fix(domain): validate hostname format to reject invalid characters (#4729)

* fix(domain): validate hostname format to reject invalid characters

Underscores and other invalid characters were accepted in domain
inputs with no validation, causing Let's Encrypt to silently fail
certificate issuance while Dokploy fell back to a self-signed cert.

Fixes #4716

* fix(create-server): update SSH key label for clarity in server creation form
This commit is contained in:
Mauricio Siu
2026-07-05 14:53:01 -06:00
committed by GitHub
parent db0cb66f0d
commit b2692cd594
8 changed files with 99 additions and 9 deletions

View File

@@ -0,0 +1,8 @@
// Valid hostname per RFC 1123: labels of letters, digits and hyphens
// (no leading/trailing hyphen), separated by dots. Underscores are rejected
// because Let's Encrypt refuses to issue certificates for them.
export const VALID_HOSTNAME_REGEX =
/^(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?\.)+[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?$/;
export const INVALID_HOSTNAME_MESSAGE =
"Invalid domain name. Use only letters, numbers, hyphens and dots (e.g. example.com). Underscores are not allowed.";