firewall: ipsets.js: validate set names

Ensure that user supplied set name values conform to the nftables identifier
syntax constraints.

Fixes: #6633
Fixes: 0484343903 ("luci-app-firewall: implement IPsets GUI")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>

diff --git a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/ipsets.js b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/ipsets.js
index c9f3e1131a4429c2454757c5b3f159c47adb68a8..40d47cb2e483388da669bdb4b48332b055cc4ae0 100644 (file)
--- a/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/ipsets.js
+++ b/applications/luci-app-firewall/htdocs/luci-static/resources/view/firewall/ipsets.js
@@ -41,6 +41,12 @@ return view.extend({
                        o = s.option(form.Value, 'name', _('Name'));
                        o.optional = false;
                        o.rmempty = false;
+                       o.validate = function (section_id, value) {
+                               if (!/^[a-zA-Z_.][a-zA-Z0-9\/_.-]*$/.test(value))
+                                       return _('Invalid set name');
+
+                               return true;
+                       };
                } else {
                        o = s.option(form.Value, 'name', _('Name'));
                        o.depends({ external: '' });