mirror of https://github.com/bitwarden/browser synced 2026-02-20 11:24:07 +00:00

Go to file

✨ Audrey ✨ e66a1f37b5 Extract urlOriginsMatch utility and refactor senderIsInternal (#19076 )

Adds urlOriginsMatch to @bitwarden/platform, which compares two URLs by
scheme, host, and port. Uses `protocol + "//" + host` rather than
`URL.origin` because non-special schemes (e.g. chrome-extension://)
return the opaque string "null" from .origin, making equality comparison
unreliable. URLs without a host (file:, data:) are explicitly rejected
to prevent hostless schemes from comparing equal.

Refactors senderIsInternal to delegate to urlOriginsMatch and to derive
the extension URL via BrowserApi.getRuntimeURL("") rather than inline
chrome/browser API detection. Adds full test coverage for
senderIsInternal.

The previous string-based comparison used startsWith after stripping
trailing slashes, which was safe in senderIsInternal where inputs are
tightly constrained. As a general utility accepting arbitrary URLs,
startsWith can produce false positives (e.g. "https://example.com"
matching "https://example.com.evil.com"). Structural host comparison
is the correct contract for unrestricted input.

2026-02-19 08:45:24 -05:00

.checkmarx

Update SAST preset to query set (#8569 )

2024-04-01 16:24:04 -04:00

.claude

Add settings.json for extra known marketplaces (#18807 )

2026-02-06 02:16:12 +00:00

.codescene

disable code duplication check in unit tests (#6773 )

2023-11-06 15:48:34 -05:00

.github

remove release draft key for DAS test enablement (#19035 )

2026-02-17 15:06:48 -05:00

.husky

Update husky hooks (#7738 )

2024-01-30 06:50:54 -08:00

.storybook

[PM-29608] [PM-29609] Premium subscription redesign cards (#18145 )

2026-01-07 10:54:32 -06:00

.vscode

[PM-19731] Refactor encrypt service to expose key wrapping (#14080 )

2025-04-22 13:56:39 +00:00

apps

Extract urlOriginsMatch utility and refactor senderIsInternal (#19076 )

2026-02-19 08:45:24 -05:00

bitwarden_license

[PM-27782] Update Access Intelligence loading state text (#18808 )

2026-02-17 20:29:41 -08:00

docs

refactor(nx): remove unneeded tsconfig.build.json & adjust nx docs (#16864 )

2025-10-14 11:07:23 -04:00

libs

Extract urlOriginsMatch utility and refactor senderIsInternal (#19076 )

2026-02-19 08:45:24 -05:00

scripts

chore(deps): Include Cargo dependencies in dep-ownership lint check

2025-12-31 14:01:26 -05:00

.browserslistrc

[PM-6788][PM-7755] add babel/preset-env and browserslist (#9383 )

2024-05-30 18:42:26 -04:00

.editorconfig

Add support for migrated jslib (#2826 )

2022-06-03 18:01:07 +02:00

.git-blame-ignore-revs

add prettier formatting merge commit to .git-blame-ignore-revs (#7037 )

2023-11-29 17:53:26 -05:00

.gitattributes

Apply Prettier (#2238 )

2021-12-21 15:43:35 +01:00

.gitignore

Implement reusable Claude code review workflow (#16979 )

2025-10-27 16:25:40 +01:00

.npmrc

[PM-25911] Add commercial sdk internal as dependency (#16883 )

2025-10-27 15:17:20 +01:00

.nvmrc

[PM-22343] Bump non-cli to Node 22 (#15058 )

2025-06-26 18:05:37 -04:00

.prettierignore

[PM-5551] Removing Autofill v2 and AutofillOverlay Feature Flags (#7642 )

2024-01-22 17:11:07 +00:00

.prettierrc.json

Update CL documentation (#5379 )

2023-05-08 14:46:59 +02:00

angular.json

[CL-717][PM-27966] Update to Angular 20 and Storybook 9 (#17638 )

2025-12-01 14:15:58 -05:00

babel.config.json

[PM-6788] enable bugfixes in babel/preset-env (#9465 )

2024-05-31 17:59:39 -04:00

clients.code-workspace

Add Nx Console to vscode recommended extension list (#17683 )

2025-11-27 07:47:01 +01:00

CONTRIBUTING.md

Update README and CONTRIBUTING to point to contributing.bitwarden.com (#2771 )

2022-06-13 17:34:07 +10:00

eslint.config.mjs

[CL-82] rename bit-icon to bit-svg; create new bit-icon component for font icons (#18584 )

2026-01-28 11:36:27 -05:00

jest.config.js

Ac/pm 26364 extension UI for auto confirm (#17258 )

2026-01-07 15:27:41 -05:00

jest.preset.js

feat(nx): add basic-lib generator for streamlined library creation (#14992 )

2025-06-05 14:20:23 -04:00

LICENSE_BITWARDEN.txt

Fix some references to master (#14578 )

2025-05-01 07:18:09 -07:00

LICENSE_GPL.txt

Prepare bitwarden_license directory (#2663 )

2022-05-09 17:50:15 +02:00

LICENSE.txt

Fix some references to master (#14578 )

2025-05-01 07:18:09 -07:00

lint-staged.config.mjs

Add Rust pre-commit hooks for desktop native (#17823 )

2026-01-15 07:50:47 -07:00

nx.json

feat(nx): add basic-lib generator for streamlined library creation (#14992 )

2025-06-05 14:20:23 -04:00

package-lock.json

Update sdk to 546 (#19056 )

2026-02-18 10:08:16 -07:00

package.json

Update sdk to 546 (#19056 )

2026-02-18 10:08:16 -07:00

README.md

[PM-19046] Update README mobile references (#13990 )

2025-03-26 12:49:53 +00:00

SECURITY.md

Revise language on SECURITY.md

2022-03-15 15:39:14 -04:00

tailwind.config.js

Billing/pm 23385 premium modal in web after registration (#16182 )

2025-09-04 14:44:04 +00:00

tsconfig.base.json

Fix non-relative imports (#19022 )

2026-02-18 09:32:08 +01:00

tsconfig.eslint.json

fix(eslint): extend tsconfig.base in tsconfig.eslint (#15082 )

2025-06-05 11:08:03 -04:00

tsconfig.json

Implement and extend tsconfig.base across projects (#14554 )

2025-06-02 20:38:17 +00:00

README.md

Bitwarden Client Applications

This repository houses all Bitwarden client applications except the mobile applications (iOS | android).

Please refer to the Clients section of the Contributing Documentation for build instructions, recommended tooling, code style tips, and lots of other great information to get you started.

bitwarden/server: The core infrastructure backend (API, database, Docker, etc).
bitwarden/ios: Bitwarden iOS Password Manager & Authenticator apps.
bitwarden/android: Bitwarden Android Password Manager & Authenticator apps.
bitwarden/directory-connector: A tool for syncing a directory (AD, LDAP, Azure, G Suite, Okta) to an organization.

We're Hiring!

Interested in contributing in a big way? Consider joining our team! We're hiring for many positions. Please take a look at our Careers page to see what opportunities are currently open as well as what it's like to work at Bitwarden.

Contribute

Code contributions are welcome! Please commit any pull requests against the main branch. Learn more about how to contribute by reading the Contributing Guidelines. Check out the Contributing Documentation for how to get started with your first contribution.

Security audits and feedback are welcome. Please open an issue or email us privately if the report is sensitive in nature. You can read our security policy in the SECURITY.md file.

Languages

TypeScript 81.8%

HTML 12.6%

SCSS 2.3%

JavaScript 1.6%

MDX 0.9%

Other 0.7%

README.md

Bitwarden Client Applications

Related projects:

We're Hiring!

Contribute