From 76db5494d45ca5014efb39f6167be1d2270f6763 Mon Sep 17 00:00:00 2001
From: Danh <nguyenhoaidanh2096@gmail.com>
Date: Mon, 16 Oct 2023 10:49:09 +0700
Subject: [PATCH] validate js first

---
 src/theme/components.tsx | 6 +++---
 src/utils/redirect.ts    | 9 ++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/src/theme/components.tsx b/src/theme/components.tsx
index d00c4dcb9e..963a5df9f5 100644
--- a/src/theme/components.tsx
+++ b/src/theme/components.tsx
@@ -206,7 +206,7 @@ export function ExternalLink({
     <StyledLink
       target={target}
       rel={rel}
-      href={validateRedirectURL(href, { whitelistKyberSwap: false, allowPath: true })}
+      href={validateRedirectURL(href, { whitelistKyberSwap: false, allowRelativePath: true })}
       onClick={handleClick}
       {...rest}
     />
@@ -227,7 +227,7 @@ export function ExternalLinkIcon({
         console.debug('Fired outbound link event', href)
       } else {
         event.preventDefault()
-        navigateToUrl(href, { whitelistKyberSwap: false, allowPath: true })
+        navigateToUrl(href, { whitelistKyberSwap: false, allowRelativePath: true })
       }
     },
     [href, target],
@@ -236,7 +236,7 @@ export function ExternalLinkIcon({
     <LinkIconWrapper
       target={target}
       rel={rel}
-      href={validateRedirectURL(href, { whitelistKyberSwap: false, allowPath: true })}
+      href={validateRedirectURL(href, { whitelistKyberSwap: false, allowRelativePath: true })}
       onClick={handleClick}
       {...rest}
     >
diff --git a/src/utils/redirect.ts b/src/utils/redirect.ts
index f41e6c1fa4..dbbf169fd6 100644
--- a/src/utils/redirect.ts
+++ b/src/utils/redirect.ts
@@ -7,17 +7,16 @@ import { useChangeNetwork } from 'hooks/web3/useChangeNetwork'
 
 const whiteListDomains = [/https:\/\/(.+?\.)?kyberswap\.com$/, /https:\/\/(.+)\.kyberengineering\.io$/]
 
-type Options = { whitelistKyberSwap?: boolean; allowPath?: boolean }
+type Options = { whitelistKyberSwap?: boolean; allowRelativePath?: boolean }
 export const validateRedirectURL = (
   url: string | undefined,
-  { whitelistKyberSwap = true, allowPath = false }: Options = {},
+  { whitelistKyberSwap = true, allowRelativePath = false }: Options = {},
 ) => {
   try {
-    if (!url) throw new Error()
-    if (allowPath && url.startsWith('/')) return url
+    if (!url || url.endsWith('.js')) throw new Error()
+    if (allowRelativePath && url.startsWith('/')) return url
     const newUrl = new URL(url) // valid url
     if (
-      url.endsWith('.js') ||
       newUrl.pathname.endsWith('.js') ||
       !['https:', 'http:'].includes(newUrl.protocol) ||
       (whitelistKyberSwap && !whiteListDomains.some(regex => newUrl.origin.match(regex)))