Skip to content

fix: Add stricter URL validation to openURLMiddleware #2697

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 4, 2025
Merged

fix: Add stricter URL validation to openURLMiddleware #2697

merged 1 commit into from
Aug 4, 2025

Conversation

huntie
Copy link
Collaborator

@huntie huntie commented Jul 30, 2025
edited
Loading

Summary

References

Test Plan

Invalid URL

image

✅ Blocked

Sanity check — regular URL

image

✅ OK
✅ Opens web browser

Checklist

  • Documentation is up to date.
  • Follows commit message convention described in CONTRIBUTING.md.
  • For functional changes, my test plan has linked these CLI changes into a local react-native checkout (instructions).

@thymikee
Copy link
Member

Thanks! Feel free to merge

@huntie huntie force-pushed the security-open-url-validation branch from 484e42a to d003eab Compare August 4, 2025 10:00
@huntie
Copy link
Collaborator Author

huntie commented Aug 4, 2025

d003eab: Remove {appName: 'browser'} argument — led to a no-op in local testing on a macOS system.

@huntie huntie merged commit 1508990 into react-native-community:main Aug 4, 2025
4 of 8 checks passed
@huntie huntie deleted the security-open-url-validation branch August 4, 2025 10:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thymikee thymikee thymikee approved these changes

@szymonrybczak szymonrybczak Awaiting requested review from szymonrybczak szymonrybczak is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@huntie @thymikee