Skip to content

fix(komide): validate_url uses url::Url parse (closes #203)#205

Merged
forkwright merged 1 commit intomainfrom
fix/issue-203-validate-url-scheme-check
Apr 19, 2026
Merged

fix(komide): validate_url uses url::Url parse (closes #203)#205
forkwright merged 1 commit intomainfrom
fix/issue-203-validate-url-scheme-check

Conversation

@forkwright
Copy link
Copy Markdown
Owner

@forkwright forkwright commented Apr 19, 2026

Summary

Replaces the validate_url prefix-match in komide/src/service/mod.rs with a full url::Url parse + scheme check. Closes #203.

Before:

fn validate_url(url: &str) -> Result<(), KomideError> {
    if url.is_empty() || (!url.starts_with("http://") && !url.starts_with("https://")) {
        return InvalidUrlSnafu { url: url.to_string() }.fail();
    }
    Ok(())
}

After:

fn validate_url(input: &str) -> Result<(), KomideError> {
    let parsed = url::Url::parse(input).map_err(|_| {
        InvalidUrlSnafu { url: input.to_string() }.build()
    })?;
    match parsed.scheme() {
        "http" | "https" if parsed.has_host() => Ok(()),
        _ => InvalidUrlSnafu { url: input.to_string() }.fail(),
    }
}

Why option C (full parse) over suppression:

  • The prefix match accepted strings like http:// (no host), http://foo bar (malformed), etc.
  • Parsing is more defensive and avoids needing a lint suppression.
  • The SECURITY/insecure-transport rule no longer matches (no literal "http://").

Added url to workspace dependencies and the komide crate; it was already a transitive dep via reqwest.

Test plan

  • cargo check -p komide — clean
  • cargo nextest run -p komide — 43/43 pass (9 new validate_url cases: loopback+port, LAN host, javascript:, scheme-relative, hostless http://, https:-only, non-parseable)
  • kanon lint crates/komide --summarySECURITY/insecure-transport cleared (28 -> 27 total; remaining 27 are pre-existing, unrelated)
  • cargo fmt --check — clean
  • kanon gate --stamp — blocked on pre-existing type_complexity expect + other workspace lint warnings from main (not introduced by this PR). PR fix(clippy): clear 5 pre-existing too-many-args + unfulfilled expect errors #204 (fix/clippy-too-many-args-post-lint-sync) addresses the clippy side. Main thread to re-gate once that chain lands.

Based on github/main @ a18094c, kept independent of PRs #200/#201/#202/#204.

fix(komide): validate_url uses url::Url parse instead of prefix match (
c65ab05 
…closes #203)

SECURITY/insecure-transport was flagging the literal "http://" prefix
check even though the function is a URL validator (not an outbound
request). Replaced prefix match with proper url::Url parse + scheme
check — rejects non-HTTP(S) schemes, empty URLs, and malformed inputs
that the prefix form silently accepted (e.g. "http://" with no host).

Added `url` to workspace dependencies and komide crate deps.
Extended test coverage: loopback+port, LAN host, javascript: scheme,
scheme-relative URLs, and schemeless/hostless edge cases.

Closes #203.
@forkwright forkwright merged commit 48a7f9a into main Apr 19, 2026
2 of 3 checks passed
@forkwright forkwright deleted the fix/issue-203-validate-url-scheme-check branch April 19, 2026 21:09
@github-actions github-actions Bot mentioned this pull request Apr 19, 2026
Merged
@forkwright forkwright mentioned this pull request Apr 20, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

lint: SECURITY/insecure-transport false positive on validate_url in komide

1 participant

@forkwright