From 97dfdbf7c09acd01d43cbaa31f53e2f1eb25f6c2 Mon Sep 17 00:00:00 2001 From: Pavel Djundik Date: Wed, 23 May 2018 16:50:59 +0300 Subject: [PATCH] Default to https: for urls with no scheme --- .../handlebars/ircmessageparser/findLinks.js | 37 ++++++++++++------- .../handlebars/ircmessageparser/findLinks.js | 26 ++++++------- test/client/js/libs/handlebars/parse.js | 10 ++--- test/plugins/link.js | 8 ++-- 4 files changed, 46 insertions(+), 35 deletions(-) diff --git a/client/js/libs/handlebars/ircmessageparser/findLinks.js b/client/js/libs/handlebars/ircmessageparser/findLinks.js index fadcb2f2..91f69958 100644 --- a/client/js/libs/handlebars/ircmessageparser/findLinks.js +++ b/client/js/libs/handlebars/ircmessageparser/findLinks.js @@ -1,6 +1,24 @@ "use strict"; -const linkify = require("linkify-it")() +const LinkifyIt = require("linkify-it"); + +LinkifyIt.prototype.normalize = function normalize(match) { + if (!match.schema) { + match.schema = "https:"; + match.url = "https://" + match.url; + } + + if (match.schema === "//") { + match.schema = "https:"; + match.url = "https:" + match.url; + } + + if (match.schema === "mailto:" && !/^mailto:/i.test(match.url)) { + match.url = "mailto:" + match.url; + } +}; + +const linkify = LinkifyIt() .tlds(require("tlds")) .tlds("onion", true); @@ -25,18 +43,11 @@ function findLinks(text) { return []; } - return matches.map((url) => { - // Prefix protocol to protocol-aware urls - if (url.schema === "//") { - url.url = `http:${url.url}`; - } - - return { - start: url.index, - end: url.lastIndex, - link: url.url, - }; - }); + return matches.map((url) => ({ + start: url.index, + end: url.lastIndex, + link: url.url, + })); } module.exports = findLinks; diff --git a/test/client/js/libs/handlebars/ircmessageparser/findLinks.js b/test/client/js/libs/handlebars/ircmessageparser/findLinks.js index e6e8420f..36cfa8e3 100644 --- a/test/client/js/libs/handlebars/ircmessageparser/findLinks.js +++ b/test/client/js/libs/handlebars/ircmessageparser/findLinks.js @@ -22,7 +22,7 @@ describe("findLinks", () => { const expected = [{ start: 0, end: 24, - link: "http://www.nooooooooooooooo.com", + link: "https://www.nooooooooooooooo.com", }]; const actual = findLinks(input); @@ -46,7 +46,7 @@ describe("findLinks", () => { it("should find urls in strings starting with www", () => { const input = "use www.duckduckgo.com for privacy reasons"; const expected = [{ - link: "http://www.duckduckgo.com", + link: "https://www.duckduckgo.com", start: 4, end: 22, }]; @@ -94,7 +94,7 @@ describe("findLinks", () => { it("should handle multiple www. correctly", () => { const input = "www.www.test.com"; const expected = [{ - link: "http://www.www.test.com", + link: "https://www.www.test.com", start: 0, end: 16, }]; @@ -107,15 +107,15 @@ describe("findLinks", () => { it("should find domains without www. but valid tld", () => { const input = "google.com google.lv google.museum"; const expected = [{ - link: "http://google.com", + link: "https://google.com", start: 0, end: 10, }, { - link: "http://google.lv", + link: "https://google.lv", start: 11, end: 20, }, { - link: "http://google.museum", + link: "https://google.museum", start: 21, end: 34, }]; @@ -128,7 +128,7 @@ describe("findLinks", () => { it("should find .onion domains", () => { const input = "facebookcorewwwi.onion/test?url"; const expected = [{ - link: "http://facebookcorewwwi.onion/test?url", + link: "https://facebookcorewwwi.onion/test?url", start: 0, end: 31, }]; @@ -228,11 +228,11 @@ describe("findLinks", () => { start: 0, end: 22, }, { - link: "http://www.google.com", + link: "https://www.google.com", start: 25, end: 39, }, { - link: "http://google.com", + link: "https://google.com", start: 42, end: 52, }]; @@ -247,7 +247,7 @@ describe("findLinks", () => { const expected = [{ start: 0, end: 15, - link: "http://www.example.com", + link: "https://www.example.com", }]; const actual = findLinks(input); @@ -258,7 +258,7 @@ describe("findLinks", () => { const expected2 = [{ start: 0, end: 15, - link: "http://www.example.com", + link: "https://www.example.com", }, { start: 16, end: 57, @@ -275,7 +275,7 @@ describe("findLinks", () => { const expected = [{ start: 0, end: 15, - link: "http://www.example.com", + link: "https://www.example.com", }, { start: 16, end: 29, @@ -294,7 +294,7 @@ describe("findLinks", () => { it("should add protocol to protocol-aware urls", () => { const input = "//example.com"; const expected = [{ - link: "http://example.com", + link: "https://example.com", start: 0, end: 13, }]; diff --git a/test/client/js/libs/handlebars/parse.js b/test/client/js/libs/handlebars/parse.js index 801d92f0..4b247429 100644 --- a/test/client/js/libs/handlebars/parse.js +++ b/test/client/js/libs/handlebars/parse.js @@ -7,7 +7,7 @@ describe("parse Handlebars helper", () => { it("should not introduce xss", () => { const testCases = [{ input: "", - expected: "<img onerror='location.href="//youtube.com"'>", + expected: "<img onerror='location.href="//youtube.com"'>", }, { input: '#&">bug', expected: '#&">bug', @@ -41,7 +41,7 @@ describe("parse Handlebars helper", () => { }, { input: "www.nooooooooooooooo.com", expected: - '' + + '' + "www.nooooooooooooooo.com" + "", }, { @@ -56,7 +56,7 @@ describe("parse Handlebars helper", () => { input: "use www.duckduckgo.com for privacy reasons", expected: "use " + - '' + + '' + "www.duckduckgo.com" + "" + " for privacy reasons", @@ -101,7 +101,7 @@ describe("parse Handlebars helper", () => { input: "abc (www.example.com)", expected: "abc (" + - '' + + '' + "www.example.com" + "" + ")", @@ -114,7 +114,7 @@ describe("parse Handlebars helper", () => { }, { input: "www.example.com/Test_(Page)", expected: - '' + + '' + "www.example.com/Test_(Page)" + "", }]; diff --git a/test/plugins/link.js b/test/plugins/link.js index 121f7048..78a27bcb 100644 --- a/test/plugins/link.js +++ b/test/plugins/link.js @@ -380,14 +380,14 @@ describe("Link plugin", function() { link(this.irc, this.network.channels[0], message); this.irc.once("msg:preview", function(data) { - expect(data.preview.link).to.equal("http://localhost:9002"); + expect(data.preview.link).to.equal("https://localhost:9002"); done(); }); }); it("should de-duplicate links", function(done) { const message = this.irc.createMessage({ - text: "//localhost:9002 http://localhost:9002 http://localhost:9002", + text: "//localhost:9002 https://localhost:9002 https://localhost:9002", }); link(this.irc, this.network.channels[0], message); @@ -397,12 +397,12 @@ describe("Link plugin", function() { head: "", body: "", thumb: "", - link: "http://localhost:9002", + link: "https://localhost:9002", shown: true, }]); this.irc.once("msg:preview", function(data) { - expect(data.preview.link).to.equal("http://localhost:9002"); + expect(data.preview.link).to.equal("https://localhost:9002"); done(); }); });