Skip to content

[Validator] Constraints\IP: Accept value with a CIDR notation #36526

@Adambean

Description

@Adambean

Description
The IP validator currently takes in a value representing a single IPv4 and/or IPv6 address.

There would be (some) benefit in being able to accept a CIDR notation address, so a form could take in and validate a subnet instead of a single endpoint. This becomes be more useful for IPv6 due to the widespread 48-bit and 64-bit prefix delegations offered to networks, and in some cases, endpoints.

Perhaps this should be accompanied with a type or style option to determine how the address should be validated:

  • all: Accept either single endpoint or CIDR addresses
  • single: Accept only a single endpoint address (Default for consistent backwards behaviour)
  • cidr: Accept only a CIDR notation address

When in CIDR notation this should also perhaps deny the use of "/32" for IPv4 and "/128" for IPv6, given that if you really wanted to accept a single endpoint address you'd accept the address written without a CIDR suffix at all. Otherwise to customise this further there would be a requirement for cidrMin4, cidrMax4, cidrMin6, cidrMax6 options defaulting to "0", "32", "0", and "128" respectively.

I'm sure this could already be achieved with regex validation but that lacks the obvious elegance and ease of use.

I don't think this should be implemented in a separate CIDR validator class because a form input may intentionally want to accept both styles, for example when building a whitelist, ban list, or searching an audit log.

Example

Accept any IPv4 or IPv6 address, with/without CIDR at any range:

- Ip:
    version: all
    style: all
    cidrMin4: 0
    cidrMax4: 32
    cidrMin4: 0
    cidrMax4: 128

Accept only a 64-bit IPv6 prefix:

- Ip:
    version: 6
    style: cidr
    cidrMin4: 64
    cidrMax4: 64

Accept only a "small" non-point-to-point IPv4 network:

- Ip:
    version: 4
    style: cidr
    cidrMin4: 24
    cidrMax4: 30

Accept only an IPv4 endpoint: (Default behaviour)

- Ip:
    version: 4
    style: single

or being default, would be implicitly declared with only

- Ip: ~

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions