Commit ee84101b authored by Laurent Montel's avatar Laurent Montel 😁
Browse files

Fix false positive for url "https://www.google.com/search?q=%5C"

CCBUG: 440635
parent 53a3cd1c
Pipeline #74505 passed with stage
in 25 minutes and 30 seconds
......@@ -50,7 +50,6 @@ void ScamDetectionWebEngineTest::scamtest_data()
{
QTest::addColumn<QString>("html");
QTest::addColumn<bool>("result");
// No Scam
QTest::newRow("noscam1") << QStringLiteral("<html><body><a href=\"www.kde.org\">kde</a></body></html>") << false;
QTest::newRow("noscam2") << QStringLiteral("<html><body><a href=\"http://www.kde.org\" title=\"http://www.kde.org\">kde</a></body></html>") << false;
......@@ -122,7 +121,6 @@ void ScamDetectionWebEngineTest::scamtest_data()
QTest::newRow("endwith%22") << QStringLiteral(
"<a href=\"http://www.kde.org/standards/kcfg/1.0/kcfg.xsd\" \"=\"\">http://www.kde.org/standards/kcfg/1.0/kcfg.xsd\"</a>")
<< false;
QTest::newRow("contains%5C") << QStringLiteral(
"<a "
"href=\"http://g-ecx.images-amazon.com/images/G/01/barcodes/blank003.jpg%5CnUse\">http://g-ecx.images-amazon.com/images/G/01/barcodes/blank003.jpg/"
......@@ -135,6 +133,11 @@ void ScamDetectionWebEngineTest::scamtest_data()
QTest::newRow("urlwithport2") << QStringLiteral("<a href=\"https://example.com:11371/blablabla\">https://example.com:11371/blablabla</a>") << false;
QTest::newRow("urlwithport3") << QStringLiteral("<a href=\"smtps://example.com:465/blablabla\">smtps://example.com:465/blablabla</a>") << false;
QTest::newRow("urlwithport3") << QStringLiteral("<a href=\"imaps://example.com:993/blablabla\">imaps://example.com:993/blablabla</a>") << false;
// Bug:440635
QTest::newRow("scam5C") << QStringLiteral(R"(<a href="https://www.google.com/search?q=%5C">https://www.google.com/search?q=%5C</a>)") << false;
QTest::newRow("BUG440635") << QStringLiteral(
R"(<a href="https://codereview.qt-project.org/q/topic:%22api-change-review-6.2%22+(status:open%20OR%20status:abandoned">https://codereview.qt-project.org/q/topic:%22api-change-review-6.2%22+(status:open%20OR%20status:abandoned</a>)")
<< false;
}
void ScamDetectionWebEngineTest::scamtest()
......
......@@ -96,7 +96,6 @@ void ScamDetectionWebEngine::handleScanPage(const QVariant &result)
// 1) detect if title has a url and title != href
const QString title = mapVariant.value(QStringLiteral("title")).toString();
const QString href = mapVariant.value(QStringLiteral("src")).toString();
// qDebug() << " href " << href << " title " << title;
const QUrl url(href);
if (!title.isEmpty()) {
if (title.startsWith(QLatin1String("http:")) || title.startsWith(QLatin1String("https:")) || title.startsWith(QLatin1String("www."))) {
......@@ -174,7 +173,11 @@ void ScamDetectionWebEngine::handleScanPage(const QVariant &result)
}
const QUrl normalizedHrefUrl = QUrl(href);
QString normalizedHref = normalizedHrefUrl.toDisplayString(QUrl::StripTrailingSlash | QUrl::NormalizePathSegments);
normalizedHref.replace(QStringLiteral("%5C"), QStringLiteral("/"));
if (text != normalizedHref) {
if (normalizedHref.contains(QStringLiteral("%5C"))) {
normalizedHref.replace(QStringLiteral("%5C"), QStringLiteral("/"));
}
}
// qDebug() << "text " << text << " href "<<href << " normalizedHref " << normalizedHref;
if (!text.isEmpty()) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment