Merge pull request #20 from sidthekidder/master

disallow uppercase domains, with test
2026-03-15 22:45:54 +00:00 · 2015-01-03 11:39:48 -05:00
parent 5046c360ba fa4802d488
commit 4b485fecda
2 changed files with 16 additions and 3 deletions
--- a/server.js
+++ b/server.js
@@ -197,8 +197,8 @@ module.exports = function(opt) {
        var req_id = req.param('req_id');
        // limit requested hostnames to 20 characters
-        if (! /^[A-Za-z0-9]{4,20}$/.test(req_id)) {
+        if (! /^[a-z0-9]{4,20}$/.test(req_id)) {
-            var err = new Error('Invalid subdomain. Subdomains must be between 4 and 20 alphanumeric characters.');
+            var err = new Error('Invalid subdomain. Subdomains must be lowercase and between 4 and 20 alphanumeric characters.');
            err.statusCode = 403;
            return next(err);
        }
--- a/test/basic.js
+++ b/test/basic.js
@@ -126,7 +126,20 @@ test('request domain that is too long', function(done) {
    localtunnel(test._fake_port, opt, function(err, tunnel) {
        assert(err);
-        assert.equal(err.message, 'Invalid subdomain. Subdomains must be between 4 and 20 alphanumeric characters.');
+        assert.equal(err.message, 'Invalid subdomain. Subdomains must be lowercase and between 4 and 20 alphanumeric characters.');
        done();
    });
 });
 test('request uppercase domain', function(done) {
    var opt = {
        host: 'http://localhost:' + lt_server_port,
        subdomain: 'ABCD'
    };
    localtunnel(test._fake_port, opt, function(err, tunnel) {
        assert(err);
        assert.equal(err.message, 'Invalid subdomain. Subdomains must be lowercase and between 4 and 20 alphanumeric characters.');
        done();
    });
 });