Hello.. I like a lot of what this module does, but I need to lock it down to only accept external web URLs. I know there is the 'filter_allowed_protocols' variable in the code, but this really goes beyond that. (As validate would currently just merge something like a mailto: into an internal URL if only http and https are allowed)

So what I'm proposing is giving Link a field option of "Allowed Link Types" option that would allow multiple selection from:

Frontpage
Internal Links
ftp
http
https
irc
mailto
news
nntp
sftp
ssh
telnet
webcal

With the default being everything enabled, as it is currently. I'm willing to work up the patch for this, but I wanted to make sure a) you'd be interested in it and b) that's the way you'd like to see it done. Otherwise it's obviously easier for me to just cook up my own validate :)

Any input would be great...

CommentFileSizeAuthor
#2 link-d6-proto-options-v2.patch7.58 KBMoonshine
#1 link-d6-proto-options-v1.patch7.53 KBMoonshine

Comments

Moonshine’s picture

Moonshine commented
StatusFileSize
new link-d6-proto-options-v1.patch7.53 KB

Well I just went a head and made a patch anyways, as I will need this functionality. :) So feel free to pick it apart if it's something you'd like to apply down the way. I'll post updates if things come up that I notice, but in my preliminary testing here all seems to work fine.

Along the way, and during testing, I did end up finding a few quirks in the current regex patterns which are updated in this patch also. Basically:

a) Modified "user" regex for email so that [ and ] aren't allowed per wikipedia
b) Modified "email_pattern" such that a "query" pattern at the end isn't required.
c) Modified "domain" to validate more correctly and more strictly, with no [ or ], and and actual domain name present.

A few little regex holes still remain like invalid two letter country codes, -'s allow at the end of some items, etc. But overall I *think it's more valid.

I can certainly walk through anything you're interested in re: the changes if this is of any interest. I'm on IRC also. Thanks.

Moonshine’s picture

Moonshine commented
StatusFileSize
new link-d6-proto-options-v2.patch7.58 KB

Opps.. little typo in the field defaults...

quicksketch’s picture

quicksketch
he/him
commented
Status: Active » Needs work

Thanks Moonshine! I've been wanting to see this for a long time! A few suggestions though:

- Don't make "Frontpage" separate from "Internal", as they're both processed the same.
- Make a full "External" checkbox that accepts any URL with a full protocol.
- Instead of assuming FTP, HTTP, etc. protocols, use variable_get('filter_allowed_protocols') and loop through all the protocols that are currently allowed.

dqd’s picture

dqd
Location London | N.Y.C | Paris | Hamburg | Berlin
commented
Assigned: Moonshine » Unassigned
Status: Needs work » Closed (duplicate)

o.O ... Jesus, how OLD is this issue ??!?

I tried to check where moonshine is around now but his latest commit on a Drupal project is 32 weeks ago so I don't know if there is any chance for reworking it with him. My idea: lets take his patch in a new issue with credits to his work and lets start a new task for 6.x-2.9 and 7.x-1.x. Maybe he joins us or others are willing to help. From my opinion, to have a checkbox group of choosing limited validations like this would be a very useful feature in link module, or maybe a better solution and more future-proof one would be an additional regex field with a simple on/off checkbox to individualize the validation.

For new issue and discussion please go here: #1318938: An all-embracing attempt for URL validation and Input / Output Form Filtering