fix: Fixed out-of-scope parsing for scope deffinitions containing a scheme

fixes #4

Author: ItsIgnacioPortal

main.go

@@ -1012,13 +1012,28 @@ func parseOutOfScopes(targetURL *url.URL, outOfScope string, targetIP net.IP) bo
 				return true
 			}
 		} else {
-			outOfScopeURL, err := url.Parse("https://" + outOfScope)
+			// The scope has no wildcards
+
+			var outOfScopeURL *url.URL
+			var err error
+
+			schemeRegex, _ := regexp.Compile(`^\w+:`)
+			//if the outofscope starts with a scheme...
+			if schemeRegex.MatchString(outOfScope) {
+				// Parse it as it is
+				outOfScopeURL, err = url.Parse(outOfScope)
+			} else {
+				// Add a scheme to it so it can be parsed as a URL
+				outOfScopeURL, err = url.Parse("https://" + outOfScope)
+			}
+
 			if err != nil {
 				if !chainMode {
 					warning("Couldn't parse out-of-scope \"" + outOfScope + "\" as a URL.")
 				}
 				return false
 			}
+
 			if removePortFromHost(targetURL) == outOfScopeURL.Host {
 				return true
 

main_test.go

@@ -70,6 +70,18 @@ func Test_parseOutOfScopes(t *testing.T) {
 	value = parseOutOfScopes(assetURL, outOfScopeString, nil)
 	equals(t, true, value)
 
+	// Test - in-scope URL with a URL-like out-of-scope string with an unusual scheme
+	assetURL, _ = url.Parse("https://zendesk.internal.example.com")
+	outOfScopeString = "mongodb://sometool.internal.example.com"
+	value = parseOutOfScopes(assetURL, outOfScopeString, nil)
+	equals(t, false, value)
+
+	// Test - out-of-scope URL with a URL-like out-of-scope string with an unusual scheme
+	assetURL, _ = url.Parse("https://zendesk.internal.example.com")
+	outOfScopeString = "mongodb://zendesk.internal.example.com"
+	value = parseOutOfScopes(assetURL, outOfScopeString, nil)
+	equals(t, true, value)
+
 	// Test with a bad function invocation, providing both an assetURL and an assetIP
 	// Only the assetURL should be used in this case
 	assetURL, _ = url.Parse("https://zendesk.internal.example.com")