Signal/Desktop
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Desktop.git synced 2025-12-25 04:36:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Only process signal domain links if they have hash/path/query

Browse Source
This commit is contained in:
Scott Nonnenberg
2022-09-19 13:42:37 -07:00
committed by GitHub
parent 5e9f3d5171
commit 450051e541
2 changed files with 61 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
ts/util/sgnlHref.ts
View File

@@ -34,6 +34,8 @@ export function isCaptchaHref(
return Boolean(url?.protocol === 'signalcaptcha:');
}
// A link to a signal 'action' domain with private data in path/hash/query. We could
// open a browser, but it will just link back to us. We will parse it locally instead.
export function isSignalHttpsLink(
value: string | URL,
logger: LoggerType
@@ -45,7 +47,8 @@ export function isSignalHttpsLink(
!url.password &&
!url.port &&
url.protocol === 'https:' &&
SIGNAL_HOSTS.has(url.host)
SIGNAL_HOSTS.has(url.host) &&
(url.hash || url.pathname !== '/' || url.search)
);
}