MCPcopy Index your code
hub / github.com/github/spec-kit / _is_valid_host_pattern

Function _is_valid_host_pattern

src/specify_cli/authentication/config.py:39–53  ·  view source on GitHub ↗

Return True for safe host patterns: exact hostnames or ``*.suffix`` only. Rejects patterns like ``*github.com`` (which would match ``github.com.evil.com``) or multi-wildcard forms. Only these two forms are accepted: * ``example.com`` — exact hostname * ``*.example.co

(pattern: str)

Source from the content-addressed store, hash-verified

37
38
39def _is_valid_host_pattern(pattern: str) -> bool:
40 """Return True for safe host patterns: exact hostnames or ``*.suffix`` only.
41
42 Rejects patterns like ``*github.com`` (which would match
43 ``github.com.evil.com``) or multi-wildcard forms. Only these two
44 forms are accepted:
45
46 * ``example.com`` — exact hostname
47 * ``*.example.com`` — leading ``*.`` wildcard; matches subdomains
48 such as ``myorg.example.com`` but not ``example.com`` itself
49 """
50 if "*" not in pattern:
51 return True # exact hostname — already validated as non-empty
52 # Only *.suffix is allowed; no other wildcard positions
53 return pattern.startswith("*.") and "*" not in pattern[2:]
54
55
56def load_auth_config(

Callers 1

load_auth_configFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected