From 4208f5927e99528932fc383b2e02c945fd1cd49d Mon Sep 17 00:00:00 2001 From: Oleksii Orel Date: Thu, 2 Mar 2023 03:54:46 +0200 Subject: [PATCH] feat: drop 'state', 'session' and 'code' attributes during startup Signed-off-by: Oleksii Orel --- .../pages/GetStarted/GetStartedTab/ImportFromGit/index.tsx | 5 +++-- packages/dashboard-frontend/src/preload/index.ts | 3 ++- .../src/services/helpers/__tests__/location.spec.ts | 2 +- .../dashboard-frontend/src/services/helpers/location.ts | 7 +++++-- 4 files changed, 11 insertions(+), 6 deletions(-) diff --git a/packages/dashboard-frontend/src/pages/GetStarted/GetStartedTab/ImportFromGit/index.tsx b/packages/dashboard-frontend/src/pages/GetStarted/GetStartedTab/ImportFromGit/index.tsx index c8adca1c3..df4e0759f 100644 --- a/packages/dashboard-frontend/src/pages/GetStarted/GetStartedTab/ImportFromGit/index.tsx +++ b/packages/dashboard-frontend/src/pages/GetStarted/GetStartedTab/ImportFromGit/index.tsx @@ -18,6 +18,7 @@ import * as DevfileRegistriesStore from '../../../../store/DevfileRegistries'; import * as FactoryResolverStore from '../../../../store/FactoryResolver'; import { GitRepoLocationInput } from './GitRepoLocationInput'; import { selectWorkspacesSettings } from '../../../../store/Workspaces/Settings/selectors'; +import { sanitizeLocation } from '../../../../services/helpers/location'; type Props = MappedProps & { onDevfileResolve: (resolverState: FactoryResolverStore.ResolverState, location: string) => void; @@ -44,9 +45,9 @@ export class ImportFromGit extends React.PureComponent { } private async handleLocationChange(location: string): Promise { - const factoryUrl = `${window.location.origin}/#${location}`; + const factoryUrl = sanitizeLocation(new window.URL(location)); // open a new page to handle that - window.open(factoryUrl, '_blank'); + window.open(`${window.location.origin}/#${factoryUrl.toString()}`, '_blank'); } public render(): React.ReactNode { diff --git a/packages/dashboard-frontend/src/preload/index.ts b/packages/dashboard-frontend/src/preload/index.ts index a64592eb2..1b1ffff0e 100644 --- a/packages/dashboard-frontend/src/preload/index.ts +++ b/packages/dashboard-frontend/src/preload/index.ts @@ -12,6 +12,7 @@ import { PROPAGATE_FACTORY_ATTRS, REMOTES_ATTR } from '../containers/Loader/const'; import SessionStorageService, { SessionStorageKey } from '../services/session-storage'; +import { sanitizeLocation } from '../services/helpers/location'; (function acceptNewFactoryLink(): void { if (window.location.pathname.startsWith('/dashboard/')) { @@ -47,7 +48,7 @@ export function storePathIfNeeded(path: string) { } export function buildFactoryLoaderPath(url: string, appendUrl = true): string { - const fullUrl = new window.URL(url); + const fullUrl = sanitizeLocation(new window.URL(url)); const initParams = PROPAGATE_FACTORY_ATTRS.map(paramName => { const paramValue = extractUrlParam(fullUrl, paramName); diff --git a/packages/dashboard-frontend/src/services/helpers/__tests__/location.spec.ts b/packages/dashboard-frontend/src/services/helpers/__tests__/location.spec.ts index 59afd1459..08b27ed17 100644 --- a/packages/dashboard-frontend/src/services/helpers/__tests__/location.spec.ts +++ b/packages/dashboard-frontend/src/services/helpers/__tests__/location.spec.ts @@ -26,7 +26,7 @@ describe('location/sanitizeLocation', () => { it('should return sanitized value of location.search', () => { const search = - '?url=https%3A%2F%2Fgithub.com%2Ftest-samples&state=9284564475&session_state=45645654567&code=9844646765&storageType=persistent'; + '?url=https%3A%2F%2Fgithub.com%2Ftest-samples&state=9284564475&session=98765&session_state=45645654567&code=9844646765&storageType=persistent'; const pathname = '/f'; const newLocation = sanitizeLocation({ search, pathname } as Location); diff --git a/packages/dashboard-frontend/src/services/helpers/location.ts b/packages/dashboard-frontend/src/services/helpers/location.ts index 71b0586e3..c5d71ebc7 100644 --- a/packages/dashboard-frontend/src/services/helpers/location.ts +++ b/packages/dashboard-frontend/src/services/helpers/location.ts @@ -98,11 +98,14 @@ export function toHref(history: History, location: Location): string { return history.createHref(location); } -const oauthParams = ['state', 'session_state', 'code']; +const oauthParams = ['state', 'session', 'session_state', 'code']; /** * Removes oauth params. */ -export function sanitizeLocation(location: Location, removeParams: string[] = []): Location { +export function sanitizeLocation( + location: T, + removeParams: string[] = [], +): T { const toRemove = [...oauthParams, ...removeParams]; // clear search params if (location.search) {