Reject schemes other than gemini:// in NewRequest

2020-10-27 21:18:05 -04:00 · 2020-10-27 21:18:05 -04:00 · b84811668c
commit b84811668c
parent 239ec885f7
3 changed files with 6 additions and 4 deletions
--- a/gemini.go
+++ b/gemini.go
@ -18,6 +18,7 @@ var (
 	ErrCertificateExpired    = errors.New("gemini: certificate expired")
 	ErrCertificateNotTrusted = errors.New("gemini: certificate is not trusted")
 	ErrNotAFile              = errors.New("gemini: not a file")
+	ErrNotAGeminiURL         = errors.New("gemini: not a Gemini URL")
 	ErrBodyNotAllowed        = errors.New("gemini: response status code does not allow for body")
 )

--- a/request.go
+++ b/request.go
@ -45,6 +45,9 @@ func NewRequest(rawurl string) (*Request, error) {
 // NewRequestFromURL returns a new request for the given URL.
 // The host is inferred from the URL.
 func NewRequestFromURL(url *url.URL) (*Request, error) {
+	if url.Scheme != "" && url.Scheme != "gemini" {
+		return nil, ErrNotAGeminiURL
+	}
 	host := url.Host
 	if url.Port() == "" {
 		host += ":1965"
--- a/status.go
+++ b/status.go
@ -29,10 +29,8 @@ func (s Status) Class() StatusClass {
 	return StatusClass(s / 10)
 }

-// StatusMessage returns the status message corresponding to the provided
-// status code.
-// StatusMessage returns an empty string for input, successs, and redirect
-// status codes.
+// Message returns a status message corresponding to this status code.
+// It returns an empty string for input, successs, and redirect status codes.
 func (s Status) Message() string {
 	switch s {
 	case StatusTemporaryFailure: