From 66110d114dd954d6ae7e2a3881022cd698824213 Mon Sep 17 00:00:00 2001
From: Kuba Suder <jakub.suder@gmail.com>
Date: Sat, 9 Mar 2024 16:25:37 +0200
Subject: [PATCH] reject handles from disallowed domains

---
 lib/didkit/resolver.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/didkit/resolver.rb b/lib/didkit/resolver.rb
index 0d28b42..5426634 100644
--- a/lib/didkit/resolver.rb
+++ b/lib/didkit/resolver.rb
@@ -8,9 +8,13 @@
 
 module DIDKit
   class Resolver
+    RESERVED_DOMAINS = %w(alt arpa example internal invalid local localhost onion test)
+
     def resolve_handle(handle)
       domain = handle.gsub(/^@/, '')
 
+      return nil if RESERVED_DOMAINS.include?(domain.split('.').last)
+
       if dns_did = resolve_handle_by_dns(domain)
         DID.new(dns_did, :dns)
       elsif http_did = resolve_handle_by_well_known(domain)