Validate domain names created by administrators
Open, NormalPublic


I noticed that there is no validation for a Domain name created by an administrator.

I think this is not an actual problem because the system administrator is trusted and I see that the path name is validated before every usage but... anyway It should be better to apply some validations. Isn't it?

I think about PHP's FILTER_VALIDATE_DOMAIN and/or your function require_safe_dirname that I see defined in include/functions.php

Event Timeline

marco.set created this task.
marco.set created this object in space S1 Public.
marco.set updated the task description. (Show Details)