Go version
go version go1.24.5 darwin/arm64
Output of go env in your module/workspace:
AR='ar'
CC='cc'
CGO_CFLAGS='-O2 -g'
CGO_CPPFLAGS=''
CGO_CXXFLAGS='-O2 -g'
CGO_ENABLED='1'
CGO_FFLAGS='-O2 -g'
CGO_LDFLAGS='-O2 -g'
CXX='c++'
GCCGO='gccgo'
GO111MODULE=''
GOARCH='arm64'
GOARM64='v8.0'
GOAUTH='netrc'
GOBIN=''
GOCACHE='/Users/storm/Library/Caches/go-build'
GOCACHEPROG=''
GODEBUG=''
GOENV='/Users/storm/Library/Application Support/go/env'
GOEXE=''
GOEXPERIMENT=''
GOFIPS140='off'
GOFLAGS=''
GOGCCFLAGS='-fPIC -arch arm64 -pthread -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -ffile-prefix-map=/var/folders/2y/dx_vblns1_1_d19h0x2y29g80000gn/T/go-build2677255103=/tmp/go-build -gno-record-gcc-switches -fno-common'
GOHOSTARCH='arm64'
GOHOSTOS='darwin'
GOINSECURE=''
GOMOD='/Users/storm/projects/cue/go.mod'
GOMODCACHE='/Users/storm/go/pkg/mod'
GONOPROXY=''
GONOSUMDB=''
GOOS='darwin'
GOPATH='/Users/storm/go'
GOPRIVATE=''
GOPROXY='https://proxy.golang.org,direct'
GOROOT='/opt/homebrew/Cellar/go/1.24.5/libexec'
GOSUMDB='sum.golang.org'
GOTELEMETRY='local'
GOTELEMETRYDIR='/Users/storm/Library/Application Support/go/telemetry'
GOTMPDIR=''
GOTOOLCHAIN='auto'
GOTOOLDIR='/opt/homebrew/Cellar/go/1.24.5/libexec/pkg/tool/darwin_arm64'
GOVCS=''
GOVERSION='go1.24.5'
GOWORK=''
PKG_CONFIG='pkg-config'
What did you do?
See: Link to go.dev/play
I'm trying to use idna.Profile.ToASCII function to validate strings as valid domain/dns names. According to docs, the idna.Profile with idna.StrictDomainName(true) and idna.ValidateLabels(true) is supposed to make idna.Profile.ToASCII(...) throw errors on invalid domain name strings (e.g. 'bad_domain' shouldn't pass). However, it does pass, as does every other non empty string, even strings containing all blanks.
For example (also see go playground):
var profile = idna.New(
idna.ValidateLabels(true),
idna.VerifyDNSLength(true),
idna.StrictDomainName(true),
)
bad_domain_name := "boom_boom.com"
_, err := profile.ToASCII(bad_domain_name)
if err == nil {
// this will always run
fmt.Println("Bad domain is allowed, for some reason")
} else {
// this will never run
fmt.Println("Bad domain results in an error, as it should")
}
An interesting note (also in the go playground):
If i construct profile with idna.MapForLookup() instead, it works like the other ones are supposed to...
var profile = idna.New(
idna.MapForLookup(),
idna.VerifyDNSLength(true),
)
// now profile.ToASCII(bad_domain_name) will properly return an error
What did you see happen?
Bad domain is allowed, for some reason
What did you expect to see?
Bad domain results in an error, as it should
Comment From: gabyhelp
Related Issues
- x/net/idna: ToASCII() can spuriously modify NR-LDH labels #58303
- x/net/idna: Display returns invalid label for r4---sn-a5uuxaxjvh-gpm6.googlevideo.com. #27059
- x/net/idna: Registration.ToASCII() accepts empty TLD label #47182
- x/net/idna: separate CheckHyphens from ValidateLabel #41732 (closed)
- x/net/idna: backward compatibility issues with change 2 #19821 (closed)
- net: isDomainName rejects valid domains #17659
- x/net/idna: VerifyDNSLength is not rejecting empty labels #58778
(Emoji vote if this was helpful or unhelpful; more detailed feedback welcome in this discussion.)