-
-
Notifications
You must be signed in to change notification settings - Fork 640
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[iOS] Links get double-%-encoded, breaking downloads #4136
Comments
Same problem when trying to open a link to a big blue button video call. |
But if you are in the iOS app and tap the link and cut and paste into Safari on the same device, the file is downloaded fine. So there is nothing wrong with the link. |
@baxterdmutt Yes, if you long-press the link in order to copy it, that doesn't involve the code that has this bug. This bug applies when you directly open the link within the app. |
Is there a timeline on when this issue will be fixed. It’s a real difficulty for a few of our staff that are not super tech savvy. |
We've just heard another report of this issue, from a user by email. |
We have the same issue, if we try to open file via in app browser it won’t open with an error message of {"result":"error","msg":"Invalid filename"} but if we copy link and paste in to browser then it loads the file successfully. The url is different between copy and touch to open |
Same issue trying to open a PDF file dropped into the conversation. |
We've just heard another report of this issue, from a user by email. |
Quoting from the linked commit:
But since 74e1418, we're not using /** Open a URL in the in-app browser. */
// TODO(#4146): Take a URL object, not a string.
export function openLinkEmbedded(url: string): void {
if (Platform.OS === 'ios') {
WebBrowser.openBrowserAsync(encodeURI(url));
} else {
NativeModules.CustomTabsAndroid.openURL(url);
}
} —and if we don't crash on a |
Hmm, well I didn't get a crash but there's still a bug, so this won't work out. With this change: - WebBrowser.openBrowserAsync(encodeURI(url));
+ WebBrowser.openBrowserAsync(url); , when I tapped a link with
which is a match for the issue, #3315, that the |
So we're back to this as the thing to try:
I'm nervous about selectively encoding some things and not others, and it looks like I had the same thought in a comment a few years ago. It seems like that could introduce bugs of its own. |
While following up on a comment you made on another issue thread (#5518 (comment)), I think I found a good clean solution for this concern! Specifically, I think the right way to implement that selective encoding probably is to round-trip the URL string through
Here's a quick demo, contrasting the URL parser with
Note that both of them percent-encode In terms of the URL spec, a note there (https://url.spec.whatwg.org/#url-code-points) explains:
Concretely, what's happening in that example is that in query state, the input gets encoded using the special-query percent-encode set; and that contains all code points above U+007E, but does not contain U+0025 (*) The "usually" on not processing U+002F |
(Hmm, as I try to construct a demo, I find that it's actually not possible for a
Note the Anyway, the specifics of |
For why we believe this will fix zulip#4136, see there: zulip#4136 (comment) Fixes: zulip#4136
For why we believe this will fix zulip#4136, see there: zulip#4136 (comment) Fixes: zulip#4136
… (iOS) This doesn't re-introduce zulip#3315 (SafariView complaining on non-ASCII URLs) because all non-ASCII characters are still percent-encoded. That gets done by the URL constructor, which we started using in this codepath in the previous commit. See discussion and more detail: zulip#4136 (comment) Fixes: zulip#4136
The effect of this is that a similar symptom to #3303 is still live on iOS. But the cause is unrelated, so making this a separate issue.
Originally described at #4089 (comment) and #4089 (comment) , just before I merged #4089 fixing #3303 .
To reproduce:
Went to message list, found a message with an upload that wasn't an image. (To do that: in the webapp searched for
has:attachment
, and scrolled through history to find one that wasn't an image.) Specifically the file happened to be a PDF, with a.pdf
extension on its name.Hit the link. Got a browser view. But after a few seconds of loading, the result was an error:
![Simulator Screen Shot - iPhone 8 - 2020-06-04 at 15 32 23](https://user-images.githubusercontent.com/28173/83817031-9c7dd500-a678-11ea-9af2-2a31bde23c07.png)
That appears to be from S3 directly, because that's in the location bar at the top. The error message begins:
Ditto on a second try. I watched the timing closely this time, and it was only about a second between me tapping the link and the error message appearing. So it's not an expiration issue -- there's something else wrong.
On further investigation, I have a partial diagnosis:
From that error page, I hit the "share" icon and chose "Copy", to get the URL onto the clipboard. Then went and pasted it elsewhere (the compose box, as the handiest place.) Here it is:
https://zulip-uploads.s3.amazonaws.com/1230/-Opc2L055IYelpraPb1oRDeU/sagas.pdf?Signature=2mpNGb0ysKFpVN8bkkMVsulQSVE%253D&Expires=1591317724&AWSAccessKeyId=AKIAIEVMBCAT2WD3M5KQ
I went and pulled up the same upload in the webapp, to compare. (It works fine there.) Here's the URL I find in the location bar there:
https://zulip-uploads.s3.amazonaws.com/1230/-Opc2L055IYelpraPb1oRDeU/sagas.pdf?Signature=xipp%2FD69nk89xmkKha3cx6K%2FSSg%3D&Expires=1591317779&AWSAccessKeyId=AKIAIEVMBCAT2WD3M5KQ
I think the problem is that
%253D
. That's the percent-encoding of%3D
, which is itself the percent-encoding of=
. Note there's a%3D
at the end of theSignature
query-parameter in the successful URL. Both signatures look like base64, which very often ends with a=
as padding.So it seems like we're double-encoding the URL, and as a result the decoding of it has a signature ending in
%3D
instead of in=
and the signature doesn't validate.Looking at the code, it's clear where that's happening -- in
src/utils/openLink.js
, just in the iOS branch, we callencodeURI
on the URL. That sure will turn a%3D
into a%253D
.Unfortunately it's going to be a bit trickier than just removing that call, because it was put there to fix another bug: 66a9e9d (#3507) fixed #3315.
So it seems like we need to, in
openLink
on iOS before passing the URL toSafariView.show
:%
itself, instead leave it alone;encodeURI
leaves alone, likea
andZ
and/
;encodeURI
affects, like"
and a bunch of other punctuation.A key step in fixing this is going to be just end-to-end testing: make a URL filled with a ton of these characters, post it in a Zulip message, try following that link, and see what URL actually comes through.
The text was updated successfully, but these errors were encountered: