Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix base domain matching #4177

Merged

Conversation

@varjolintu
Copy link
Member

varjolintu commented Jan 13, 2020

Type of change

  • Bug fix (non-breaking change which fixes an issue)

Description and Context

Adds base domain matching when handling URL matches. This prevents invalid matches to appear. In this case, for example an entry with https://hub.com would be returned for https://github.com.

Fixes #4170.

Testing strategy

Manually. Tests are also updated.

Checklist:

  • I have read the CONTRIBUTING document. [REQUIRED]
  • My code follows the code style of this project. [REQUIRED]
  • All new and existing tests passed. [REQUIRED]
  • I have compiled and verified my code with -DWITH_ASAN=ON. [REQUIRED]
  • I have added tests to cover my changes.
@varjolintu varjolintu added this to the v2.5.3 milestone Jan 13, 2020
@varjolintu varjolintu requested a review from droidmonkey Jan 13, 2020
@@ -1053,7 +1053,7 @@ bool BrowserService::handleURL(const QString& entryUrl, const QString& url, cons
}

// Filter to match hostname in URL field
if (siteQUrl.host().endsWith(entryQUrl.host())) {
if (siteQUrl.host().endsWith(entryQUrl.host()) && baseDomain(siteQUrl.host()) == baseDomain(entryQUrl.host())) {

This comment has been minimized.

Copy link
@phoerious

phoerious Jan 13, 2020

Member

Isn't this somewhat redundant?

This comment has been minimized.

Copy link
@varjolintu

varjolintu Jan 13, 2020

Author Member

No. The subdomain matching is currently done with endsWith that can cause some extra matches appearing to the results. The baseDomain check ensusures the comparison is really made with the same host address. If you have a better proposition, I'll gladly take it.

This comment has been minimized.

Copy link
@phoerious

phoerious Jan 13, 2020

Member

I meant isn't the endsWith check redundant when you have the stricter baseDomain check in place?

This comment has been minimized.

Copy link
@droidmonkey

droidmonkey Jan 13, 2020

Member

I find this comparison confusing because there is a lot of functions transforming the inputs to it. Needs to be simplified regardless or a comment on how it functions.

This comment has been minimized.

Copy link
@varjolintu

varjolintu Jan 14, 2020

Author Member

Thanks for the feedback guys. I'll try to simplify the comparison.

This comment has been minimized.

Copy link
@varjolintu

varjolintu Jan 14, 2020

Author Member

I made the baseDomain comparison as a separate if-sentence, so it's a little bit more clear.

@phoerious phoerious merged commit 08a9114 into keepassxreboot:release/2.5.3 Jan 19, 2020
4 checks passed
4 checks passed
Code Format (KeepassXC) TeamCity build finished
Details
MacOS (KeepassXC) TeamCity build finished
Details
Ubuntu Linux (KeepassXC) TeamCity build finished
Details
Windows 10 (KeepassXC) TeamCity build finished
Details
phoerious added a commit that referenced this pull request Jan 19, 2020
Fixed

- Fix a possible database lockout when removing a YubiKey from a KDBX 3.1 database [#4147]
- Fix crash if Auto-Type is performed on a new entry [#4150]
- Fix crash when all entries are deleted from a group [#4156]
- Improve the reliability of clipboard clearing on Gnome [#4165]
- Do not check cmd:// URLs for valid URL syntax anymore [#4172]
- Prevent unnecessary merges for databases on network shares [#4153]
- Browser: Prevent native messaging proxy from blocking application shutdown [#4155]
- Browser: Improve website URL matching [#4134, #4177]

Added

- Browser: Enable support for Chromium-based Edge Browser [#3359]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.