Insecure Design

Validate input: any input coming from an untrusted source (like an HTTP request) should be validated to ensure it is an expected format, and rejected otherwise.

Input Validation

   @app.route('/share/<url>')
def share(link):
  """Return the meta-data for a web-link shared by a user, throttling
  access by the remote IP address, and validating the link before
  accessing it."""

  # Add a protocol if not supplied.
  link = link.lower()
  link = link if re.match("^[a-z]+://.*", link) else f"https://{link}"

  # Reject invalid URLs or those containing private IP addresses.
  if validators.url(link, public=True):
    raise Exception("Invalid or private URL")

  components = urlparse(link)

  # Reject URLs with non-standard protocols.
  if components.scheme not in ('http', 'https'):
    raise Exception("Invalid protocol")

  # Reject URLs with non-standard ports.
  if ':' in components.netloc:
    raise Exception("Please do not specify a port")

  # Reject URLs containing IP addresses rather than domains.
  try:
    IP(str)
    raise Exception("Please specify domains rather than IP addresses")
  except ValueError:
    pass

  # Reject URLs where the domain is in our blocklist.
  if components.netloc in BLOCKLIST:
    raise Exception("Please do not share links to this domain")

  # Everything looks good, go grab the meta-data.
  return OpenGraph(url=link).to_json() 