|
2 | 2 |
|
3 | 3 | namespace Drupal\os2forms_digital_post\Plugin\WebformHandler; |
4 | 4 |
|
| 5 | +use Drupal\Component\Utility\UrlHelper; |
5 | 6 | use Drupal\Core\Form\FormStateInterface; |
6 | 7 | use Drupal\os2forms_digital_post\Helper\WebformHelperSF1601; |
7 | 8 | use Drupal\webform\Plugin\WebformHandlerBase; |
@@ -270,10 +271,31 @@ public function validateConfigurationForm(array &$form, FormStateInterface $form |
270 | 271 | self::MEMO_ACTIONS . '][actions][' . $index . '][url', |
271 | 272 | $this->t('Url for action %action is required.', [ |
272 | 273 | '%action' => $this->getTranslatedActionName($action['action']), |
273 | | - '%url' => $action['url'] ?? '', |
274 | 274 | ]) |
275 | 275 | ); |
276 | 276 | } |
| 277 | + else { |
| 278 | + $url = $action['url']; |
| 279 | + // URL must be absolute and use https (cf. https://digitaliser.dk/digital-post/nyhedsarkiv/2024/nov/oeget-validering-i-digital-post) |
| 280 | + if (!UrlHelper::isValid($url, absolute: TRUE)) { |
| 281 | + $formState->setErrorByName( |
| 282 | + self::MEMO_ACTIONS . '][actions][' . $index . '][url', |
| 283 | + $this->t('Url <code>@url</code> for action %action must be absolute, i.e. start with <code>https://</code>.', [ |
| 284 | + '@url' => $url, |
| 285 | + '%action' => $this->getTranslatedActionName($action['action']), |
| 286 | + ]) |
| 287 | + ); |
| 288 | + } |
| 289 | + elseif ('https' !== parse_url($url, PHP_URL_SCHEME)) { |
| 290 | + $formState->setErrorByName( |
| 291 | + self::MEMO_ACTIONS . '][actions][' . $index . '][url', |
| 292 | + $this->t('Url <code>@url</code> for action %action must use the <code>https</code> scheme, i.e. start with <code>https://</code>.', [ |
| 293 | + '@url' => $url, |
| 294 | + '%action' => $this->getTranslatedActionName($action['action']), |
| 295 | + ]) |
| 296 | + ); |
| 297 | + } |
| 298 | + } |
277 | 299 | if (isset($definedActions[$action['action']])) { |
278 | 300 | $formState->setErrorByName( |
279 | 301 | self::MEMO_ACTIONS . '][actions][' . $index . '][action', |
|
0 commit comments