LibWebView: Do not use AK::format to format search engine URLs

This is to prepare for custom search engines. If we use AK::format, it would be trivial for a user (or bad actor) to come up with a template search engine URL that ultimately crashes the browser due to internal assertions in AK::format. For example: https://example.com/crash={1} Rather than coming up with a complicated pre-format validator, let's just not use AK::format. Custom URLs will signify their template query parameters with "%s". So we can do the same with our built-in engines. When it comes time to format the URL, we will do a simple string replacement.
Author: https://github.com/trflynn89 Commit: dbf4b189a4 Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/4237
2025-05-19 01:22:54 +00:00 · 2025-04-04 17:32:04 -04:00 · 2025-04-04 17:32:04 -04:00 · dbf4b189a4 · 2025-04-06 11:46:09 +00:00
commit dbf4b189a4
parent cbee476dac
9 changed files with 44 additions and 56 deletions
--- a/Libraries/LibWebView/SearchEngine.cpp
+++ b/Libraries/LibWebView/SearchEngine.cpp
@ -5,21 +5,22 @@
 */

 #include <AK/Find.h>
+#include <LibURL/URL.h>
 #include <LibWebView/SearchEngine.h>

 namespace WebView {

 static auto builtin_search_engines = to_array<SearchEngine>({
-    { "Bing"_string, "https://www.bing.com/search?q={}"_string },
-    { "Brave"_string, "https://search.brave.com/search?q={}"_string },
-    { "DuckDuckGo"_string, "https://duckduckgo.com/?q={}"_string },
-    { "Ecosia"_string, "https://ecosia.org/search?q={}"_string },
-    { "Google"_string, "https://www.google.com/search?q={}"_string },
-    { "Kagi"_string, "https://kagi.com/search?q={}"_string },
-    { "Mojeek"_string, "https://www.mojeek.com/search?q={}"_string },
-    { "Startpage"_string, "https://startpage.com/search?q={}"_string },
-    { "Yahoo"_string, "https://search.yahoo.com/search?p={}"_string },
-    { "Yandex"_string, "https://yandex.com/search/?text={}"_string },
+    { "Bing"_string, "https://www.bing.com/search?q=%s"_string },
+    { "Brave"_string, "https://search.brave.com/search?q=%s"_string },
+    { "DuckDuckGo"_string, "https://duckduckgo.com/?q=%s"_string },
+    { "Ecosia"_string, "https://ecosia.org/search?q=%s"_string },
+    { "Google"_string, "https://www.google.com/search?q=%s"_string },
+    { "Kagi"_string, "https://kagi.com/search?q=%s"_string },
+    { "Mojeek"_string, "https://www.mojeek.com/search?q=%s"_string },
+    { "Startpage"_string, "https://startpage.com/search?q=%s"_string },
+    { "Yahoo"_string, "https://search.yahoo.com/search?p=%s"_string },
+    { "Yandex"_string, "https://yandex.com/search/?text=%s"_string },
 });

 ReadonlySpan<SearchEngine> search_engines()
@ -34,29 +35,20 @@ Optional<SearchEngine> find_search_engine_by_name(StringView name)
    });
 }

-Optional<SearchEngine const&> find_search_engine_by_query_url(StringView query_url)
-{
-    return find_value(builtin_search_engines, [&](auto const& engine) {
-        return engine.query_url == query_url;
-    });
-}
-
-String format_search_query_for_display(StringView query_url, StringView query)
+String SearchEngine::format_search_query_for_display(StringView query) const
 {
    static constexpr auto MAX_SEARCH_STRING_LENGTH = 32;

-    if (auto search_engine = find_search_engine_by_query_url(query_url); search_engine.has_value()) {
-        return MUST(String::formatted("Search {} for \"{:.{}}{}\"",
-            search_engine->name,
-            query,
-            MAX_SEARCH_STRING_LENGTH,
-            query.length() > MAX_SEARCH_STRING_LENGTH ? "..."sv : ""sv));
-    }
-
-    return MUST(String::formatted("Search for \"{:.{}}{}\"",
+    return MUST(String::formatted("Search {} for \"{:.{}}{}\"",
+        name,
        query,
        MAX_SEARCH_STRING_LENGTH,
        query.length() > MAX_SEARCH_STRING_LENGTH ? "..."sv : ""sv));
 }

+String SearchEngine::format_search_query_for_navigation(StringView query) const
+{
+    return MUST(query_url.replace("%s"sv, URL::percent_encode(query), ReplaceMode::All));
+}
+
 }