntax check of domains in domain blacklists

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: EJBCA 7.0.1
    • Component/s: None
    • Labels:
      None
    • Provenance:
      Ordered by Customer
    • Sprint:
      EJBCA Team Bob - 2019 w6

      Description

      We should add syntax checking of domains in DomainBlacklistValidator.setDomainBlacklist() to prevent mistakes.

      Since customers might want to block malformed domains too, we shouldn't be too strict about it, but it is probably a good idea to check that only the characters a-zA-Z0-9._- are used in uploaded domains.

      This prevents several potential user errors:

      • Domains separated by space or comma, instead of placed on separate lines
      • Unicode domains that are not encoded as Punycode.
      • Wildcards or regexes. That is not supported.
      • Uploading binary files.

        Attachments

          Activity

            People

            • Assignee:
              samuel Samuel Lidén Borell
              Reporter:
              samuel Samuel Lidén Borell
              Verified by:
              Ulf Undmark
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 2 hours
                2h
                Remaining:
                Remaining Estimate - 0 minutes
                0m
                Logged:
                Time Spent - 2 hours
                2h