From a485bb2010d5969e80c670e6176a90e297e04ce5 Mon Sep 17 00:00:00 2001 From: Connery Noble Date: Sat, 14 Jan 2023 00:14:09 -0800 Subject: [PATCH] add validation for login form's server url --- mobile/assets/i18n/cs-CZ.json | 1 + mobile/assets/i18n/da-DK.json | 1 + mobile/assets/i18n/de-DE.json | 1 + mobile/assets/i18n/en-US.json | 1 + mobile/assets/i18n/es-ES.json | 1 + mobile/assets/i18n/fi-FI.json | 1 + mobile/assets/i18n/fr-FR.json | 1 + mobile/assets/i18n/it-IT.json | 1 + mobile/assets/i18n/ja-JP.json | 1 + mobile/assets/i18n/ko-KR.json | 1 + mobile/assets/i18n/nl-NL.json | 1 + mobile/assets/i18n/pl-PL.json | 1 + mobile/assets/i18n/pt-BR.json | 1 + mobile/assets/i18n/pt-PT.json | 1 + mobile/assets/i18n/ru-RU.json | 1 + mobile/assets/i18n/sk-SK.json | 1 + mobile/assets/i18n/zh-CN.json | 1 + mobile/lib/modules/login/ui/login_form.dart | 11 ++++++++++- mobile/lib/shared/services/api.service.dart | 9 ++------- mobile/lib/utils/url_helper.dart | 8 ++++++++ 20 files changed, 37 insertions(+), 8 deletions(-) create mode 100644 mobile/lib/utils/url_helper.dart diff --git a/mobile/assets/i18n/cs-CZ.json b/mobile/assets/i18n/cs-CZ.json index be8ac18d0a..4536d64c8e 100644 --- a/mobile/assets/i18n/cs-CZ.json +++ b/mobile/assets/i18n/cs-CZ.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://ip-tvého-serveru:port/", "login_form_endpoint_url": "URL adresa serveru", "login_form_err_invalid_email": "Neplatný e-mail", + "login_form_err_invalid_url": "Neplatný URL", "login_form_err_leading_whitespace": "Úvodní mezera", "login_form_err_trailing_whitespace": "Koncová mezera", "login_form_failed_get_oauth_server_config": "Chyba přihlášení pomocí OAuth, zkontrolujte adresu URL serveru", diff --git a/mobile/assets/i18n/da-DK.json b/mobile/assets/i18n/da-DK.json index a722e407aa..f0cfc056fe 100644 --- a/mobile/assets/i18n/da-DK.json +++ b/mobile/assets/i18n/da-DK.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://din-server-ip:port/", "login_form_endpoint_url": "Server Endpoint URL", "login_form_err_invalid_email": "Ugyldig email", + "login_form_err_invalid_url": "Ugyldig URL", "login_form_err_leading_whitespace": "Mellemrum før", "login_form_err_trailing_whitespace": "Mellemrum efter", "login_form_failed_get_oauth_server_config": "Fejl med at logge på med OAuth. Tjek serveres URL", diff --git a/mobile/assets/i18n/de-DE.json b/mobile/assets/i18n/de-DE.json index 7fc88232f7..909039fcda 100644 --- a/mobile/assets/i18n/de-DE.json +++ b/mobile/assets/i18n/de-DE.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://deine-server-ip:port/", "login_form_endpoint_url": "Server URL", "login_form_err_invalid_email": "Ungültige E-Mail", + "login_form_err_invalid_url": "Ungültige URL", "login_form_err_leading_whitespace": "Führendes Leerzichen", "login_form_err_trailing_whitespace": "Folgendes Leerzeichen", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/en-US.json b/mobile/assets/i18n/en-US.json index bdcdba2179..49edbdcf73 100644 --- a/mobile/assets/i18n/en-US.json +++ b/mobile/assets/i18n/en-US.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://your-server-ip:port/", "login_form_endpoint_url": "Server Endpoint URL", "login_form_err_invalid_email": "Invalid Email", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "Leading whitespace", "login_form_err_trailing_whitespace": "Trailing whitespace", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/es-ES.json b/mobile/assets/i18n/es-ES.json index a29737d218..4c0e5ca19a 100644 --- a/mobile/assets/i18n/es-ES.json +++ b/mobile/assets/i18n/es-ES.