-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix URL sanitizer for long URLs #16026
Fix URL sanitizer for long URLs #16026
Conversation
template<> | ||
struct fmt::formatter<winrt::hstring, wchar_t> : fmt::formatter<fmt::wstring_view, wchar_t> | ||
{ | ||
auto format(const winrt::hstring& str, auto& ctx) | ||
{ | ||
return fmt::formatter<fmt::wstring_view, wchar_t>::format({ str.data(), str.size() }, ctx); | ||
} | ||
}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems like we don't have any fmt::format
call that uses FMT_COMPILE
on hstring
arguments, or any fmt::format
that uses >1 hstring
argument. The above one seems to be a first.
...because it appears as if right now we implicitly cast all hstring
arguments to C-strings during formatting. This new custom formatter ensures they're treated like string-views (and it allows the above code to compile).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
i love this. does it make the transition to 10.1.1 any easier?
f1aa699 was fundamentally incorrect as it used `IdnToAscii` and `IdnToUnicode` on the entire URL, even though these functions only work on domain names. This commit fixes the issue by using the WinRT `Url` class and its `AbsoluteUri` and `AbsoluteCanonicalUri` getters. The algorithm still works the same way though. Closes #16017 * ``"`e]8;;https://www.xn--fcbook-3nf5b.com/`e\test`e]8;;`e\"`` still shows as two URLs in the popup ✅ * Shows the given URI if it's canonical and not an IDN ✅ * Works with >100 char long file:// URIs ✅ (cherry picked from commit 198c11f) Service-Card-Id: 90642843 Service-Version: 1.18
f1aa699 was fundamentally incorrect as it used `IdnToAscii` and `IdnToUnicode` on the entire URL, even though these functions only work on domain names. This commit fixes the issue by using the WinRT `Url` class and its `AbsoluteUri` and `AbsoluteCanonicalUri` getters. The algorithm still works the same way though. Closes #16017 ## Validation Steps Performed * ``"`e]8;;https://www.xn--fcbook-3nf5b.com/`e\test`e]8;;`e\"`` still shows as two URLs in the popup ✅ * Shows the given URI if it's canonical and not an IDN ✅ * Works with >100 char long file:// URIs ✅ (cherry picked from commit 198c11f) Service-Card-Id: 90642844 Service-Version: 1.19
f1aa699 was fundamentally incorrect as it used
IdnToAscii
andIdnToUnicode
on the entire URL, even though these functions only workon domain names. This commit fixes the issue by using the WinRT
Url
class and its
AbsoluteUri
andAbsoluteCanonicalUri
getters.The algorithm still works the same way though.
Closes #16017
Validation Steps Performed
"`e]8;;https://www.xn--fcbook-3nf5b.com/`e\test`e]8;;`e\"
still shows as two URLs in the popup ✅