Merge branch 'master' of github.com:MISP/PyMISPWarningLists

pymispwarninglists/api.py

@@ -102,7 +102,7 @@ class WarningList():
             parsed_url = urlparse(value)
             if parsed_url.hostname:
                 value = parsed_url.hostname
-            return any(value.endswith(v) for v in self.list)
+            return any(value == v or value.endswith("."+v.lstrip(".")) for v in self.list)
         elif self.type == 'cidr':
             try:
                 value = ip_address(value)

pyproject.toml

@@ -23,9 +23,9 @@ include = ["pymispwarninglists/data/misp-warninglists/schema.json",
 
 [tool.poetry.dependencies]
 python = "^3.6"
-coveralls = "^2.0.0"
 
 [tool.poetry.dev-dependencies]
+coveralls = "^2.0.0"
 codecov = "^2.0.22"
 jsonschema = "^3.2.0"
 nose = "^1.3.7"

tests/tests.py

@@ -43,6 +43,10 @@ class TestPyMISPWarningLists(unittest.TestCase):
         results = self.warninglists.search('2001:DB8::34:1')
         self.assertEqual(results[0].name, 'List of RFC 3849 CIDR blocks')
         results = self.warninglists.search('1e100.net')
-        self.assertEqual(results[0].name, 'Top 1,000,000 most-used sites from Tranco')
+        self.assertTrue('List of known google domains' in [r.name for r in results])
         results = self.warninglists.search('something.files.1drv.com')
-        self.assertEqual(results[0].name, 'Top 1,000,000 most-used sites from Tranco')
+        self.assertTrue('List of known microsoft domains' in [r.name for r in results])
+        results = self.warninglists.search('arbitrary-domain-1e100.net')
+        self.assertEqual(results, [])
+        results = self.warninglists.search('phishing.co.uk')
+        self.assertEqual(results, [])