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://tu-ip-de-servidor:puerto/", "login_form_endpoint_url": "URL del servidor", "login_form_err_invalid_email": "Correo electrónico no válido", + "login_form_err_invalid_url": "URL no válido", "login_form_err_leading_whitespace": "Espacio en blanco inicial", "login_form_err_trailing_whitespace": "Espacio en blanco al final", "login_form_failed_get_oauth_server_config": "Fallo al iniciar sesión con OAuth. Comprueba la URL del servidor.", diff --git a/mobile/assets/i18n/fi-FI.json b/mobile/assets/i18n/fi-FI.json index 6519d49208..62ddda0fd6 100644 --- a/mobile/assets/i18n/fi-FI.json +++ b/mobile/assets/i18n/fi-FI.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://palvelimesi-osoite:portti/", "login_form_endpoint_url": "Palvelimen URL", "login_form_err_invalid_email": "Virheellinen sähköpostiosoite", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "Alussa välilyönti", "login_form_err_trailing_whitespace": "Lopussa välilyönti", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/fr-FR.json b/mobile/assets/i18n/fr-FR.json index 920b41a7c1..dbc2f7d922 100644 --- a/mobile/assets/i18n/fr-FR.json +++ b/mobile/assets/i18n/fr-FR.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://adresse-ip-serveur:port/", "login_form_endpoint_url": "URL du point d'accès au serveur", "login_form_err_invalid_email": "Email invalide", + "login_form_err_invalid_url": "URL invalide", "login_form_err_leading_whitespace": "Espace en début de ligne", "login_form_err_trailing_whitespace": "Espace de fin de ligne", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/it-IT.json b/mobile/assets/i18n/it-IT.json index 5c02a555d3..8418222ed4 100644 --- a/mobile/assets/i18n/it-IT.json +++ b/mobile/assets/i18n/it-IT.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://ip-del-tuo-server:port/", "login_form_endpoint_url": "Server Endpoint URL", "login_form_err_invalid_email": "Email non valida", + "login_form_err_invalid_url": "URL non valida", "login_form_err_leading_whitespace": "Whitespace all'inizio ", "login_form_err_trailing_whitespace": "Whitespace alla fine", "login_form_failed_get_oauth_server_config": "Errore di login usando OAuth, controlla l'URL del server", diff --git a/mobile/assets/i18n/ja-JP.json b/mobile/assets/i18n/ja-JP.json index a7c2b7e148..b3bcc392af 100644 --- a/mobile/assets/i18n/ja-JP.json +++ b/mobile/assets/i18n/ja-JP.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "https://example.com:port/", "login_form_endpoint_url": "サーバーエンドポイントURL", "login_form_err_invalid_email": "メールアドレスが有効じゃないよ", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "最初に半角スペースが含まれてるよ", "login_form_err_trailing_whitespace": "最後に半角スペースが含まれてるよ", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/ko-KR.json b/mobile/assets/i18n/ko-KR.json index f036e46629..a35acd6b9d 100644 --- a/mobile/assets/i18n/ko-KR.json +++ b/mobile/assets/i18n/ko-KR.json @@ -114,6 +114,7 @@ "login_form_endpoint_hint": "https://your-server-ip:port/", "login_form_endpoint_url": "서버 엔드포인트 URL", "login_form_err_invalid_email": "잘못된 이메일 형식입니다", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "이메일 앞에 공백문자가 포함되어 있습니다", "login_form_err_trailing_whitespace": "이메일 