MokoConsulting/MokoJoomOpenGraph
1
0
Fork 0
Code Issues 12 Pull Requests 1 Releases 3 Wiki Activity

TagTable::check() does not validate field values #43

New Issue
Open
opened 2026-05-31 01:19:00 +00:00 by jmiller · 1 comment
jmiller commented 2026-05-31 01:19:00 +00:00
Owner
Copy Link
Copy Source

Problem

TagTable::check() only validates that content_type and content_id are non-empty. It does not:

  1. Validate og_type against allowed values (article, website, product, etc.)
  2. Enforce max length on og_title (255), seo_title (70), meta_description (200)
  3. Validate canonical_url format
  4. Validate robots contains only valid directives
  5. Sanitize content_type against allowed patterns

Impact

Invalid data stored in DB and output as meta tags. Social platform crawlers may reject pages or produce malformed HTML.

Acceptance Criteria

  • Validate og_type against enum of valid OG types
  • Truncate/validate string fields to schema max lengths
  • Validate canonical_url format if non-empty
  • Validate robots directives if non-empty
  • Validate content_type matches pattern [a-z_.]+

File

  • src/packages/com_mokoog/src/Table/TagTable.php:35-49
## Problem `TagTable::check()` only validates that `content_type` and `content_id` are non-empty. It does not: 1. Validate `og_type` against allowed values (article, website, product, etc.) 2. Enforce max length on `og_title` (255), `seo_title` (70), `meta_description` (200) 3. Validate `canonical_url` format 4. Validate `robots` contains only valid directives 5. Sanitize `content_type` against allowed patterns ## Impact Invalid data stored in DB and output as meta tags. Social platform crawlers may reject pages or produce malformed HTML. ## Acceptance Criteria - [ ] Validate `og_type` against enum of valid OG types - [ ] Truncate/validate string fields to schema max lengths - [ ] Validate `canonical_url` format if non-empty - [ ] Validate `robots` directives if non-empty - [ ] Validate `content_type` matches pattern `[a-z_.]+` ## File - `src/packages/com_mokoog/src/Table/TagTable.php:35-49`
jmiller added the enhancementpriority: mediumproduction-readiness labels 2026-05-31 01:19:00 +00:00
jmiller commented 2026-05-31 01:19:04 +00:00
Author
Owner
Copy Link
Copy Source

Branch created: feature/43-tagtable-check-does-not-validate-field-v

git fetch origin
git checkout feature/43-tagtable-check-does-not-validate-field-v
Branch created: [`feature/43-tagtable-check-does-not-validate-field-v`](https://git.mokoconsulting.tech/MokoConsulting/MokoJoomOpenGraph/src/branch/feature/43-tagtable-check-does-not-validate-field-v) ```bash git fetch origin git checkout feature/43-tagtable-check-does-not-validate-field-v ```
Sign in to join this conversation.
Labels
Clear labels
bug
Something is broken
 documentation
Documentation improvements
 enhancement
priority: high
priority: low
priority: medium
production-readiness
Required before v1.0 release
 security
Security vulnerability or hardening
 testing
Test coverage and QA
bug
Something is not working
 chore
Maintenance and housekeeping
 documentation
Documentation improvements
 enhancement
Improvement to existing functionality
 feature
New feature or request
 pending: dependency
Blocked by another issue or external dependency
 pending: deployment
Tested and approved, awaiting deployment to production
 pending: design
Needs UI/UX or architecture design before implementation
 pending: documentation
Feature works, needs documentation/wiki update
 pending: feedback
Awaiting feedback or decision from stakeholder
 pending: review
Implementation complete, awaiting code review
 pending: testing
Feature implemented but not yet tested
 priority: critical
Must fix immediately
 priority: high
Should fix soon
 priority: low
Nice to have
 priority: medium
Fix when convenient
 refactor
Code restructuring without behavior change
 roadmap
Planned feature or enhancement tracked on the roadmap
 scope: client
Client-specific work
 scope: dolibarr
Dolibarr modules and customizations
 scope: infrastructure
Server, CI, backups, monitoring
 scope: joomla
Joomla templates and extensions
 scope: waas
MokoWaaS platform
 security
Security vulnerability or hardening
 status: blocked
Waiting on external dependency
 status: duplicate
Duplicate of another issue
 status: in-progress
Being worked on
 status: needs-review
Ready for review
 status: wontfix
Will not be addressed
No labels enhancement priority: medium production-readiness
Milestone
No items
No Milestone
Assignees
Clear assignees
jmiller (Jonathan Miller)
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: MokoConsulting/MokoJoomOpenGraph#43
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?