Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix: Add validation for whitespaces included in a query Url #1305

Merged
merged 4 commits into from
Dec 9, 2021
Merged

Fix: Add validation for whitespaces included in a query Url #1305

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e6236df
trim spaces
ElinorW Dec 7, 2021
661cfa9
undo trim
ElinorW Dec 9, 2021
27bd6f0
add whitespace validation
ElinorW Dec 9, 2021
8ac52a9
Merge branch 'dev' into fix/url-space
ElinorW Dec 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 7 additions & 2 deletions src/app/utils/sample-url-generation.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ export function parseSampleUrl(url: string, version?: string) {
queryVersion = (version) ? version : urlObject.pathname.substring(1, 5);
search = generateSearchParameters(urlObject, search);
sampleUrl = `${GRAPH_URL}/${queryVersion}/${requestUrl + search}`;
} catch (error) {
} catch (error:any) {
if (error.message === 'Failed to construct \'URL\': Invalid URL') {
return {
queryVersion, requestUrl, sampleUrl, search
Expand All @@ -33,7 +33,7 @@ function generateSearchParameters(urlObject: URL, search: string) {
try {
search = decodeURI(searchParameters);
}
catch (error) {
catch (error:any) {
if (error.message === 'URI malformed') {
search = searchParameters;
}
Expand All @@ -42,3 +42,8 @@ function generateSearchParameters(urlObject: URL, search: string) {
return search;
}

export function hasWhiteSpace(url: string):boolean {
const parts = url.split('?');
const whitespaceChars = [' ', '\t', '\n', '%20'];
return whitespaceChars.some(char => parts[0].includes(char));
}
14 changes: 12 additions & 2 deletions src/app/views/query-runner/query-input/auto-complete/AutoComplete.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import { IRootState } from '../../../../../types/root';
import * as autoCompleteActionCreators from '../../../../services/actions/autocomplete-action-creators';
import { dynamicSort } from '../../../../utils/dynamic-sort';
import { sanitizeQueryUrl } from '../../../../utils/query-url-sanitization';
import { parseSampleUrl } from '../../../../utils/sample-url-generation';
import { hasWhiteSpace, parseSampleUrl } from '../../../../utils/sample-url-generation';
import { translateMessage } from '../../../../utils/translate-messages';
import { queryInputStyles } from '../QueryInput.styles';
import {
Expand Down Expand Up @@ -389,7 +389,7 @@ class AutoComplete extends Component<IAutoCompleteProps, IAutoCompleteState> {
onRenderSuffix={(this.renderSuffix()) ? this.renderSuffix : undefined}
ariaLabel={translateMessage('Query Sample Input')}
role='textbox'
errorMessage={!queryUrl ? translateMessage('Missing url') : ''}
errorMessage={getErrorMessage()}
/>
</div>
{showSuggestions && userInput && filteredSuggestions.length > 0 &&
Expand All @@ -399,6 +399,16 @@ class AutoComplete extends Component<IAutoCompleteProps, IAutoCompleteState> {
onClick={(e: any) => this.selectSuggestion(e)} />}
</div>
);

function getErrorMessage(): string | JSX.Element | undefined {
if( !queryUrl){
return translateMessage('Missing url');
}
if(hasWhiteSpace(queryUrl)){
return translateMessage('Invalid whitespace in URL');
}
return '';
}
}
}

Expand Down
3 changes: 2 additions & 1 deletion src/messages/GE.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -431,5 +431,6 @@
"Preview collection": "Preview collection",
"Download postman collection": "Download postman collection",
"You can export the entire list as a Postman Collection. If there are items in the list you would not want, select them to remove": "You can export the entire list as a Postman Collection. If there are items in the list you would not want, select them to remove",
"Copied": "Copied"
"Copied": "Copied",
"Invalid whitespace in URL": "Invalid whitespace in URL"
}
22 changes: 21 additions & 1 deletion src/tests/utils/sample-url-generation.spec.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { parseSampleUrl } from '../../app/utils/sample-url-generation';
import { hasWhiteSpace, parseSampleUrl } from '../../app/utils/sample-url-generation';

describe('Sample Url Generation', () => {

Expand Down Expand Up @@ -76,3 +76,23 @@ describe('Sample Url Generation', () => {
});

});


describe('hasWhiteSpaces should', () => {
const invalidUrls = [
{url: ' https://graph.microsoft.com/v1.0/me', output: true},
{url: 'https: //graph.microsoft.com/v1.0/me', output: true},
{url: 'https://%20graph.microsoft.com/v1.0/me', output: true},
{url: 'https://graph.microsoft.com/ v1.0/me', output: true},
{url: 'https://graph.microsoft.com/v1.0/ me', output: true},
{url:
'https://graph.microsoft.com/v1.0/me/contacts?$filter=emailAddresses/any(a:a/address eq \'[email protected]\')',
output: false}
];
invalidUrls.forEach(invalidUrl => {
it(`validate whitespaces in the url: ${invalidUrl.url}`, () => {
expect(hasWhiteSpace(invalidUrl.url)).toBe(invalidUrl.output);
});
});
});