mirror of
https://github.com/zulip/zulip-desktop.git
synced 2025-10-31 03:53:34 +00:00
a9d59b3dcd
Also fix various variable names to consistently indicate which strings contain HTML. Some of these changes close cross-site scripting vulnerabilities, and others are for consistency. It’s important to be meticulously consistent about escaping so that changes that would introduce vulnerabilities stand out as obviously wrong. Signed-off-by: Anders Kaseorg <anders@zulip.com>
47 lines
1.2 KiB
TypeScript
47 lines
1.2 KiB
TypeScript
import {shell} from 'electron';
|
|
import fs from 'fs';
|
|
import os from 'os';
|
|
import path from 'path';
|
|
|
|
import {htmlEscape} from 'escape-goat';
|
|
|
|
export function isUploadsUrl(server: string, url: URL): boolean {
|
|
return url.origin === server && url.pathname.startsWith('/user_uploads/');
|
|
}
|
|
|
|
export async function openBrowser(url: URL): Promise<void> {
|
|
if (['http:', 'https:', 'mailto:'].includes(url.protocol)) {
|
|
await shell.openExternal(url.href);
|
|
} else {
|
|
// For security, indirect links to non-whitelisted protocols
|
|
// through a real web browser via a local HTML file.
|
|
const dir = fs.mkdtempSync(
|
|
path.join(os.tmpdir(), 'zulip-redirect-')
|
|
);
|
|
const file = path.join(dir, 'redirect.html');
|
|
fs.writeFileSync(file, htmlEscape`\
|
|
<!DOCTYPE html>
|
|
<html>
|
|
<head>
|
|
<meta charset="UTF-8" />
|
|
<meta http-equiv="Refresh" content="0; url=${url.href}" />
|
|
<title>Redirecting</title>
|
|
<style>
|
|
html {
|
|
font-family: menu, "Helvetica Neue", sans-serif;
|
|
}
|
|
</style>
|
|
</head>
|
|
<body>
|
|
<p>Opening <a href="${url.href}">${url.href}</a>…</p>
|
|
</body>
|
|
</html>
|
|
`);
|
|
await shell.openPath(file);
|
|
setTimeout(() => {
|
|
fs.unlinkSync(file);
|
|
fs.rmdirSync(dir);
|
|
}, 15000);
|
|
}
|
|
}
|