mirror of
https://github.com/revoltchat/revite.git
synced 2024-11-27 01:20:57 -05:00
81379d6ec4
Fixes #252. Handle embed untrusted links better.
62 lines
1.8 KiB
TypeScript
62 lines
1.8 KiB
TypeScript
type LinkType =
|
|
| { type: "profile"; id: string }
|
|
| { type: "navigate"; path: string; navigation_type?: null }
|
|
| {
|
|
type: "navigate";
|
|
path: string;
|
|
navigation_type: "channel";
|
|
channel_id: string;
|
|
}
|
|
| { type: "external"; href: string; url: URL }
|
|
| { type: "none" };
|
|
|
|
const ALLOWED_ORIGINS = [
|
|
location.hostname,
|
|
"app.revolt.chat",
|
|
"nightly.revolt.chat",
|
|
"local.revolt.chat",
|
|
];
|
|
|
|
const CHANNEL_PATH_RE =
|
|
/^\/server\/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}\/channel\/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}$/;
|
|
|
|
export function determineLink(href?: string): LinkType {
|
|
let internal,
|
|
url: URL | null = null;
|
|
|
|
if (href) {
|
|
try {
|
|
url = new URL(href, location.href);
|
|
|
|
if (ALLOWED_ORIGINS.includes(url.hostname)) {
|
|
const path = url.pathname;
|
|
if (path.startsWith("/@")) {
|
|
const id = path.substr(2);
|
|
if (/[0123456789ABCDEFGHJKMNPQRSTVWXYZ]{26}/.test(id)) {
|
|
return { type: "profile", id };
|
|
}
|
|
} else {
|
|
if (CHANNEL_PATH_RE.test(path)) {
|
|
return {
|
|
type: "navigate",
|
|
path,
|
|
navigation_type: "channel",
|
|
channel_id: path.slice(43),
|
|
};
|
|
}
|
|
return { type: "navigate", path };
|
|
}
|
|
|
|
internal = true;
|
|
}
|
|
} catch (err) {}
|
|
|
|
if (!internal && url) {
|
|
if (url.protocol !== "javascript") {
|
|
return { type: "external", href, url };
|
|
}
|
|
}
|
|
}
|
|
|
|
return { type: "none" };
|
|
}
|