validate host value

Author: mtmail

lib/opencage/geocoder.rb

@@ -3,6 +3,7 @@
 require 'opencage/error'
 require 'opencage/version'
 require 'open-uri'
+require 'net/http'
 require 'json'
 
 module OpenCage
@@ -20,12 +21,12 @@ def geocode(location, options = {})
       begin
         results = fetch(request.to_s)
       rescue Errno::ECONNREFUSED
-        raise_error("408 Failed to open TCP connection to API #{request}")
+        raise_error("408 Failed to open TCP connection to API #{redact_url(request)}")
       rescue Errno::ECONNRESET
         # Connection reset by peer - SSL_connect
-        raise_error("408 Failed to open SSL connection to API #{request}")
+        raise_error("408 Failed to open SSL connection to API #{redact_url(request)}")
       rescue Net::OpenTimeout
-        raise_error("408 Timeout connecting to API #{request}")
+        raise_error("408 Timeout connecting to API #{redact_url(request)}")
       end
 
       return [] unless results
@@ -53,7 +54,7 @@ def reverse_geocode(lat, lng, options = {})
     def fetch(url)
       JSON.parse(URI(url).open(headers).read)['results']
     rescue OpenURI::HTTPError => e
-      raise_error(e)
+      raise_error(e.io.status.join(' '))
     end
 
     def headers
@@ -66,6 +67,10 @@ def raise_error(error)
       raise klass.new(message: String(error), code: code.to_i)
     end
 
+    def redact_url(request)
+      request.to_s.gsub(/key=([^&]{6})[^&]*/, 'key=\1...[REDACTED]')
+    end
+
     def to_float(coord)
       Float(coord)
     rescue ArgumentError

lib/opencage/geocoder/request.rb

@@ -1,11 +1,26 @@
 module OpenCage
   class Geocoder
     class Request
+      LOCALHOST_HOSTS = %w[localhost 127.0.0.1 0.0.0.0 ::1 [::1]].freeze
+
       def initialize(api_key, query, options = {})
         @host = options.fetch(:host, 'api.opencagedata.com')
+        validate_host!(@host)
         @params = options.merge(key: api_key, q: query)
       end
 
+      private
+
+      def validate_host!(host)
+        hostname = host.to_s.downcase.gsub(/(?<=\w):\d+\z/, '')
+        return if hostname.end_with?('.opencagedata.com')
+        return if LOCALHOST_HOSTS.include?(hostname)
+
+        raise ArgumentError, "Invalid host: #{host}. Must be a subdomain of opencagedata.com or localhost."
+      end
+
+      public
+
       def url
         uri = URI::HTTPS.build(host: @host, path: '/geocode/v1/json')
         uri.query = URI.encode_www_form(@params)

spec/open_cage/geocoder/request_spec.rb

@@ -10,4 +10,34 @@
   it 'forward' do
     expect(described_class.new(api_key, 'New York').to_s).to eql('https://api.opencagedata.com/geocode/v1/json?key=1111222233334444&q=New+York')
   end
+
+  describe 'host validation' do
+    valid = %w[
+      api.opencagedata.com
+      api2.opencagedata.com
+      localhost
+      localhost:3000
+      127.0.0.1
+      127.0.0.1:8080
+      0.0.0.0
+      0.0.0.0:443
+      ::1
+    ]
+    valid.each do |host|
+      it "allows #{host}" do
+        expect { described_class.new(api_key, 'q', host: host) }.not_to raise_error
+      end
+    end
+
+    invalid = %w[
+      example.com
+      opencagedata.com.example.com
+      notopencagedata.com
+    ]
+    invalid.each do |host|
+      it "rejects #{host}" do
+        expect { described_class.new(api_key, 'q', host: host) }.to raise_error(ArgumentError, /Invalid host/)
+      end
+    end
+  end
 end

spec/open_cage/geocoder_spec.rb

@@ -102,6 +102,15 @@ def geo
     end
   end
 
+  describe '#redact_url' do
+    it 'keeps only the first 6 characters of the API key' do
+      url = 'https://api.opencagedata.com/geocode/v1/json?key=abcdef1234567890&q=London'
+      expect(geo.send(:redact_url, url)).to eql(
+        'https://api.opencagedata.com/geocode/v1/json?key=abcdef...[REDACTED]&q=London'
+      )
+    end
+  end
+
   describe 'user agent' do
     before do
       stub_request(:get, /api\.opencagedata\.com/)