NAME¶
Data::Validate::URI - common url validation methods
SYNOPSIS¶
use Data::Validate::URI qw(is_uri);
if(is_uri($suspect)){
print "Looks like an URI\n";
} else {
print "Not a URI\n";
}
# or as an object
my $v = Data::Validate::URI->new();
die "not a URI" unless ($v->is_uri('foo'));
DESCRIPTION¶
This module collects common URI validation routines to make input validation,
and untainting easier and more readable.
All functions return an untainted value if the test passes, and undef if it
fails. This means that you should always check for a defined status
explicitly. Don't assume the return will be true.
The value to test is always the first (and often only) argument.
There are a number of other URI validation modules out there as well (see
below.) This one focuses on being fast, lightweight, and relatively
'real-world'. i.e. it's good if you want to check user input, and don't need
to parse out the URI/URL into chunks.
Right now the module focuses on HTTP URIs, since they're arguably the most
common. If you have a specialized scheme you'd like to have supported, let me
know.
FUNCTIONS¶
- new - constructor for OO usage
-
new();
- Description
- Returns a Data::Validator::URI object. This lets you access all the
validator function calls as methods without importing them into your
namespace or using the clumsy Data::Validate::URI::function_name()
format.
- Arguments
- None
- Returns
- Returns a Data::Validate::URI object
- is_uri - is the value a well-formed uri?
-
is_uri($value);
- Description
- Returns the untainted URI if the test value appears to be well-formed.
Note that you may really want one of the more practical methods like
is_http_uri or is_https_uri, since the URI standard (RFC 3986) allows a
lot of things you probably don't want.
- Arguments
- $value
- The potential URI to test.
- Returns
- Returns the untainted URI on success, undef on failure.
- Notes, Exceptions, & Bugs
- This function does not make any attempt to check whether the URI is
accessible or 'makes sense' in any meaningful way. It just checks that it
is formatted correctly.
- is_http_uri - is the value a well-formed HTTP uri?
-
is_http_uri($value);
- Description
- Specialized version of is_uri() that only likes http:// urls. As a
result, it can also do a much more thorough job validating. Also, unlike
is_uri() it is more concerned with only allowing real-world URIs
through. Things like relative hostnames are allowed by the standards, but
probably aren't wise. Conversely, null paths aren't allowed per RFC 2616
(should be '/' instead), but are allowed by this function.
This function only works for fully-qualified URIs. /bob.html won't work. See
RFC 3986 for the appropriate method to turn a relative URI into an
absolute one given its context.
Returns the untainted URI if the test value appears to be well-formed.
Note that you probably want to either call this in combo with
is_https_uri(). i.e.
print "Good" if(is_http_uri($uri) || is_https_uri($uri));
or use the convenience method is_web_uri which is equivalent.
- Arguments
- $value
- The potential URI to test.
- Returns
- Returns the untainted URI on success, undef on failure.
- Notes, Exceptions, & Bugs
- This function does not make any attempt to check whether the URI is
accessible or 'makes sense' in any meaningful way. It just checks that it
is formatted correctly.
- is_https_uri - is the value a well-formed HTTPS uri?
-
is_https_uri($value);
- Description
- See is_http_uri() for details. This version only likes the https
URI scheme. Otherwise it's identical to is_http_uri()
- Arguments
- $value
- The potential URI to test.
- Returns
- Returns the untainted URI on success, undef on failure.
- Notes, Exceptions, & Bugs
- This function does not make any attempt to check whether the URI is
accessible or 'makes sense' in any meaningful way. It just checks that it
is formatted correctly.
- is_web_uri - is the value a well-formed HTTP or HTTPS uri?
-
is_web_uri($value);
- Description
- This is just a convinience method that combines is_http_uri and
is_https_uri to accept most common real-world URLs.
- Arguments
- $value
- The potential URI to test.
- Returns
- Returns the untainted URI on success, undef on failure.
- Notes, Exceptions, & Bugs
- This function does not make any attempt to check whether the URI is
accessible or 'makes sense' in any meaningful way. It just checks that it
is formatted correctly.
- is_tel_uri - is the value a well-formed telephone uri?
-
is_tel_uri($value);
- Description
- Specialized version of is_uri() that only likes tel: urls. As a
result, it can also do a much more thorough job validating according to
RFC 3966.
Returns the untainted URI if the test value appears to be well-formed.
- Arguments
- $value
- The potential URI to test.
- Returns
- Returns the untainted URI on success, undef on failure.
- Notes, Exceptions, & Bugs
- This function does not make any attempt to check whether the URI is
accessible or 'makes sense' in any meaningful way. It just checks that it
is formatted correctly.
SEE ALSO¶
URI, RFC 3986, RFC 3966, RFC 4694, RFC 4759, RFC 4904
AUTHOR¶
Richard Sonnen <
sonnen@richardsonnen.com>.
is_tel_uri by David Dick <
ddick@cpan.org>.
COPYRIGHT¶
Copyright (c) 2005 Richard Sonnen. All rights reserved.
This program is free software; you can redistribute it and/or modify it under
the same terms as Perl itself.