fix: restrict domain names to alphanumeric characters (#4104)

* fix: restrict domain names to alphanumeric characters * improve error message
2025-08-12 00:07:36 +00:00 · 2022-08-03 09:25:25 +02:00
parent b4d948cc75
commit 6b30be77e6
6 changed files with 57 additions and 0 deletions
--- a/internal/command/instance_domain.go
+++ b/internal/command/instance_domain.go
@@ -2,6 +2,7 @@ package command

 import (
 	"context"
+	"regexp"
 	"strings"

 	"github.com/zitadel/zitadel/internal/api/authz"
@@ -14,6 +15,10 @@ import (
 	"github.com/zitadel/zitadel/internal/repository/project"
 )

+var (
+	allowDomainRunes = regexp.MustCompile("^[a-zA-Z0-9\\.\\-]+$")
+)
+
 func (c *Commands) AddInstanceDomain(ctx context.Context, instanceDomain string) (*domain.ObjectDetails, error) {
 	instanceAgg := instance.NewAggregate(authz.GetInstance(ctx).InstanceID())
 	validation := c.addInstanceDomain(instanceAgg, instanceDomain, false)
@@ -84,6 +89,9 @@ func (c *Commands) addInstanceDomain(a *instance.Aggregate, instanceDomain strin
 		if instanceDomain = strings.TrimSpace(instanceDomain); instanceDomain == "" {
 			return nil, errors.ThrowInvalidArgument(nil, "INST-28nlD", "Errors.Invalid.Argument")
 		}
+		if !allowDomainRunes.MatchString(instanceDomain) {
+			return nil, errors.ThrowInvalidArgument(nil, "INST-S3v3w", "Errors.Instance.Domain.InvalidCharacter")
+		}
 		return func(ctx context.Context, filter preparation.FilterToQueryReducer) ([]eventstore.Command, error) {
 			domainWriteModel, err := getInstanceDomainWriteModel(ctx, filter, instanceDomain)
 			if err != nil {
--- a/internal/command/instance_domain_test.go
+++ b/internal/command/instance_domain_test.go
@@ -52,6 +52,51 @@ func TestCommandSide_AddInstanceDomain(t *testing.T) {
 				err: caos_errs.IsErrorInvalidArgument,
 			},
 		},
+		{
+			name: "invalid domain ', error",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+				),
+			},
+			args: args{
+				ctx:    context.Background(),
+				domain: "hodor's-org.localhost",
+			},
+			res: res{
+				err: caos_errs.IsErrorInvalidArgument,
+			},
+		},
+		{
+			name: "invalid domain umlaut, error",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+				),
+			},
+			args: args{
+				ctx:    context.Background(),
+				domain: "bücher.ch",
+			},
+			res: res{
+				err: caos_errs.IsErrorInvalidArgument,
+			},
+		},
+		{
+			name: "invalid domain other unicode, error",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+				),
+			},
+			args: args{
+				ctx:    context.Background(),
+				domain: "🦒.ch",
+			},
+			res: res{
+				err: caos_errs.IsErrorInvalidArgument,
+			},
+		},
 		{
 			name: "domain already exists, precondition error",
 			fields: fields{