Skip to content

Commit

Permalink
fix homepage punycode display bypass
Browse files Browse the repository at this point in the history
fix brave#11001

Test Plan:
1. automated tests for homepage should pass
2. try setting your homepage to `ebаy.com/`
3. it should display the punycode
  • Loading branch information
diracdeltas authored and syuan100 committed Nov 9, 2017
1 parent 201f1a3 commit b99d81e
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 2 deletions.
2 changes: 1 addition & 1 deletion js/lib/urlutil.js
Original file line number Diff line number Diff line change
Expand Up @@ -354,7 +354,7 @@ const UrlUtil = {
parsed.hostname = punycode.toASCII(parsed.hostname)
return urlFormat(parsed)
} catch (e) {
return url
return punycode.toASCII(url)
}
},

Expand Down
11 changes: 11 additions & 0 deletions test/about/preferencesTest.js
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,17 @@ describe('General Panel', function () {
.waitForInputText(homepageInput, 'https://www.brave.xn--com-8cd/')
})

it('homepage displays punycode without HTTP prefix', function * () {
yield this.app.client
.tabByIndex(0)
.loadUrl(prefsUrl)
.waitForVisible(homepageInput)
.click(homepageInput)
.keys(Array.apply(null, Array(50)).map(() => Brave.keys.BACKSPACE))
.keys('а')
.waitForInputText(homepageInput, 'xn--80a')
})

it('homepage can be backspaced', function * () {
yield this.app.client
.tabByIndex(0)
Expand Down
5 changes: 4 additions & 1 deletion test/unit/lib/urlutilTest.js
Original file line number Diff line number Diff line change
Expand Up @@ -280,9 +280,12 @@ describe('urlutil', function () {
})

describe('getPunycodeUrl', function () {
it('returns empty string if input is not a URL', function () {
it('returns original string if input is ASCII', function () {
assert.equal(urlUtil.getPunycodeUrl('invalid-url-goes-here'), 'invalid-url-goes-here')
})
it('returns punycode ASCII string if input is non-ASCII', function () {
assert.equal(urlUtil.getPunycodeUrl('ebаy.com'), 'xn--eby-7cd.com')
})
it('returns the punycode URL when given a valid URL', function () {
assert.equal(urlUtil.getPunycodeUrl('http://brave:brave@ebаy.com:1234/brave#brave'), 'http://brave:brave@xn--eby-7cd.com:1234/brave#brave')
})
Expand Down

0 comments on commit b99d81e

Please sign in to comment.