What is the difference between shExpMatch()
and dnsDomainIs()
The definition says:
// dnsDomainIs()
// Evaluates hostnames and returns true if hostnames match. Used mainly to match and exception individual host names.
// Example:
if (dnsDomainIs(host, ".google.com")) return "DIRECT";
// shExpMatch()
// Attempts to match hostname or URL to a specified shell expression and returns true if matched.
// Example:
if (shExpMatch(url, "*vpn.domain.com*") ||
shExpMatch(url, "*abcdomain.com/folder/*"))
return "DIRECT";
If I understand it correct then
shExpMatch()
- can use some wildcards
dnsDomainIs()
- can use exact names
Is shExpMatch()
just superior to dnsDomainIs()
Looking at the definitions from http://findproxyforurl.com/pac-functions/ , they have very different functionality. dnsDomainIs() uses exact domain names - such as .google.com
, while shExpMatch() uses shell-like strings with wildcards such as *.google.com
.
They look very different now, but with shExpMatch, you can also match items in a folder structure like example.com/sub/folder/*
or http://example.com/img/*.png
.
The first one only matches the hostname without protocol, port or subfolders, while the second one matches the whole URL. However, you may be able to use shExpMatch() like dnsDomainIs(), but I am not sure, if you may be vulnerable then by inadvertedly allowing a URL like google.com.example.com
for google.com
- dnsDomainIs() would return false here, shExpMatch() may return true (not tested, just a hunch)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With