Incorrect regexp in OpenSearch

RESOLVED FIXED in Thunderbird 12.0

Status

MailNews Core
Search
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: dveditz, Assigned: standard8)

Tracking

unspecified
Thunderbird 12.0

Thunderbird Tracking Flags

(thunderbird10+ fixed, thunderbird11 fixed)

Details

Attachments

(1 attachment)

(Reporter)

Description

6 years ago
Minor RegExp issue in the webSearchTab.js code that tries to validate clicked links come from Google search requests.

http://hg.mozilla.org/comm-central/annotate/4b427d4f3721/mail/base/content/webSearchTab.js#l244

A regexp of "\/url?" will match "/ur"-anything because the question mark makes the "l" optional. What you really want there is  /^\/url\?/.test()

Not really a big deal since you're also checking the host, unlikely that Google would try to fool Thunderbird for malicious purposes. If anything you'll match too much and then send legit intra-Google URLs to the external browser.
(Assignee)

Updated

6 years ago
tracking-thunderbird10: --- → +

Comment 1

6 years ago
It seems that Google doesn't use redirects for its search results anymore (nor does Yahoo), so we should just remove this. We need to keep the special-casing for the Yahoo host name though, since image search is on a different subdomain.
Do we need to fix this before we release 10.0 ?
(Assignee)

Comment 3

5 years ago
Created attachment 591270 [details] [diff] [review]
The fix

As discussed on irc, this should fix it so that just search? urls stay within google (assuming the pre & post hosts are the same).
Assignee: nobody → mbanner
Status: NEW → ASSIGNED
Attachment #591270 - Flags: review?(squibblyflabbetydoo)

Comment 4

5 years ago
Comment on attachment 591270 [details] [diff] [review]
The fix

Looks good, as discussed on IRC.
Attachment #591270 - Flags: review?(squibblyflabbetydoo) → review+
(Assignee)

Updated

5 years ago
Attachment #591270 - Flags: approval-comm-beta+
Attachment #591270 - Flags: approval-comm-aurora+
(Assignee)

Comment 5

5 years ago
Checked in:

http://hg.mozilla.org/comm-central/rev/ec4b5babe566
http://hg.mozilla.org/releases/comm-aurora/rev/265bf7f9a168
http://hg.mozilla.org/releases/comm-beta/rev/8044e1ef0c20
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
status-thunderbird10: --- → fixed
status-thunderbird11: --- → fixed
OS: Mac OS X → All
Hardware: x86 → All
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 12.0
You need to log in before you can comment on or make changes to this bug.