bytesbay / web3-token

Web3 Token is a new way to authenticate users in a hybrid dApps using signed messages. Implementation of EIP-4361.

381 stars 51 forks source link

Invalid `domain` although it should be valid #33

Closed Drarig29 closed 2 years ago

Drarig29 commented 2 years ago

Your regex doesn't handle longer domain names like AWS can give.

https://github.com/bytesbay/web3-token/blob/d33a0b52e8d79014980045188bed0f1d47e49b17/src/lib/sign/sign.js#L5

For instance, the domain example.s3-website.us-east-1.amazonaws.com isn't considered valid although this is something which is perfectly possible in the real world.

I suggest you should use a package for this validation instead: https://www.npmjs.com/package/is-valid-domain for instance.

bytesbay commented 2 years ago

Fixed in #36

Drarig29 commented 2 years ago

Nope, it's not fixed in #36, this is a different problem! :sweat_smile:

36 is about validating URL and this one is about validating the domain. I can fix the conflict if you want.

bytesbay commented 2 years ago

@Drarig29 Oh, yep please 😅