From 533a60e2182d5cc2057c4401af50782a7f7ed210 Mon Sep 17 00:00:00 2001 From: Daniel Date: Thu, 6 Mar 2025 11:57:37 +1100 Subject: [PATCH] refactor: Add internal method `Utils.encodeForUrl` for properly encoding email addresses for use in URLs (#9541) --- spec/Utils.spec.js | 11 +++++++++++ src/Controllers/UserController.js | 1 - src/Utils.js | 11 +++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/spec/Utils.spec.js b/spec/Utils.spec.js index 3aa31a74..fe86854e 100644 --- a/spec/Utils.spec.js +++ b/spec/Utils.spec.js @@ -1,6 +1,17 @@ const Utils = require('../src/Utils'); describe('Utils', () => { + describe('encodeForUrl', () => { + it('should properly escape email with all special ASCII characters for use in URLs', async () => { + const values = [ + { input: `!\"'),.:;<>?]^}`, output: '%21%22%27%29%2C%2E%3A%3B%3C%3E%3F%5D%5E%7D' }, + ] + for (const value of values) { + expect(Utils.encodeForUrl(value.input)).toBe(value.output); + } + }); + }); + describe('addNestedKeysToRoot', () => { it('should move the nested keys to root of object', async () => { const obj = { diff --git a/src/Controllers/UserController.js b/src/Controllers/UserController.js index 455ec038..296b7f68 100644 --- a/src/Controllers/UserController.js +++ b/src/Controllers/UserController.js @@ -282,7 +282,6 @@ export class UserController extends AdaptableController { user = await this.setPasswordResetToken(email); } const token = encodeURIComponent(user._perishable_token); - const link = buildEmailLink(this.config.requestResetPasswordURL, token, this.config); const options = { appName: this.config.appName, diff --git a/src/Utils.js b/src/Utils.js index b77a3d85..72b49aee 100644 --- a/src/Utils.js +++ b/src/Utils.js @@ -399,6 +399,17 @@ class Utils { } return obj; } + + /** + * Encodes a string to be used in a URL. + * @param {String} input The string to encode. + * @returns {String} The encoded string. + */ + static encodeForUrl(input) { + return encodeURIComponent(input).replace(/[!'.()*]/g, char => + '%' + char.charCodeAt(0).toString(16).toUpperCase() + ); + } } module.exports = Utils;