From 20001e7ca8cdc1feb6d60517d3aa2cc75c9cce8c Mon Sep 17 00:00:00 2001
From: McSam <samyong@Sams-Mac.local>
Date: Wed, 26 Jun 2019 10:28:23 +0800
Subject: [PATCH 1/5] resolve xxs attack

---
 src/indexPage/endpoint.js | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/indexPage/endpoint.js b/src/indexPage/endpoint.js
index 7032919acd..7f98b78923 100644
--- a/src/indexPage/endpoint.js
+++ b/src/indexPage/endpoint.js
@@ -20,6 +20,8 @@ export default function endpoint() {
         $('#new_endpoint').click(addEndpoint);
         $('#reset').click(resetEndpoint);
 
+        $('#server_url').keyup(validateURL);
+
         init();
     });
     return true;
@@ -64,6 +66,15 @@ function addEndpoint(e) {
     setStorage('config.server_url', serverUrl);
     setStorage('config.app_id', appId);
 
+    const UrlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~:/?#[\]@!\$&'\(\)\*\+,;=.]+$/;
+
+    if (!UrlReg.test(serverUrl)) {
+        $('#error')
+            .html('Please enter a valid server URL')
+            .show();
+        return;
+    }
+
     checkConnection(appId, serverUrl);
 }
 
@@ -71,3 +82,5 @@ function resetEndpoint() {
     setStorage('config.app_id', getDefaultEndpoint().appId);
     setStorage('config.server_url', getDefaultEndpoint().url);
 }
+
+const validateURL = e => {};

From ba04cd37fae3b7e754514b622e78a5fa818be9ad Mon Sep 17 00:00:00 2001
From: McSam <samyong@Sams-Mac.local>
Date: Wed, 26 Jun 2019 10:32:15 +0800
Subject: [PATCH 2/5] eslint

---
 src/indexPage/endpoint.js | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/indexPage/endpoint.js b/src/indexPage/endpoint.js
index 7f98b78923..6821af9a10 100644
--- a/src/indexPage/endpoint.js
+++ b/src/indexPage/endpoint.js
@@ -20,8 +20,6 @@ export default function endpoint() {
         $('#new_endpoint').click(addEndpoint);
         $('#reset').click(resetEndpoint);
 
-        $('#server_url').keyup(validateURL);
-
         init();
     });
     return true;
@@ -66,6 +64,7 @@ function addEndpoint(e) {
     setStorage('config.server_url', serverUrl);
     setStorage('config.app_id', appId);
 
+    // eslint-disable-next-line no-useless-escape
     const UrlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~:/?#[\]@!\$&'\(\)\*\+,;=.]+$/;
 
     if (!UrlReg.test(serverUrl)) {
@@ -82,5 +81,3 @@ function resetEndpoint() {
     setStorage('config.app_id', getDefaultEndpoint().appId);
     setStorage('config.server_url', getDefaultEndpoint().url);
 }
-
-const validateURL = e => {};

From 4dbf2a385377998b8b4498be201c466fdf58dd22 Mon Sep 17 00:00:00 2001
From: McSam <samyong@Sams-Mac.local>
Date: Wed, 26 Jun 2019 11:03:26 +0800
Subject: [PATCH 3/5] resolve changes

---
 src/indexPage/endpoint.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/indexPage/endpoint.js b/src/indexPage/endpoint.js
index 6821af9a10..a657fbca78 100644
--- a/src/indexPage/endpoint.js
+++ b/src/indexPage/endpoint.js
@@ -1,5 +1,6 @@
 import { get as getStorage, set as setStorage } from '../common/utils/storageManager';
 import { generateWebSocketURL, getDefaultEndpoint, generateTestLiveApiInstance } from '../common/appId';
+import { translate } from '../common/utils/tools';
 
 if (document.location.href.endsWith('/endpoint')) {
     window.location.replace(`${document.location.href}.html`);
@@ -64,12 +65,11 @@ function addEndpoint(e) {
     setStorage('config.server_url', serverUrl);
     setStorage('config.app_id', appId);
 
-    // eslint-disable-next-line no-useless-escape
-    const UrlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~:/?#[\]@!\$&'\(\)\*\+,;=.]+$/;
+    const UrlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:.[\w.-]+)+[\w\-._~:/?#[\]@!$&'()*+,;=.]+$/;
 
     if (!UrlReg.test(serverUrl)) {
         $('#error')
-            .html('Please enter a valid server URL')
+            .html(translate('Please enter a valid server URL'))
             .show();
         return;
     }

From 358e93b2a68e1ff279163a364397d466c607cede Mon Sep 17 00:00:00 2001
From: McSam <samyong@Sams-Mac.local>
Date: Wed, 26 Jun 2019 13:03:24 +0800
Subject: [PATCH 4/5] eslint

---
 src/indexPage/endpoint.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/indexPage/endpoint.js b/src/indexPage/endpoint.js
index a657fbca78..751699692f 100644
--- a/src/indexPage/endpoint.js
+++ b/src/indexPage/endpoint.js
@@ -65,9 +65,9 @@ function addEndpoint(e) {
     setStorage('config.server_url', serverUrl);
     setStorage('config.app_id', appId);
 
-    const UrlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:.[\w.-]+)+[\w\-._~:/?#[\]@!$&'()*+,;=.]+$/;
+    const urlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:.[\w.-]+)+[\w-._~:/?#[\]@!$&'()*+,;=.]+$/;
 
-    if (!UrlReg.test(serverUrl)) {
+    if (!urlReg.test(serverUrl)) {
         $('#error')
             .html(translate('Please enter a valid server URL'))
             .show();

From d0276a25ce9ca5e4bb0259e90d6754b57afa5798 Mon Sep 17 00:00:00 2001
From: McSam <samyong@Sams-Mac.local>
Date: Wed, 26 Jun 2019 15:19:50 +0800
Subject: [PATCH 5/5] regex

---
 src/indexPage/endpoint.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/indexPage/endpoint.js b/src/indexPage/endpoint.js
index 751699692f..872d037d90 100644
--- a/src/indexPage/endpoint.js
+++ b/src/indexPage/endpoint.js
@@ -65,7 +65,7 @@ function addEndpoint(e) {
     setStorage('config.server_url', serverUrl);
     setStorage('config.app_id', appId);
 
-    const urlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:.[\w.-]+)+[\w-._~:/?#[\]@!$&'()*+,;=.]+$/;
+    const urlReg = /^(?:http(s)?:\/\/)?[\w.-]+(?:.[\w.-]+)+[\w-._~:\/?#[\]@!$&'()*+,;=.]+$/;
 
     if (!urlReg.test(serverUrl)) {
         $('#error')