Caperious
commented
2 hours ago A quick solution for this issue would be to also validate the second part of a domain regex. A proper solution would probably be, to properly validate the domains and subdomains.
Non working regex
/^(?!-)(?!.*--)[A-Za-z0-9-]{1,63}(?<!-)\.?([A-Za-z]{2,63}\.?)*[A-Za-z]{2,63}$/
Working regex
/^(?!-)(?!.*--)[A-Za-z0-9-]{1,63}(?<!-)\.?([A-Za-z0-9-]{2,63}\.?)*[A-Za-z]{2,63}$/
Description:
When setting a user avatar via url the api responds with status 400, with the error type
error-avatar-invalid-url.After investigation i have figured out this happens because of the regex in the function isValidDomain, as the regex consideres a combination of subdomain and a domain with a hypen as invalid
An example of url that is deemed invalid: https://www.american-giant.com/cdn/shop/t/788/assets/loading.svg
This would be considered valid https://american-giant.com/cdn/shop/t/788/assets/loading.svg https://www.americangiant.com/cdn/shop/t/788/assets/loading.svg
Expected behavior:
The expected behaviour is that the example url provided is considered valid.
Actual behavior:
The example url provided is conidered as an invalid url.
Server Setup Information: