Only process signal domain links if they have hash/path/query
This commit is contained in:
Scott Nonnenberg
GitHub
parent
5e9f3d5171
commit
450051e541
|
|
@ -121,16 +121,32 @@ describe('sgnlHref', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns false if the protocol is not "https:"', () => {
|
it('returns false if the protocol is not "https:"', () => {
|
||||||
assert.isFalse(isSignalHttpsLink('sgnl://signal.art', explodingLogger));
|
|
||||||
assert.isFalse(
|
assert.isFalse(
|
||||||
isSignalHttpsLink(
|
isSignalHttpsLink(
|
||||||
'sgnl://signal.art/addstickers/?pack_id=abc',
|
'sgnl://signal.art/#pack_id=234234&pack_key=342342',
|
||||||
explodingLogger
|
explodingLogger
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
assert.isFalse(
|
assert.isFalse(
|
||||||
isSignalHttpsLink('signal://signal.group', explodingLogger)
|
isSignalHttpsLink(
|
||||||
|
'sgnl://signal.art/addstickers/#pack_id=234234&pack_key=342342',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
);
|
);
|
||||||
|
assert.isFalse(
|
||||||
|
isSignalHttpsLink(
|
||||||
|
'signal://signal.group/#AD234Dq342dSDJWE',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
it('returns false if missing path/hash/query', () => {
|
||||||
|
assert.isFalse(
|
||||||
|
isSignalHttpsLink('https://signal.group/', explodingLogger)
|
||||||
|
);
|
||||||
|
assert.isFalse(isSignalHttpsLink('https://signal.art/', explodingLogger));
|
||||||
|
assert.isFalse(isSignalHttpsLink('https://signal.me/', explodingLogger));
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns false if the URL is not a valid Signal URL', () => {
|
it('returns false if the URL is not a valid Signal URL', () => {
|
||||||
|
|
@ -139,10 +155,39 @@ describe('sgnlHref', () => {
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns true if the protocol is "https:"', () => {
|
it('returns true if the protocol is "https:"', () => {
|
||||||
assert.isTrue(isSignalHttpsLink('https://signal.group', explodingLogger));
|
assert.isTrue(
|
||||||
assert.isTrue(isSignalHttpsLink('https://signal.art', explodingLogger));
|
isSignalHttpsLink(
|
||||||
assert.isTrue(isSignalHttpsLink('HTTPS://signal.art', explodingLogger));
|
'https://signal.group/#AD234Dq342dSDJWE',
|
||||||
assert.isTrue(isSignalHttpsLink('https://signal.me', explodingLogger));
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
assert.isTrue(
|
||||||
|
isSignalHttpsLink(
|
||||||
|
'https://signal.group/AD234Dq342dSDJWE',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
assert.isTrue(
|
||||||
|
isSignalHttpsLink(
|
||||||
|
'https://signal.group/?AD234Dq342dSDJWE',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
assert.isTrue(
|
||||||
|
isSignalHttpsLink(
|
||||||
|
'https://signal.art/addstickers/#pack_id=234234&pack_key=342342',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
assert.isTrue(
|
||||||
|
isSignalHttpsLink(
|
||||||
|
'HTTPS://signal.art/addstickers/#pack_id=234234&pack_key=342342',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
|
);
|
||||||
|
assert.isTrue(
|
||||||
|
isSignalHttpsLink('https://signal.me/#p/+32423432', explodingLogger)
|
||||||
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('returns false if username or password are set', () => {
|
it('returns false if username or password are set', () => {
|
||||||
|
|
@ -153,14 +198,17 @@ describe('sgnlHref', () => {
|
||||||
|
|
||||||
it('returns false if port is set', () => {
|
it('returns false if port is set', () => {
|
||||||
assert.isFalse(
|
assert.isFalse(
|
||||||
isSignalHttpsLink('https://signal.group:1234', explodingLogger)
|
isSignalHttpsLink(
|
||||||
|
'https://signal.group:1234/#AD234Dq342dSDJWE',
|
||||||
|
explodingLogger
|
||||||
|
)
|
||||||
);
|
);
|
||||||
});
|
});
|
||||||
|
|
||||||
it('accepts URL objects', () => {
|
it('accepts URL objects', () => {
|
||||||
const invalid = new URL('sgnl://example.com');
|
const invalid = new URL('sgnl://example.com');
|
||||||
assert.isFalse(isSignalHttpsLink(invalid, explodingLogger));
|
assert.isFalse(isSignalHttpsLink(invalid, explodingLogger));
|
||||||
const valid = new URL('https://signal.art');
|
const valid = new URL('https://signal.art/#AD234Dq342dSDJWE');
|
||||||
assert.isTrue(isSignalHttpsLink(valid, explodingLogger));
|
assert.isTrue(isSignalHttpsLink(valid, explodingLogger));
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
|
||||||
|
|
@ -34,6 +34,8 @@ export function isCaptchaHref(
|
||||||
return Boolean(url?.protocol === 'signalcaptcha:');
|
return Boolean(url?.protocol === 'signalcaptcha:');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// A link to a signal 'action' domain with private data in path/hash/query. We could
|
||||||
|
// open a browser, but it will just link back to us. We will parse it locally instead.
|
||||||
export function isSignalHttpsLink(
|
export function isSignalHttpsLink(
|
||||||
value: string | URL,
|
value: string | URL,
|
||||||
logger: LoggerType
|
logger: LoggerType
|
||||||
|
|
@ -45,7 +47,8 @@ export function isSignalHttpsLink(
|
||||||
!url.password &&
|
!url.password &&
|
||||||
!url.port &&
|
!url.port &&
|
||||||
url.protocol === 'https:' &&
|
url.protocol === 'https:' &&
|
||||||
SIGNAL_HOSTS.has(url.host)
|
SIGNAL_HOSTS.has(url.host) &&
|
||||||
|
(url.hash || url.pathname !== '/' || url.search)
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue