Bug #1801
RemoteAccess/HttpdAdmin UI module does not authorize 0.0.0.0/0.0.0.0 address
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Low | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-httpd-admin | |||
Target version: | v6.4-beta1 | |||
Security class: | Resolution: | |||
Affected version: | v6.4-alpha2 | NEEDINFO: |
Description
- IPAddress 0.0.0.0
- Netmask 0.0.0.0
does not validate input data.
Associated revisions
Validator.php: relax validator for ip and netmask, accept value 0.0.0.0. Refs #1801
ValidatorTest: fixed ipV4Address test. Refs #1801
History
#1 Updated by Filippo Carletti over 8 years ago
See RFC1519 for reference.
While the syntax 0.0.0.0/0.0.0.0 is valid and correct, the CIDR notation would be 0.0.0.0/0.
I think we must accept both formats, but try to prefer CIDR notations (i.e. ne.tw.or.k/bits).
#2 Updated by Davide Principi over 8 years ago
Currently we have two input fields, the first for IP, the second for the netmask, so both forms (CIDR, IP/Netmask) are not accepted. Do you think it's better to merge the two fields into one?
If we accept both CIDR and IP/Netmask syntaxes as input, we need to display and keep a normalized form into DB. Which one?
#3 Updated by Filippo Carletti over 8 years ago
Do you think it's better to merge the two fields into one?
Probably no, typical UIs have two fields: ip and mask.
If we accept both CIDR and IP/Netmask syntaxes as input, we need to display and keep a normalized form into DB. Which one?
I have no preferences. If we think of the ACl as one item, i'd say a form with one variable.
#4 Updated by Davide Principi over 8 years ago
- Priority changed from Normal to Low
#5 Updated by Giacomo Sanchietti over 8 years ago
- Assignee set to Giacomo Sanchietti
#6 Updated by Giacomo Sanchietti over 8 years ago
- Status changed from NEW to MODIFIED
- % Done changed from 0 to 100
Changed ip and netmask validators to accept 0.0.0.0.
#7 Updated by Davide Principi about 8 years ago
- Status changed from MODIFIED to CLOSED