[
https://issues.apache.org/jira/browse/MSHARED-609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15807909#comment-15807909
]
Jan Schultze commented on MSHARED-609:
--------------------------------------
I would like to point out, that the ??bad setup?? is a bad *network setup* and
has nothing to do with the Maven setup. In most organizations developers cannot
change the network setup and they might be forced (as my team is) to use a URL
ending in {{.local}} if such a setup is in place. Disallowing this does not
encourage network operators to do anything as they do not consult the Maven
source code for best practices in networking. However, it effectively
discourages some from using Maven sites as the behavior of rendering "invalid"
urls instead of linking to them appears as bug and makes the sites cumbersome
to use. I consider this to be a seriously bad trade-off.
If for some reason maven users should truly be discouraged from using URLs
ending in {{.local}} as a {{project.url}}, than Maven should warn about such
usage while building projects and not when a dependent project builds its site.
{quote}
It accepts ports > 16-bit unsigned integer
{quote}
Actually it does not even accept ports greater than 59999. But that is only me
and my unit tests - do you have an example URL?
{quote}
You always have to update with the newest pattern in Commons Validator
{quote}
I do not understand what you mean by pattern. The Regexps describing the valid
authority? I consider the rules for hostnames, ports etc. as very stable
(though not immutable).
{quote}
Local hostnames (unqualified) can be validated by passing an option/flag to the
validator.
{quote}
Already in place:
{code:java}
new UrlValidator( SCHEMES, authorityValidator, UrlValidator.ALLOW_LOCAL_URLS );
{code}
> Partially revert MSHARED-429
> ----------------------------
>
> Key: MSHARED-609
> URL: https://issues.apache.org/jira/browse/MSHARED-609
> Project: Maven Shared Components
> Issue Type: Task
> Components: maven-reporting-impl
> Affects Versions: maven-reporting-impl 2.4
> Reporter: Michael Osipov
> Assignee: Michael Osipov
> Fix For: maven-reporting-impl 3.0
>
>
> MSHARED-429 introduced handling of hostnames endling with {{.local}} though
> they are invalid in the way they are used.
> Copied from the ticket:
> I'd seriously like to revert this partially for 3.0:
> * Your DNS setup is simply broken. {{.local}} is a reserved TLD for mDNS
> resolution. This is not meant to be used in private networks. Doing so breaks
> Avahi on Linux/FreeBSD, Bonjour on macOS and everything else using zeroconf.
> You should register a domain name and use subdomains on your private network
> (https://de.wikipedia.org/wiki/Zeroconf#Multicast_DNS).
> * It accepts ports > 16-bit unsigned integer
> * You always have to update with the newest pattern in Commons Validator
> Local hostnames (unqualified) can be validated by passing an option/flag to
> the validator. The rest of the patch, missing TLDs, etc. are already in
> Commons Validator 1.5.1.
> We should not encourage bad setups.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
