Improve domain input sanitizion

app/controllers/queries_controller.rb

@@ -45,11 +45,6 @@ def set_query
   end
 
   def query_params
-    pars = params.require(:query).permit(:domain, :type, :server)
-    if pars[:domain].present?
-      pars[:domain].gsub!(/(^\w+:|^)\/\//, '')
-      pars[:domain].gsub!(/\/.+/, '')
-    end
-    pars
+    params.require(:query).permit(:domain, :type, :server)
   end
 end

app/models/query.rb

@@ -43,6 +43,17 @@ def self.types
 
   validates_presence_of :domain, :server, :type
 
+  def domain=(value)
+    return unless value.present?
+
+    value.gsub!(/(^\w+:|^)\/\//, '') # remove protocols
+    value.gsub!(/\/.+/, '') # remove path
+    value.delete!(' ') # remove any spaces
+    value.downcase!
+
+    super(value)
+  end
+
   def server=(value)
     ip = self.class.servers[value.to_sym]
     return unless ip