2022-12-20 12:26:21 +00:00
|
|
|
(ns utils.security.core
|
|
|
|
(:require [utils.security.security-html :as h]))
|
2018-05-22 08:07:27 +00:00
|
|
|
|
|
|
|
(defprotocol Unmaskable
|
|
|
|
;; Retrieve the stored value.
|
|
|
|
(unmask [this]))
|
|
|
|
|
|
|
|
;; MaskedData ensures that the object passed to it won't be occasionally printed
|
|
|
|
;; via println or log functions. Useful for keeping sensitive data, such as passwords
|
|
|
|
;; to avoid accidentally exposing them.
|
|
|
|
(deftype MaskedData [data]
|
|
|
|
Object
|
2022-12-20 14:45:37 +00:00
|
|
|
(toString [_] "******")
|
2020-06-09 14:56:49 +00:00
|
|
|
|
|
|
|
ICounted
|
2022-12-20 14:45:37 +00:00
|
|
|
(-count [^js this]
|
|
|
|
(count (.-data this)))
|
2020-06-09 14:56:49 +00:00
|
|
|
|
|
|
|
IEquiv
|
2022-12-20 14:45:37 +00:00
|
|
|
(-equiv [this other]
|
|
|
|
(if (instance? MaskedData other)
|
|
|
|
(= (unmask this)
|
|
|
|
(unmask other))
|
|
|
|
false))
|
2020-06-09 14:56:49 +00:00
|
|
|
|
2018-05-22 08:07:27 +00:00
|
|
|
Unmaskable
|
2022-12-20 14:45:37 +00:00
|
|
|
(unmask [^js this]
|
|
|
|
(.-data this)))
|
2018-05-22 08:07:27 +00:00
|
|
|
|
|
|
|
;; Returns a MaskedData instance that stores the piece of data.
|
2022-12-20 14:45:37 +00:00
|
|
|
(defn mask-data
|
|
|
|
[data]
|
2018-05-22 08:07:27 +00:00
|
|
|
(MaskedData. data))
|
2018-10-20 15:29:11 +00:00
|
|
|
|
2022-12-20 14:45:37 +00:00
|
|
|
(defn safe-unmask-data
|
|
|
|
[data]
|
2018-10-20 15:29:11 +00:00
|
|
|
(if (instance? MaskedData data)
|
|
|
|
(unmask data)
|
|
|
|
data))
|
2019-08-28 07:05:04 +00:00
|
|
|
|
|
|
|
;; Links starting with javascript:// should not be handled at all
|
Render markdown
Fixes: https://github.com/status-im/trailofbits-audit/issues/47
Fixes: https://github.com/status-im/trailofbits-audit/issues/46
Fixes: https://github.com/status-im/trailofbits-audit/issues/44
Fixes: https://github.com/status-im/security-reports/issues/13
Fixes: https://github.com/status-im/security-reports/issues/5
Fixes: https://github.com/status-im/status-react/issues/8995
This commits re-introduce rendering of markdown text and implent a few
changes:
1) Parsing of the message content is now in status-go, this includes
markdown, line-count, and rtl. Parsing is not nested, as there's some
rendering degradation involved as we nest components, unclear exactly if
it's react-native or clojure, haven't looked too deeply into it.
2) Emojii type messages are not parsed on the sending side, not the
receiving one, using the appropriate content-type
3) Fixes a few issues with chat input rendering, currrently we use
`chats/current-chat` subscription which is very heavy and should not be
used unless necessary, and means that
any change to chat will trigger a re-render, which caused re-rendering
of input container on each received message. Also to note that
input-container is fairly heavy to render, and it's rendered twice at
each keypress on input.
The inline markdow supported is:
*italic* or _italic_
**bold** or __bold__
`inline code`
http://test.com links
\#status-tag
The block markdown supported is:
\# Headers
```
code blocks
```
> Quotereply
The styling is very basic at the moment, but can be improved.
Adding other markdown (photo,mentions) is straightforward and should
come at little performance cost (unless the component to render is
heavy, i.e a photo for example).
There are some behavioral changes with this commit:
1) Links are only parsed if starting with http:// or https://, meaning that
blah.com won't be parsed, nor www.test.com. This behavior is consistent
with discord for example and allows faster parsing at little expense to
ser experience imo. Fixes a few security issues as well.
2) Content is not anymore capped (regression), that's due to the fact that
before we only rendered text and react-native allowed us easily to limit
the number of lines, but adding markdown support means that this
strategy is not viable anymore. Performance of rendering don't see to be
very much impacted by this, I would re-introduce it if necessary, but
I'd rather do that in a separate PR.
Signed-off-by: Andrea Maria Piana <andrea.maria.piana@gmail.com>
2019-11-07 13:41:37 +00:00
|
|
|
(def javascript-link-regex #"(?i)javascript://.*")
|
2019-08-28 07:05:04 +00:00
|
|
|
;; Anything with rtlo character we don't handle as it might be a spoofed url
|
|
|
|
(def rtlo-link-regex #".*\u202e.*")
|
|
|
|
|
|
|
|
(defn safe-link?
|
|
|
|
"Check the link is safe to be handled, it is not a javavascript link or contains
|
|
|
|
an rtlo character, which might mean is a spoofed url"
|
|
|
|
[link]
|
2020-06-19 06:28:13 +00:00
|
|
|
(let [decoded-link (js/decodeURIComponent link)]
|
|
|
|
(not (or (re-matches javascript-link-regex decoded-link)
|
|
|
|
(re-matches rtlo-link-regex decoded-link)
|
|
|
|
(h/is-html? decoded-link)))))
|
2019-08-28 07:05:04 +00:00
|
|
|
|
|
|
|
(defn safe-link-text?
|
|
|
|
"Check the text of the message containing a link is safe to be handled
|
|
|
|
and does not contain an rtlo character, which might mean that the url is spoofed"
|
|
|
|
[text]
|
|
|
|
(not (re-matches rtlo-link-regex text)))
|