commit 00058aa09499c40f2fb99580dd1fe82397da1c2c
parent aac16cd06101417eeeae16088d240ae1f58f08c7
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 23 Jun 2024 09:44:25 +0200
allow host names with underscores, allow more characters from URLs (#8965)
Diffstat:
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/util/payto.c b/src/util/payto.c
@@ -293,6 +293,7 @@ validate_payto_xtalerbank (const char *account_url)
else
{
if (! ( ('-' == c) ||
+ ('_' == c) ||
( ('0' <= c) && ('9' >= c) ) ||
( ('a' <= c) && ('z' >= c) ) ||
( ('A' <= c) && ('Z' >= c) ) ) )
@@ -342,7 +343,7 @@ TALER_payto_validate (const char *payto_uri)
/* This is more strict than RFC 8905, alas we do not need to support messages/instructions/etc.,
and it is generally better to start with a narrow whitelist; we can be more permissive later ...*/
#define ALLOWED_CHARACTERS \
- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/:&?-_.,=+%~"
+ "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789/:$&?!-_.,;=*+%~@()[]"
if (NULL == strchr (ALLOWED_CHARACTERS,
(int) payto_uri[i]))
{
diff --git a/src/util/test_payto.c b/src/util/test_payto.c
@@ -60,6 +60,9 @@ main (int argc,
"payto://x-taler-bank/hostname/~path/username?receiver-name=fo/o");
GNUNET_assert (NULL == r);
r = TALER_payto_validate (
+ "payto://x-taler-bank/host_name/~path/username?receiver-name=fo_o");
+ GNUNET_assert (NULL == r);
+ r = TALER_payto_validate (
"payto://x-taler-bank/hostname/path/username?receiver-name=foo");
GNUNET_assert (NULL == r);
r = TALER_payto_validate (
