mirrors/signal-desktop
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

Mark links with a password as "sneaky"

Browse source
This commit is contained in:
Evan Hahn 2021-04-28 15:19:32 -05:00 committed by Scott Nonnenberg
parent bf6487c5b9
commit a5fde38c98
2 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
js/modules/link_previews.js
View file

@ -117,7 +117,7 @@ function isLinkSneaky(href) {
} }
// Any links which contain auth are considered sneaky // Any links which contain auth are considered sneaky
if (url.username) { if (url.username || url.password) {
return true; return true;
} }

2
test/modules/link_previews_test.js
View file

@ -148,6 +148,8 @@ describe('Link previews', () => {
describe('auth', () => { describe('auth', () => {
it('returns true for hrefs with auth (or pretend auth)', () => { it('returns true for hrefs with auth (or pretend auth)', () => {
assert.isTrue(isLinkSneaky('https://user:pass@example.com')); assert.isTrue(isLinkSneaky('https://user:pass@example.com'));
assert.isTrue(isLinkSneaky('https://user:@example.com'));
assert.isTrue(isLinkSneaky('https://:pass@example.com'));
assert.isTrue( assert.isTrue(
isLinkSneaky('http://whatever.com&login=someuser@77777777') isLinkSneaky('http://whatever.com&login=someuser@77777777')
); );