security::secure_hostname_p (public)

 security::secure_hostname_p host

Defined in packages/acs-tcl/tcl/security-procs.tcl

Check, if the content of host is a "secure" value, which means, it is either white-listed or belongs to a non-public IP address, such it cannot harm in redirect operations.

Parameters:
host (required)
Returns:
boolean value

Partial Call Graph (max 5 caller/called nodes):
%3 security::validated_host_header security::validated_host_header (public) security::secure_hostname_p security::secure_hostname_p security::validated_host_header->security::secure_hostname_p acs::icanuse acs::icanuse (public) security::secure_hostname_p->acs::icanuse ad_log ad_log (public) security::secure_hostname_p->ad_log

Testcases:
No testcase defined.
Source code:
    #
    # If the host has an non-public IP address (such as
    # e.g. "localhost") it is regarded as "secure". The first test is
    # the most simple case, working for all versions of NaviServer or
    # AOLserver.
    #
    if {$host in {localhost 127.0.0.1 ::1}} {
        return 1
    }

    set validationOk 0
    if {[acs::icanuse "ns_ip"]} {
        #
        # Check, if the address is not public. It resolves the
        # $hostName and checks the properties of the first IP address
        # returned.
        #
        try {
            ns_addrbyhost $host
        } on ok {result} {
            set validationOk [expr {![ns_ip public $result]}]
        } on error {errorMsg} {
            ad_log warning "provided value in host header field '$host' could not be resolved"
        }
    }

    return 0
Generic XQL file:
packages/acs-tcl/tcl/security-procs.xql

PostgreSQL XQL file:
packages/acs-tcl/tcl/security-procs-postgresql.xql

Oracle XQL file:
packages/acs-tcl/tcl/security-procs-oracle.xql

[ hide source ] | [ make this the default ]
Show another procedure: