1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
// This is taken from: https://benjamin-altpeter.de/shell-openexternal-dangers/
import { URL } from 'node:url';
import { ensureDirSync, existsSync } from 'fs-extra';
import { shell } from 'electron';
import normalizeUrl from 'normalize-url';
import { ALLOWED_PROTOCOLS } from '../config';
const debug = require('../preload-safe-debug')('Ferdium:Helpers:url');
export function isValidExternalURL(url: string | URL): boolean {
let parsedUrl: URL;
try {
parsedUrl = new URL(url.toString());
} catch {
return false;
}
const isAllowed = ALLOWED_PROTOCOLS.includes(parsedUrl.protocol);
debug('protocol check is', isAllowed, 'for:', url);
return isAllowed;
}
export function fixUrl(url: string | URL): string {
return url
.toString()
.replaceAll('//', '/')
.replaceAll('http:/', 'http://')
.replaceAll('https:/', 'https://')
.replaceAll('file:/', 'file://');
}
export function isValidFileUrl(path: string): boolean {
return path.startsWith('file') && existsSync(new URL(path));
}
export async function openPath(folderName: string): Promise<void> {
ensureDirSync(folderName);
shell.openPath(folderName);
}
// TODO: Need to verify and fix/remove the skipping logic. Ideally, we should never skip this check
export function openExternalUrl(
url: string | URL,
skipValidityCheck: boolean = false,
): void {
const fixedUrl = fixUrl(url.toString());
debug('Open url:', fixedUrl, 'with skipValidityCheck:', skipValidityCheck);
if (skipValidityCheck || isValidExternalURL(fixedUrl)) {
shell.openExternal(fixedUrl.toString());
}
}
export function normalizedUrl(url: string) {
return normalizeUrl(url, {
stripAuthentication: false,
stripWWW: false,
removeTrailingSlash: false,
});
}
|