From cf3ed588c57dabe2a311802588c245e60ca44e6f Mon Sep 17 00:00:00 2001 From: victor gazolli Date: Mon, 23 May 2022 19:13:46 -0300 Subject: [PATCH 1/5] refactor: url validation (http/https) before opening --- packages/tools/package.json | 1 + packages/tools/src/isValidUrl.ts | 23 ++++++++++++++++++++++ packages/tools/src/launchDefaultBrowser.ts | 4 ++++ 3 files changed, 28 insertions(+) create mode 100644 packages/tools/src/isValidUrl.ts diff --git a/packages/tools/package.json b/packages/tools/package.json index 8305e04c3..2fa1aab27 100644 --- a/packages/tools/package.json +++ b/packages/tools/package.json @@ -21,6 +21,7 @@ "@react-native-community/cli-types": "^9.0.0-alpha.0", "@types/lodash": "^4.14.149", "@types/mime": "^2.0.1", + "@types/node": "^17.0.35", "@types/node-fetch": "^2.5.5" }, "files": [ diff --git a/packages/tools/src/isValidUrl.ts b/packages/tools/src/isValidUrl.ts new file mode 100644 index 000000000..f36508f35 --- /dev/null +++ b/packages/tools/src/isValidUrl.ts @@ -0,0 +1,23 @@ +/** + * Check if a string is an http/https url + */ +export default function isValidBrowserUrl( + url: string, +): boolean { + try { + const _url = new URL(url); + + const urlProtocol = _url.protocol; + + const expectedProtocol = { + [urlProtocol]: false, + "http:": true, + "https:": true, + } + + const isFromExpectedProtocol = expectedProtocol[urlProtocol]; + return isFromExpectedProtocol; + } catch (error) { + return false + } +} diff --git a/packages/tools/src/launchDefaultBrowser.ts b/packages/tools/src/launchDefaultBrowser.ts index f693d53aa..3c26abf01 100644 --- a/packages/tools/src/launchDefaultBrowser.ts +++ b/packages/tools/src/launchDefaultBrowser.ts @@ -8,10 +8,14 @@ */ import open from 'open'; +import isValidBrowserUrl from './isValidUrl'; import logger from './logger'; async function launchDefaultBrowser(url: string) { try { + const isSafeToOpenUrlInBrowser = isValidBrowserUrl(url); + if (!isSafeToOpenUrlInBrowser) throw new Error("invalid url, missing http/https protocol"); + await open(url); } catch (err) { if (err) { From 5c8bfebf1e223d2cdc965d6cb52c4dfc7bba4698 Mon Sep 17 00:00:00 2001 From: victor gazolli Date: Mon, 23 May 2022 19:42:34 -0300 Subject: [PATCH 2/5] refactor: remove supressed errors from url validation --- packages/tools/src/isValidUrl.ts | 8 +++++--- packages/tools/src/launchDefaultBrowser.ts | 3 +-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/packages/tools/src/isValidUrl.ts b/packages/tools/src/isValidUrl.ts index f36508f35..4cad9bd7b 100644 --- a/packages/tools/src/isValidUrl.ts +++ b/packages/tools/src/isValidUrl.ts @@ -3,7 +3,7 @@ */ export default function isValidBrowserUrl( url: string, -): boolean { +) { try { const _url = new URL(url); @@ -16,8 +16,10 @@ export default function isValidBrowserUrl( } const isFromExpectedProtocol = expectedProtocol[urlProtocol]; - return isFromExpectedProtocol; + + if (!isFromExpectedProtocol) throw new Error("invalid url, missing http/https protocol"); + } catch (error) { - return false + throw error; } } diff --git a/packages/tools/src/launchDefaultBrowser.ts b/packages/tools/src/launchDefaultBrowser.ts index 3c26abf01..855bcda1e 100644 --- a/packages/tools/src/launchDefaultBrowser.ts +++ b/packages/tools/src/launchDefaultBrowser.ts @@ -13,8 +13,7 @@ import logger from './logger'; async function launchDefaultBrowser(url: string) { try { - const isSafeToOpenUrlInBrowser = isValidBrowserUrl(url); - if (!isSafeToOpenUrlInBrowser) throw new Error("invalid url, missing http/https protocol"); + isValidBrowserUrl(url); await open(url); } catch (err) { From 0b97a632e8e074364bbf49b87e709f0c4c1d8257 Mon Sep 17 00:00:00 2001 From: victor gazolli Date: Mon, 23 May 2022 19:46:09 -0300 Subject: [PATCH 3/5] refactor: remove unused try-catch block --- packages/tools/src/isValidUrl.ts | 22 +++++++++------------- 1 file changed, 9 