뒤에 공백문자가 포함되어 있습니다", "login_form_failed_login": "로그인 오류, 서버 URL, 이메일 및 비밀번호를 확인하세요", diff --git a/mobile/assets/i18n/nl-NL.json b/mobile/assets/i18n/nl-NL.json index 6e17c7c14c..4e82f13764 100644 --- a/mobile/assets/i18n/nl-NL.json +++ b/mobile/assets/i18n/nl-NL.json @@ -80,6 +80,7 @@ "login_form_endpoint_hint": "http://jouw-server-ip:port/", "login_form_endpoint_url": "Server URL", "login_form_err_invalid_email": "Ongeldige Email", + "login_form_err_invalid_url": "Ongeldige URL", "login_form_err_leading_whitespace": "Spatie aan het begin", "login_form_err_trailing_whitespace": "Spatie aan het eind", "login_form_failed_login": "Fout bij inloggen, controleer server url, email en wachtwoord", diff --git a/mobile/assets/i18n/pl-PL.json b/mobile/assets/i18n/pl-PL.json index ea87a9b948..c7986c3080 100644 --- a/mobile/assets/i18n/pl-PL.json +++ b/mobile/assets/i18n/pl-PL.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://ip-twojego-serwera:port/", "login_form_endpoint_url": "URL Serwera", "login_form_err_invalid_email": "Niepoprawny Email", + "login_form_err_invalid_url": "Niepoprawny URL", "login_form_err_leading_whitespace": "Białe znaki", "login_form_err_trailing_whitespace": "Białe znaki po przecinku", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/pt-BR.json b/mobile/assets/i18n/pt-BR.json index 30b681a069..b335e9cdfa 100644 --- a/mobile/assets/i18n/pt-BR.json +++ b/mobile/assets/i18n/pt-BR.json @@ -77,6 +77,7 @@ "login_form_endpoint_hint": "http://your-server-ip:port/", "login_form_endpoint_url": "Server Endpoint URL", "login_form_err_invalid_email": "E-mail inválido", + "login_form_err_invalid_url": "URL inválido", "login_form_err_leading_whitespace": "Leading whitespace", "login_form_err_trailing_whitespace": "Trailing whitespace", "login_form_failed_login": "Erro ao fazer login, verifique a url do servidor, e-mail e senha", diff --git a/mobile/assets/i18n/pt-PT.json b/mobile/assets/i18n/pt-PT.json index d01b33ffb8..1b55d08169 100644 --- a/mobile/assets/i18n/pt-PT.json +++ b/mobile/assets/i18n/pt-PT.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://ip-do-seu-servidor:porta/", "login_form_endpoint_url": "URL do endpoint do servidor", "login_form_err_invalid_email": "Email Inválido", + "login_form_err_invalid_url": "URL Inválido", "login_form_err_leading_whitespace": "Espaço em branco no início", "login_form_err_trailing_whitespace": "Espaço em branco no fim", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/ru-RU.json b/mobile/assets/i18n/ru-RU.json index 834ae96d83..b57579f3e6 100644 --- a/mobile/assets/i18n/ru-RU.json +++ b/mobile/assets/i18n/ru-RU.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://your-server-ip:port/", "login_form_endpoint_url": "Server Endpoint URL", "login_form_err_invalid_email": "Invalid Email", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "Leading whitespace", "login_form_err_trailing_whitespace": "Trailing whitespace", "login_form_failed_get_oauth_server_config": "Error logging using OAuth, check server URL", diff --git a/mobile/assets/i18n/sk-SK.json b/mobile/assets/i18n/sk-SK.json index 5ff2a3d54e..df7534f66a 100644 --- a/mobile/assets/i18n/sk-SK.json +++ b/mobile/assets/i18n/sk-SK.