Merge pull request #6026 from matrix-org/t3chguy/fix/17281

Wrap decodeURIComponent in try-catch to protect against malformed URIs
pull/21833/head
Michael Telatynski 2021-05-13 12:45:57 +01:00 committed by GitHub
commit 712bdba09f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 17 additions and 8 deletions

View File

@ -254,11 +254,15 @@ matrixLinkify.options = {
target: function(href, type) {
if (type === 'url') {
const transformed = tryTransformPermalinkToLocalHref(href);
if (transformed !== href || decodeURIComponent(href).match(matrixLinkify.ELEMENT_URL_PATTERN)) {
return null;
} else {
return '_blank';
try {
const transformed = tryTransformPermalinkToLocalHref(href);
if (transformed !== href || decodeURIComponent(href).match(matrixLinkify.ELEMENT_URL_PATTERN)) {
return null;
} else {
return '_blank';
}
} catch (e) {
// malformed URI
}
}
return null;

View File

@ -346,9 +346,14 @@ export function tryTransformPermalinkToLocalHref(permalink: string): string {
return permalink;
}
const m = decodeURIComponent(permalink).match(matrixLinkify.ELEMENT_URL_PATTERN);
if (m) {
return m[1];
try {
const m = decodeURIComponent(permalink).match(matrixLinkify.ELEMENT_URL_PATTERN);
if (m) {
return m[1];
}
} catch (e) {
// Not a valid URI
return permalink;
}
// A bit of a hack to convert permalinks of unknown origin to Element links