[PM-3683] Remove ipcRenderer from electron-platform-utils (#6679)

* [PM-3683] Remove ipcRenderer from electron-platform-utils * FIx review comments * Formatting * Use isNullOrWhitespace
2025-12-06 00:13:28 +00:00 · 2023-11-01 18:34:36 +01:00
parent a1729c97df
commit c592bcba80
9 changed files with 112 additions and 46 deletions
--- a/libs/common/src/platform/misc/safe-urls.spec.ts
+++ b/libs/common/src/platform/misc/safe-urls.spec.ts
@@ -0,0 +1,21 @@
+import { SafeUrls } from "./safe-urls";
+
+describe("SafeUrls service", () => {
+  it("should allow valid URLs", () => {
+    expect(SafeUrls.canLaunch("https://bitwarden.com")).toBe(true);
+    expect(SafeUrls.canLaunch("http://bitwarden.com")).toBe(true);
+    expect(SafeUrls.canLaunch("ssh://my-server")).toBe(true);
+  });
+
+  it("should fail invalid URLs", () => {
+    expect(SafeUrls.canLaunch("bitwarden.com")).toBe(false);
+    expect(SafeUrls.canLaunch("")).toBe(false);
+    expect(SafeUrls.canLaunch(null)).toBe(false);
+  });
+
+  it("should fail URLs with disallowed protocols", () => {
+    expect(SafeUrls.canLaunch("file:///etc/passwd")).toBe(false);
+    expect(SafeUrls.canLaunch("\\\\network.share\\abc")).toBe(false);
+    expect(SafeUrls.canLaunch("smb://smb.server")).toBe(false);
+  });
+});
--- a/libs/common/src/platform/misc/safe-urls.ts
+++ b/libs/common/src/platform/misc/safe-urls.ts
@@ -0,0 +1,33 @@
+import { Utils } from "./utils";
+
+const CanLaunchWhitelist = [
+  "https://",
+  "http://",
+  "ssh://",
+  "ftp://",
+  "sftp://",
+  "irc://",
+  "vnc://",
+  // https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-uri
+  "rdp://", // Legacy RDP URI scheme
+  "ms-rd:", // Preferred RDP URI scheme
+  "chrome://",
+  "iosapp://",
+  "androidapp://",
+];
+
+export class SafeUrls {
+  static canLaunch(uri: string): boolean {
+    if (Utils.isNullOrWhitespace(uri)) {
+      return false;
+    }
+
+    for (let i = 0; i < CanLaunchWhitelist.length; i++) {
+      if (uri.indexOf(CanLaunchWhitelist[i]) === 0) {
+        return true;
+      }
+    }
+
+    return false;
+  }
+}
--- a/libs/common/src/vault/models/view/login-uri.view.ts
+++ b/libs/common/src/vault/models/view/login-uri.view.ts
@@ -2,25 +2,10 @@ import { Jsonify } from "type-fest";

 import { UriMatchType } from "../../../enums";
 import { View } from "../../../models/view/view";
+import { SafeUrls } from "../../../platform/misc/safe-urls";
 import { Utils } from "../../../platform/misc/utils";
 import { LoginUri } from "../domain/login-uri";

-const CanLaunchWhitelist = [
-  "https://",
-  "http://",
-  "ssh://",
-  "ftp://",
-  "sftp://",
-  "irc://",
-  "vnc://",
-  // https://docs.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-uri
-  "rdp://", // Legacy RDP URI scheme
-  "ms-rd:", // Preferred RDP URI scheme
-  "chrome://",
-  "iosapp://",
-  "androidapp://",
-];
-
 export class LoginUriView implements View {
  match: UriMatchType = null;

@@ -108,15 +93,10 @@ export class LoginUriView implements View {
      return this._canLaunch;
    }
    if (this.uri != null && this.match !== UriMatchType.RegularExpression) {
-      const uri = this.launchUri;
-      for (let i = 0; i < CanLaunchWhitelist.length; i++) {
-        if (uri.indexOf(CanLaunchWhitelist[i]) === 0) {
-          this._canLaunch = true;
-          return this._canLaunch;
-        }
-      }
+      this._canLaunch = SafeUrls.canLaunch(this.launchUri);
+    } else {
+      this._canLaunch = false;
    }
-    this._canLaunch = false;
    return this._canLaunch;
  }