Bug 1841869 - entering "abc @xyz.[TLD]" in address bar opens a prompt regarding loading "xyz.[TLD]" instead of searching for "abc @xyz.[TLD]" on the default search engine.r=adw

Differential Revision: https://phabricator.services.mozilla.com/D198196
2024-11-23 21:01:08 +00:00 · 2024-01-31 19:07:57 +00:00 · 2024-01-31 19:07:57 +00:00 · 9cf6a2cfc5
commit 9cf6a2cfc5
parent 12fa277cdd
4 changed files with 119 additions and 5 deletions
--- a/browser/components/urlbar/UrlbarUtils.sys.mjs
+++ b/browser/components/urlbar/UrlbarUtils.sys.mjs
@ -2167,10 +2167,7 @@ export class UrlbarQueryContext {
      }

      try {
-        let info = Services.uriFixup.getFixupURIInfo(
-          this.trimmedSearchString,
-          flags
-        );
+        let info = Services.uriFixup.getFixupURIInfo(this.searchString, flags);

        this._fixupInfo = {
          href: info.fixedURI.spec,
--- a/browser/components/urlbar/tests/unit/test_providerHeuristicFallback.js
+++ b/browser/components/urlbar/tests/unit/test_providerHeuristicFallback.js
@ -702,6 +702,65 @@ add_task(async function () {
  await PlacesUtils.history.clear();
 });

+add_task(async function dont_fixup_urls_with_at_symbol() {
+  info("don't fixup search string if it contains no protocol and spaces.");
+  let query = "Lorem Ipsum @mozilla.org";
+  let context = createContext(query, { isPrivate: false });
+  await check_results({
+    context,
+    matches: [
+      makeSearchResult(context, {
+        engineName: SUGGESTIONS_ENGINE_NAME,
+        heuristic: true,
+      }),
+    ],
+  });
+
+  query = "http://Lorem Ipsum @mozilla.org";
+  context = createContext(query, { isPrivate: false });
+  await check_results({
+    context,
+    matches: [
+      makeVisitResult(context, {
+        source: UrlbarUtils.RESULT_SOURCE.OTHER_LOCAL,
+        uri: `http://Lorem%20Ipsum%20@mozilla.org/`,
+        fallbackTitle: `${query}/`,
+        heuristic: true,
+      }),
+    ],
+  });
+  query = "https://Lorem Ipsum @mozilla.org";
+  context = createContext(query, { isPrivate: false });
+  await check_results({
+    context,
+    matches: [
+      makeVisitResult(context, {
+        source: UrlbarUtils.RESULT_SOURCE.OTHER_LOCAL,
+        uri: `https://Lorem%20Ipsum%20@mozilla.org/`,
+        fallbackTitle: `${query}/`,
+        heuristic: true,
+      }),
+    ],
+  });
+
+  query = "LoremIpsum@mozilla.org";
+  context = createContext(query, { isPrivate: false });
+  await check_results({
+    context,
+    matches: [
+      makeVisitResult(context, {
+        source: UrlbarUtils.RESULT_SOURCE.OTHER_LOCAL,
+        uri: `http://${query}/`,
+        fallbackTitle: `http://${query}/`,
+        heuristic: true,
+      }),
+      makeSearchResult(context, {
+        engineName: SUGGESTIONS_ENGINE_NAME,
+      }),
+    ],
+  });
+});
+
 /**
 * Returns an array of code points in the given string.  Each code point is
 * returned as a hexidecimal string.
--- a/docshell/base/URIFixup.sys.mjs
+++ b/docshell/base/URIFixup.sys.mjs
@ -161,6 +161,13 @@ ChromeUtils.defineLazyGetter(
    /^(?:[a-z+.-]+:\/*(?!\/))?\[(?:[0-9a-f]{0,4}:){0,7}[0-9a-f]{0,4}\]?(?::\d+|\/)?/i
 );

+// Regex used to detect spaces in URL credentials.
+ChromeUtils.defineLazyGetter(
+  lazy,
+  "DetectSpaceInCredentialsRegex",
+  () => /^[^/]*\s[^/]*@/
+);
+
 // Cache of known domains.
 ChromeUtils.defineLazyGetter(lazy, "knownDomains", () => {
  const branch = "browser.fixup.domainwhitelist.";
@ -277,6 +284,7 @@ URIFixup.prototype = {

  getFixupURIInfo(uriString, fixupFlags = FIXUP_FLAG_NONE) {
    let isPrivateContext = fixupFlags & FIXUP_FLAG_PRIVATE_CONTEXT;
+    let untrimmedURIString = uriString;

    // Eliminate embedded newlines, which single-line text fields now allow,
    // and cleanup the empty spaces and tabs that might be on each end.
@ -379,7 +387,11 @@ URIFixup.prototype = {
    // Avoid fixing up content that looks like tab-separated values.
    // Assume that 1 tab is accidental, but more than 1 implies this is
    // supposed to be tab-separated content.
-    if (!isCommonProtocol && lazy.maxOneTabRegex.test(uriString)) {
+    if (
+      !isCommonProtocol &&
+      lazy.maxOneTabRegex.test(uriString) &&
+      !lazy.DetectSpaceInCredentialsRegex.test(untrimmedURIString)
+    ) {
      let uriWithProtocol = fixupURIProtocol(uriString);
      if (uriWithProtocol) {
        info.fixedURI = uriWithProtocol;
--- a/docshell/test/unit/test_URIFixup.js
+++ b/docshell/test/unit/test_URIFixup.js
@ -69,6 +69,35 @@ var data = [
    wrong: "whatever://this/is/a/test.html",
    fixed: "whatever://this/is/a/test.html",
  },
+  {
+    // Spaces before @ are valid if it appears after the domain.
+    wrong: "example.com/ @test.com",
+    fixed: "http://example.com/%20@test.com",
+    noPrefValue: "http://example.com/%20@test.com",
+  },
+];
+
+var dontFixURIs = [
+  {
+    input: " leadingSpaceUsername@example.com/",
+    testInfo: "dont fix usernames with leading space",
+  },
+  {
+    input: "trailingSpacerUsername @example.com/",
+    testInfo: "dont fix usernames with trailing space",
+  },
+  {
+    input: "multiple words username@example.com/",
+    testInfo: "dont fix usernames with multiple spaces",
+  },
+  {
+    input: "one spaceTwo  SpacesThree   Spaces@example.com/",
+    testInfo: "dont match multiple consecutive spaces",
+  },
+  {
+    input: " dontMatchCredentialsWithSpaces: secret password @example.com/",
+    testInfo: "dont fix credentials with spaces",
+  },
 ];

 var len = data.length;
@ -121,3 +150,20 @@ add_task(function test_true_pref_fixes_typos() {
    Assert.equal(preferredURI.spec, item.fixed);
  }
 });
+
+add_task(function test_dont_fix_uris() {
+  let dontFixLength = dontFixURIs.length;
+  for (let i = 0; i < dontFixLength; i++) {
+    let testCase = dontFixURIs[i];
+    Assert.throws(
+      () => {
+        Services.uriFixup.getFixupURIInfo(
+          testCase.input,
+          Services.uriFixup.FIXUP_FLAG_FIX_SCHEME_TYPOS
+        );
+      },
+      /NS_ERROR_MALFORMED_URI/,
+      testCase.testInfo
+    );
+  }
+});