insertions(+), 13 deletions(-) diff --git a/packages/tools/src/isValidUrl.ts b/packages/tools/src/isValidUrl.ts index 4cad9bd7b..f24e83eb4 100644 --- a/packages/tools/src/isValidUrl.ts +++ b/packages/tools/src/isValidUrl.ts @@ -4,22 +4,18 @@ export default function isValidBrowserUrl( url: string, ) { - try { - const _url = new URL(url); + const _url = new URL(url); - const urlProtocol = _url.protocol; + const urlProtocol = _url.protocol; - const expectedProtocol = { - [urlProtocol]: false, - "http:": true, - "https:": true, - } + const expectedProtocol = { + [urlProtocol]: false, + "http:": true, + "https:": true, + } - const isFromExpectedProtocol = expectedProtocol[urlProtocol]; + const isFromExpectedProtocol = expectedProtocol[urlProtocol]; - if (!isFromExpectedProtocol) throw new Error("invalid url, missing http/https protocol"); + if (!isFromExpectedProtocol) throw new Error("invalid url, missing http/https protocol"); - } catch (error) { - throw error; - } } From 43b9a90d7b02b4bfb863cffa19ba0fbb6e36097d Mon Sep 17 00:00:00 2001 From: victor gazolli Date: Tue, 24 May 2022 21:57:28 -0300 Subject: [PATCH 4/5] refactor: change fn name --- packages/tools/src/launchDefaultBrowser.ts | 4 ++-- .../tools/src/{isValidUrl.ts => throwIfNonHttpProtocol.ts} | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) rename packages/tools/src/{isValidUrl.ts => throwIfNonHttpProtocol.ts} (89%) diff --git a/packages/tools/src/launchDefaultBrowser.ts b/packages/tools/src/launchDefaultBrowser.ts index 855bcda1e..224407502 100644 --- a/packages/tools/src/launchDefaultBrowser.ts +++ b/packages/tools/src/launchDefaultBrowser.ts @@ -8,12 +8,12 @@ */ import open from 'open'; -import isValidBrowserUrl from './isValidUrl'; +import throwIfNonHttpProtocol from './throwIfNonHttpProtocol'; import logger from './logger'; async function launchDefaultBrowser(url: string) { try { - isValidBrowserUrl(url); + throwIfNonHttpProtocol(url); await open(url); } catch (err) { diff --git a/packages/tools/src/isValidUrl.ts b/packages/tools/src/throwIfNonHttpProtocol.ts similarity index 89% rename from packages/tools/src/isValidUrl.ts rename to packages/tools/src/throwIfNonHttpProtocol.ts index f24e83eb4..6130be0a3 100644 --- a/packages/tools/src/isValidUrl.ts +++ b/packages/tools/src/throwIfNonHttpProtocol.ts @@ -1,7 +1,7 @@ /** * Check if a string is an http/https url */ -export default function isValidBrowserUrl( +export default function throwIfNonHttpProtocol( url: string, ) { const _url = new URL(url); From cb1d9df5c8964c49861e3740487d92d2caf0d272 Mon Sep 17 00:00:00 2001 From: victor gazolli Date: Wed, 25 May 2022 09:32:25 -0300 Subject: [PATCH 5/5] refactor: eslint fix --- packages/tools/src/throwIfNonHttpProtocol.ts | 25 ++++++++++---------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/packages/tools/src/throwIfNonHttpProtocol.ts b/packages/tools/src/throwIfNonHttpProtocol.ts index 6130be0a3..bc8d9ed5f 100644 --- a/packages/tools/src/throwIfNonHttpProtocol.ts +++ b/packages/tools/src/throwIfNonHttpProtocol.ts @@ -1,21 +1,20 @@ /** * Check if a string is an http/https url */ -export default function throwIfNonHttpProtocol( - url: string, -) { - const _url = new URL(url); +export default function throwIfNonHttpProtocol(url: string) { + const _url = new URL(url); - const urlProtocol = _url.protocol; + const urlProtocol = _url.protocol; - const expectedProtocol = { - [urlProtocol]: false, - "http:": true, - "https:": true, - } + const expectedProtocol = { + [urlProtocol]: false, + 'http:': true, + 'https:': true, + }; - const isFromExpectedProtocol = expectedProtocol[urlProtocol]; - - if (!isFromExpectedProtocol) throw new Error("invalid url, missing http/https protocol"); + const isFromExpectedProtocol = expectedProtocol[urlProtocol]; + if (!isFromExpectedProtocol) { + throw new Error('invalid url, missing http/https protocol'); + } }