validate some function

KyberNetwork · Oct 3, 2023 · e266379 · e266379
1 parent f51aeec
commit e266379
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 20 deletions.
diff --git a/src/components/Announcement/helper.ts b/src/components/Announcement/helper.ts
@@ -8,6 +8,7 @@ import { TIMES_IN_SECS } from 'constants/index'
 import { useActiveWeb3React } from 'hooks'
 import { useChangeNetwork } from 'hooks/web3/useChangeNetwork'
 import { useAppDispatch } from 'state/hooks'
+import { isValidRedirectURL } from 'utils/redirect'
 
 const LsKey = 'ack-announcements'
 export const getAnnouncementsAckMap = () => JSON.parse(localStorage[LsKey] || '{}')
@@ -63,6 +64,7 @@ export const useNavigateToUrl = () => {
         return
       }
       const { pathname, host, search } = new URL(actionURL)
+      if (!isValidRedirectURL(actionURL, false)) return
       if (window.location.host === host) {
         navigate(`${pathname}${search}`)
       } else {

diff --git a/src/pages/Oauth/AuthForm/ButtonEth.tsx b/src/pages/Oauth/AuthForm/ButtonEth.tsx
@@ -9,9 +9,9 @@ import Loader from 'components/Loader'
 import { useActiveWeb3React } from 'hooks'
 import useAutoSignIn from 'pages/Oauth/AuthForm/useAutoSignIn'
 import { FlowStatus } from 'pages/Oauth/Login'
-import { isValidRedirectURL } from 'pages/Oauth/helpers'
 import { useWalletModalToggle } from 'state/application/hooks'
 import { ExternalLink } from 'theme'
+import { isValidRedirectURL } from 'utils/redirect'
 
 const ButtonEth = ({
   loading,

diff --git a/src/pages/Oauth/helpers.ts b/src/pages/Oauth/helpers.ts
@@ -4,24 +4,6 @@ export const getSupportLoginMethods = (loginFlow: LoginFlow | undefined) => {
   return loginFlow?.oauth_client?.metadata?.allowed_login_methods ?? []
 }
 
-const whiteListDomains = [/https:\/\/(.+?\.)?kyberswap\.com$/, /https:\/\/(.+)\.kyberengineering\.io$/]
-export const isValidRedirectURL = (url: string | undefined, checkWhitelist = true) => {
-  try {
-    if (!url) return false
-    const newUrl = new URL(url) // valid url
-    if (
-      url.endsWith('.js') ||
-      newUrl.pathname.endsWith('.js') ||
-      (checkWhitelist && !whiteListDomains.some(regex => newUrl.origin.match(regex)))
-    ) {
-      return false
-    }
-    return newUrl.protocol === 'http:' || newUrl.protocol === 'https:'
-  } catch (error) {
-    return false
-  }
-}
-
 type MessageParams = {
   domain: string
   uri: string

diff --git a/src/theme/components.tsx b/src/theme/components.tsx
@@ -4,7 +4,7 @@ import { ArrowLeft, ExternalLink as LinkIconFeather, X } from 'react-feather'
 import { Link } from 'react-router-dom'
 import styled, { css, keyframes } from 'styled-components'
 
-import { isValidRedirectURL } from 'pages/Oauth/helpers'
+import { isValidRedirectURL } from 'utils/redirect'
 
 export const ButtonText = styled.button<{ color?: string; gap?: string }>`
   outline: none;

diff --git a/src/utils/redirect.ts b/src/utils/redirect.ts
@@ -0,0 +1,17 @@
+const whiteListDomains = [/https:\/\/(.+?\.)?kyberswap\.com$/, /https:\/\/(.+)\.kyberengineering\.io$/]
+export const isValidRedirectURL = (url: string | undefined, checkWhitelist = true) => {
+  try {
+    if (!url) return false
+    const newUrl = new URL(url) // valid url
+    if (
+      url.endsWith('.js') ||
+      newUrl.pathname.endsWith('.js') ||
+      (checkWhitelist && !whiteListDomains.some(regex => newUrl.origin.match(regex)))
+    ) {
+      return false
+    }
+    return newUrl.protocol === 'http:' || newUrl.protocol === 'https:'
+  } catch (error) {
+    return false
+  }
+}