Skip to content

Commit

Permalink
fix potential vulnerabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@dmathisen
dmathisen committed Aug 28, 2023
1 parent 27daff3 commit 7cb02b2
Show file tree
Hide file tree
Showing 2 changed files with 80 additions and 37 deletions.
101 changes: 69 additions & 32 deletions components/SearchForm.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,39 +31,76 @@ const SearchForm = () => {
window.location.replace(searchUrl);
}

return(<>
<Form inline onSubmit={handleSearchSubmit} className="mb-4 justify-content-center">
<Form.Control as="select" className="mb-2 mr-sm-2" onChange={(e: any) => setSelectedCategory(e.target.value)}>
<option value=''>- Select Category -</option>
{ searchCategories.map((category: any, index: number) => <option key={index} value={category}>{category}</option>) }
</Form.Control>
<Form.Control type="search" className="mb-2 mr-sm-2" onChange={(e: any) => setSearchText(e.target.value)}></Form.Control>
<Button type="submit" className="mb-2">Search</Button>
<Button type="button" className="mb-2 mr-sm-2" variant="link" onClick={handleSettingsBtnClick}>
<img className="cog" src="./images/cog.png" />
<span className="sr-only">Settings</span>
</Button>
</Form>

<div style={{display: categoryIsSelected ? 'block' : 'none' }}>
{/* list of search sites */}
Sites to search:<br/>
{
categoryIsSelected ? searchSettings[selectedCategory].map((site: string, index: number) =>
<a href={'http://' + site} target="_blank" key={index}><Badge variant="secondary" className="mr-2">{site}</Badge></a>
) : ''
}
</div>
return (
<>
<Form
inline
onSubmit={handleSearchSubmit}
className="mb-4 justify-content-center"
>
<Form.Control
as="select"
className="mb-2 mr-sm-2"
onChange={(e: any) => setSelectedCategory(e.target.value)}
>
<option value="">- Select Category -</option>
{searchCategories.map((category: any, index: number) => (
<option key={index} value={category}>
{category}
</option>
))}
</Form.Control>
<Form.Control
type="search"
className="mb-2 mr-sm-2"
onChange={(e: any) => setSearchText(e.target.value)}
></Form.Control>
<Button type="submit" className="mb-2">
Search
</Button>
<Button
type="button"
className="mb-2 mr-sm-2"
variant="link"
onClick={handleSettingsBtnClick}
>
<img className="cog" src="./images/cog.png" />
<span className="sr-only">Settings</span>
</Button>
</Form>

<style global jsx>{`
.cog {
transition: transform .3s ease-in-out;
}
.cog-active {
transform:rotate(180deg);
}
`}</style>
</>);
<div style={{ display: categoryIsSelected ? "block" : "none" }}>
{/* list of search sites */}
Sites to search:
<br />
{categoryIsSelected
? searchSettings[selectedCategory].map(
(site: string, index: number) => (
<a
href={encodeURIComponent(site)}
target="_blank"
rel="noopener noreferrer"
key={index}
>
<Badge variant="secondary" className="mr-2">
{site}
</Badge>
</a>
)
)
: ""}
</div>

<style global jsx>{`
.cog {
transition: transform 0.3s ease-in-out;
}
.cog-active {
transform: rotate(180deg);
}
`}</style>
</>
);
};

export default SearchForm;
16 changes: 11 additions & 5 deletions utilities/Validation.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,11 +58,17 @@ const Validation = {
},

urlIsValid(site: string): boolean {
if (site.match(/^(?:http(s)?:\/\/)?[\w.-]+(?:\.[\w\.-]+)+[\w\-\._~:/?#[\]@!\$&'\(\)\*\+,;=.]+$/gm)) {
return true;
}
return false;
}
const pattern = new RegExp(
"^(https?:\\/\\/)?" + // protocol
"((([a-z\\d]([a-z\\d-]*[a-z\\d])*)\\.)+[a-z]{2,}|" + // domain name
"((\\d{1,3}\\.){3}\\d{1,3}))" + // OR ip (v4) address
"(\\:\\d+)?(\\/[-a-z\\d%_.~+]*)*" + // port and path
"(\\?[;&a-z\\d%_.~+=-]*)?" + // query string
"(\\#[-a-z\\d_]*)?$", // fragment locator
"i"
);
return !!pattern.test(site);
}
}

export default Validation;

0 comments on commit 7cb02b2

Please sign in to comment.