From 0b56a8aa879a964c886530e0b6ed6c3a5b92b906 Mon Sep 17 00:00:00 2001 From: Andrey Date: Sun, 15 Oct 2023 14:34:39 +0200 Subject: [PATCH] fix: sanitize() double encode special characters --- packages/apidom-reference/src/util/url.ts | 12 ++++++++++-- packages/apidom-reference/test/util/url.ts | 19 ++++++++++++++++--- 2 files changed, 26 insertions(+), 5 deletions(-) diff --git a/packages/apidom-reference/src/util/url.ts b/packages/apidom-reference/src/util/url.ts index f1a207e01f..f8f4e1387f 100644 --- a/packages/apidom-reference/src/util/url.ts +++ b/packages/apidom-reference/src/util/url.ts @@ -250,8 +250,16 @@ export const sanitize = (uri: string) => { return fromFileSystemPath(toFileSystemPath(uri)); } - // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURI#encoding_for_ipv6 - return encodeURI(decodeURI(uri)).replace(/%5B/g, '[').replace(/%5D/g, ']'); + let returnUri; + + try { + returnUri = new URL(uri).toString(); + } catch (e) { + // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/encodeURI#encoding_for_ipv6 + returnUri = encodeURI(decodeURI(uri)).replace(/%5B/g, '[').replace(/%5D/g, ']'); + } + + return returnUri; }; /** diff --git a/packages/apidom-reference/test/util/url.ts b/packages/apidom-reference/test/util/url.ts index 869a749f52..36c24b2c59 100644 --- a/packages/apidom-reference/test/util/url.ts +++ b/packages/apidom-reference/test/util/url.ts @@ -291,15 +291,28 @@ describe('util', function () { }); }); - context('given percent encoded URL', function () { - specify('should not double percent encode the URL', function () { - const url = 'https://example.com/path%20with%20spaces/'; + context('given ipv6 URL', function () { + specify('should return valid ipV6 URL', function () { + const url = 'http://[2001:db8::1]:81/path/file.html?q=wery'; const sanitized = sanitize(url); assert.strictEqual(sanitized, url); }); }); + context('given percent encoded URL', function () { + specify( + 'should not double percent encode the URL including special characters ; / ? : @ & = + $ , #', + function () { + const url = + 'https://example.com/path%20with%20spaces%2Fslashes%3Bsemicolons/?including=in%3Fparameters'; + const sanitized = sanitize(url); + + assert.strictEqual(sanitized, url); + }, + ); + }); + context('given percent decoded file system path', function () { specify('should sanitize the file system path', function () { const url = '/home/User/path with spaces';