1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
<?php
/*
** Zabbix
** Copyright (C) 2001-2021 Zabbix SIA
**
** This program is free software; you can redistribute it and/or modify
** it under the terms of the GNU General Public License as published by
** the Free Software Foundation; either version 2 of the License, or
** (at your option) any later version.
**
** This program is distributed in the hope that it will be useful,
** but WITHOUT ANY WARRANTY; without even the implied warranty of
** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
** GNU General Public License for more details.
**
** You should have received a copy of the GNU General Public License
** along with this program; if not, write to the Free Software
** Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
**/
class CHtmlUrlValidator {
/**
* URL is validated if schema validation is enabled (see VALIDATE_URI_SCHEMES).
*
* Relative URL should start with .php file name.
* Absolute URL schema must match schemes mentioned in ZBX_URL_VALID_SCHEMES comma separated list.
*
* @static
*
* @param string $url URL string to validate.
* @param array $options
* @param bool $options[allow_user_macro] If set to be true, URLs containing user macros will be considered
* as valid.
* @param int $options[allow_inventory_macro] Enables the usage of trigger/host inventory macros:
* - {INVENTORY.URL.A<1-9>}, {INVENTORY.URL.B<1-9>} and
* {INVENTORY.URL.C<1-9>} if set to INVENTORY_URL_MACRO_TRIGGER;
* - {INVENTORY.URL.A}, {INVENTORY.URL.B} and {INVENTORY.URL.C} if
* set to INVENTORY_URL_MACRO_HOST;
* @param bool $options[allow_event_tags_macro] If set to be true, URLs containing {EVENT.TAGS.<ref>} macros will
* be considered as valid.
* @param bool $options[validate_uri_schemes] Parameter allows to overwrite global switch VALIDATE_URI_SCHEMES
* for specific uses.
*
* @return bool
*/
public static function validate($url, array $options = []) {
$options += [
'allow_user_macro' => true,
'allow_event_tags_macro' => false,
'allow_inventory_macro' => INVENTORY_URL_MACRO_NONE,
'validate_uri_schemes' => VALIDATE_URI_SCHEMES
];
if ($options['validate_uri_schemes'] === false) {
return true;
}
if ($options['allow_inventory_macro'] != INVENTORY_URL_MACRO_NONE) {
$macro_parser = new CMacroParser(['{INVENTORY.URL.A}', '{INVENTORY.URL.B}', '{INVENTORY.URL.C}'], [
'ref_type' => ($options['allow_inventory_macro'] == INVENTORY_URL_MACRO_TRIGGER)
? CMacroParser::REFERENCE_NUMERIC
: CMacroParser::REFERENCE_NONE
]);
// Macros allowed only at the beginning of $url.
if ($macro_parser->parse($url, 0) != CParser::PARSE_FAIL) {
return true;
}
}
if ($options['allow_event_tags_macro'] === true) {
$macro_parser = new CMacroParser(['{EVENT.TAGS}'], ['ref_type' => CMacroParser::REFERENCE_ALPHANUMERIC]);
for ($pos = strpos($url, '{'); $pos !== false; $pos = strpos($url, '{', $pos + 1)) {
if ($macro_parser->parse($url, $pos) != CParser::PARSE_FAIL) {
return true;
}
}
}
if ($options['allow_user_macro'] === true) {
$user_macro_parser = new CUserMacroParser();
for ($pos = strpos($url, '{'); $pos !== false; $pos = strpos($url, '{', $pos + 1)) {
if ($user_macro_parser->parse($url, $pos) != CParser::PARSE_FAIL) {
return true;
}
}
}
$url_parts = parse_url($url);
if (!$url_parts) {
return false;
}
if (array_key_exists('scheme', $url_parts)) {
if (!in_array(strtolower($url_parts['scheme']), explode(',', strtolower(ZBX_URI_VALID_SCHEMES)))) {
return false;
}
if (array_key_exists('host', $url_parts)) {
return true;
}
else {
return (array_key_exists('path', $url_parts) && $url_parts['path'] !== '/');
}
}
else {
return (array_key_exists('path', $url_parts) && $url_parts['path'] !== '');
}
}
}
|
