From d61f5a0e1b8fb87cafb9a99111950f5d4dd0ca75 Mon Sep 17 00:00:00 2001
From: wshamroukh <wshamroukh@gmail.com>
Date: Sat, 18 Oct 2025 00:24:31 +0400
Subject: [PATCH 1/2] DNSQuery: Allow hostnames that begin with underscore like
 _dbsauth.site.contoso.com This is often used in DNS autnetication records

---
 classes/DNSQuery.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/classes/DNSQuery.php b/classes/DNSQuery.php
index 0aa512c..a59b5a9 100644
--- a/classes/DNSQuery.php
+++ b/classes/DNSQuery.php
@@ -215,7 +215,7 @@ private function sanitizeHostname(string $hostname): string {
             return $hostname;
         }
         
-        if (!preg_match('/^([a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?\.)*[a-zA-Z0-9]([a-zA-Z0-9\-]{0,61}[a-zA-Z0-9])?$/', $hostname)) {
+        if (!preg_match('/^([a-zA-Z0-9_](?:[a-zA-Z0-9\-_]{0,61}[a-zA-Z0-9_])?\.)*[a-zA-Z0-9_](?:[a-zA-Z0-9\-_]{0,61}[a-zA-Z0-9_])?$/', $hostname)) {
             throw new InvalidArgumentException("Invalid hostname format");
         }
         
@@ -541,4 +541,4 @@ private function extractTLD(string $hostname): string {
         
         return '';
     }
-}
\ No newline at end of file
+}

From ceaade02e7a7b7ceb916f8209c0b87586d77e184 Mon Sep 17 00:00:00 2001
From: Waddah Shamroukh <91495448+wshamroukh@users.noreply.github.com>
Date: Sun, 9 Nov 2025 14:08:51 +0400
Subject: [PATCH 2/2] Enhance the sanitizeHostname() method

Enhance the sanitizeHostname() method to also handle URLs that start with http:// or https://, and optionally have a trailing slash /
---
 classes/DNSQuery.php | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/classes/DNSQuery.php b/classes/DNSQuery.php
index a59b5a9..f699163 100644
--- a/classes/DNSQuery.php
+++ b/classes/DNSQuery.php
@@ -209,6 +209,12 @@ private function sanitizeHostname(string $hostname): string {
             throw new InvalidArgumentException("Hostname cannot be empty");
         }
         
+        // Remove protocol if present (http:// or https://)
+        $hostname = preg_replace('/^https?:\/\//i', '', $hostname);
+        
+        // Remove everything after the first slash (e.g., example.com/path → example.com)
+        $hostname = preg_replace('/\/.*$/', '', $hostname);
+        
         $hostname = preg_replace('/[^a-zA-Z0-9\.\-_:]/', '', $hostname);
         
         if (filter_var($hostname, FILTER_VALIDATE_IP)) {