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://ip-tvojho-servera:port/", "login_form_endpoint_url": "URL adresa servera", "login_form_err_invalid_email": "Neplatný e-mail", + "login_form_err_invalid_url": "Neplatný URL", "login_form_err_leading_whitespace": "Úvodná medzera", "login_form_err_trailing_whitespace": "Koncové medzera", "login_form_failed_get_oauth_server_config": "Chyba prihlásenia pomocou OAuth, skontrolujte adresu URL servera", diff --git a/mobile/assets/i18n/zh-CN.json b/mobile/assets/i18n/zh-CN.json index bc0cb5e74f..57c986576c 100644 --- a/mobile/assets/i18n/zh-CN.json +++ b/mobile/assets/i18n/zh-CN.json @@ -117,6 +117,7 @@ "login_form_endpoint_hint": "http://your-server-ip:port/", "login_form_endpoint_url": "服务器地址", "login_form_err_invalid_email": "请输入正确的邮箱", + "login_form_err_invalid_url": "Invalid URL", "login_form_err_leading_whitespace": "前面空格", "login_form_err_trailing_whitespace": "后面空格", "login_form_failed_get_oauth_server_config": "使用 OAuth 时出错,请检查服务器 地址", diff --git a/mobile/lib/modules/login/ui/login_form.dart b/mobile/lib/modules/login/ui/login_form.dart index dd967f8b1a..230252a3df 100644 --- a/mobile/lib/modules/login/ui/login_form.dart +++ b/mobile/lib/modules/login/ui/login_form.dart @@ -13,6 +13,7 @@ import 'package:immich_mobile/shared/providers/asset.provider.dart'; import 'package:immich_mobile/modules/login/providers/authentication.provider.dart'; import 'package:immich_mobile/modules/backup/providers/backup.provider.dart'; import 'package:immich_mobile/shared/ui/immich_toast.dart'; +import 'package:immich_mobile/utils/url_helper.dart'; import 'package:openapi/api.dart'; class LoginForm extends HookConsumerWidget { @@ -215,7 +216,15 @@ class ServerEndpointInput extends StatelessWidget { }) : super(key: key); String? _validateInput(String? url) { - // Can we do any other validation here instead? + if (url == null || url.isEmpty) return null; + + final validate = Uri.tryParse(sanitizeUrl(url)); + if (validate == null || + !validate.isAbsolute || + !validate.scheme.startsWith("http") || + validate.host.isEmpty) { + return 'login_form_err_invalid_url'.tr(); + } return null; } diff --git a/mobile/lib/shared/services/api.service.dart b/mobile/lib/shared/services/api.service.dart index cfe04df89d..28e03a23d5 100644 --- a/mobile/lib/shared/services/api.service.dart +++ b/mobile/lib/shared/services/api.service.dart @@ -1,6 +1,7 @@ import 'dart:convert'; import 'package:flutter/material.dart'; +import 'package:immich_mobile/utils/url_helper.dart'; import 'package:openapi/api.dart'; import 'package:http/http.dart'; @@ -34,13 +35,7 @@ class ApiService { /// port - optional (default: based on schema) /// path - optional Future resolveEndpoint(String serverUrl) async { - // Add schema if none is set - final urlWithSchema = serverUrl.startsWith(RegExp(r"https?://")) - ? serverUrl - : "https://$serverUrl"; - - // Remove trailing slash(es) - final url = urlWithSchema.replaceFirst(RegExp(r"/+$"), ""); + final url = sanitizeUrl(serverUrl); // Check for /.well-known/immich final wellKnownEndpoint = await getWellKnownEndpoint(url); diff --git a/mobile/lib/utils/url_helper.dart b/mobile/lib/utils/url_helper.dart new file mode 100644 index 0000000000..66ce723a95 --- /dev/null +++ b/mobile/lib/utils/url_helper.dart @@ -0,0 +1,8 @@ +String sanitizeUrl(String url) { + // Add schema if none is set + final urlWithSchema = + url.startsWith(RegExp(r"https?://")) ? url : "https://$url"; + + // Remove trailing slash(es) + return urlWithSchema.replaceFirst(RegExp(r"/+$"), ""); +}