LibWebView: Highlight about: and data: URL schemes

Author: https://github.com/trflynn89
Commit: f1f7f68f36
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/4242

Libraries/LibWebView/URL.cpp

@@ -89,6 +89,14 @@ Vector<URL::URL> sanitize_urls(ReadonlySpan<ByteString> raw_urls, URL::URL const
     return sanitized_urls;
 }
 
+static URLParts break_internal_url_into_parts(URL::URL const& url, StringView url_string)
+{
+    auto scheme = url_string.substring_view(0, url.scheme().bytes_as_string_view().length() + ":"sv.length());
+    auto path = url_string.substring_view(scheme.length());
+
+    return URLParts { scheme, path, {} };
+}
+
 static URLParts break_file_url_into_parts(URL::URL const& url, StringView url_string)
 {
     auto scheme = url_string.substring_view(0, url.scheme().bytes_as_string_view().length() + "://"sv.length());
@@ -141,13 +149,18 @@ Optional<URLParts> break_url_into_parts(StringView url_string)
 
     if (!url_string.starts_with(scheme))
         return {};
-    if (!url_string.substring_view(scheme_length).starts_with("://"sv))
-        return {};
 
-    if (url.scheme() == "file"sv)
+    auto schemeless_url = url_string.substring_view(scheme_length);
-        return break_file_url_into_parts(url, url_string);
+
-    if (url.scheme().is_one_of("http"sv, "https"sv))
+    if (schemeless_url.starts_with("://"sv)) {
-        return break_web_url_into_parts(url, url_string);
+        if (url.scheme() == "file"sv)
+            return break_file_url_into_parts(url, url_string);
+        if (url.scheme().is_one_of("http"sv, "https"sv))
+            return break_web_url_into_parts(url, url_string);
+    } else if (schemeless_url.starts_with(':')) {
+        if (url.scheme().is_one_of("about"sv, "data"sv))
+            return break_internal_url_into_parts(url, url_string);
+    }
 
     return {};
 }

Tests/LibWebView/TestWebViewURL.cpp

@@ -77,6 +77,17 @@ TEST_CASE(invalid_url)
     EXPECT(!WebView::break_url_into_parts("https:"sv).has_value());
     EXPECT(!WebView::break_url_into_parts("https:/"sv).has_value());
     EXPECT(!WebView::break_url_into_parts("https://"sv).has_value());
+
+    EXPECT(!WebView::break_url_into_parts("a"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("ab"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("abo"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("abou"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("about"sv).has_value());
+
+    EXPECT(!WebView::break_url_into_parts("d"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("da"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("dat"sv).has_value());
+    EXPECT(!WebView::break_url_into_parts("data"sv).has_value());
 }
 
 TEST_CASE(file_url)
@@ -112,6 +123,12 @@ TEST_CASE(http_url)
 
 TEST_CASE(about_url)
 {
+    compare_url_parts("about:"sv, { "about:"sv, {}, {} });
+    compare_url_parts("about:a"sv, { "about:"sv, "a"sv, {} });
+    compare_url_parts("about:ab"sv, { "about:"sv, "ab"sv, {} });
+    compare_url_parts("about:abc"sv, { "about:"sv, "abc"sv, {} });
+    compare_url_parts("about:abc/def"sv, { "about:"sv, "abc/def"sv, {} });
+
     EXPECT(!is_sanitized_url_the_same("about"sv));
     EXPECT(!is_sanitized_url_the_same("about blabla:"sv));
     EXPECT(!is_sanitized_url_the_same("blabla about:"sv));
@@ -122,6 +139,12 @@ TEST_CASE(about_url)
 
 TEST_CASE(data_url)
 {
+    compare_url_parts("data:"sv, { "data:"sv, {}, {} });
+    compare_url_parts("data:a"sv, { "data:"sv, "a"sv, {} });
+    compare_url_parts("data:ab"sv, { "data:"sv, "ab"sv, {} });
+    compare_url_parts("data:abc"sv, { "data:"sv, "abc"sv, {} });
+    compare_url_parts("data:abc/def"sv, { "data:"sv, "abc/def"sv, {} });
+
     EXPECT(is_sanitized_url_the_same("data:text/html"sv));
 
     EXPECT(!is_sanitized_url_the_same("data text/html"sv));