Details
-
Type:
Improvement
-
Status:
Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 1.5.0
-
Fix Version/s: None
-
Component/s: Zend_Uri
-
Labels:
Description
Zend_Uri_Http::validateHost
public function validateHost($host = null) { if ($host === null) { $host = $this->_host; } /** * If the host is empty, then it is considered invalid */ if (strlen($host) == 0) { return false; } /** * Check the host against the allowed values; delegated to Zend_Filter. */ $validate = new Zend_Validate_Hostname(Zend_Validate_Hostname::ALLOW_ALL); return $validate->isValid($host); }
I see two problems here:
1) Zend_Uri_Http::validateHost currently defaults to ALLOW_ALL when validating the hostname. This is inconsistent with other sections of code (Zend_Validate_EmailAddress, Zend_Validate_Hostname) which default to ALLOW_DNS (the expected behavior based on the documentation for Zend_Validate_Hostname).
2) There is currently no way to override this flag in the validateHost function.
Please categorize/fix as needed.