Add support for URL wildcards and exact URL (#9835)

* Add support for URL wildcards with Additional URL feature * Only check TLD if wildcard is used * Avoid using network function in no-feature build --------- Co-authored-by: varjolintu <sami.vanttinen@ahmala.org> Co-authored-by: Jonathan White <support@dmapps.us>
2025-04-03 20:47:37 +03:00 · 2025-02-10 03:03:15 +02:00 · 2025-02-10 03:03:15 +02:00 · 9ba6ada266
commit 9ba6ada266
parent 51e8c042af
11 changed files with 317 additions and 36 deletions
--- a/tests/TestBrowser.cpp
+++ b/tests/TestBrowser.cpp
@ -1,5 +1,5 @@
 /*
- *  Copyright (C) 2023 KeePassXC Team <team@keepassxc.org>
+ *  Copyright (C) 2025 KeePassXC Team <team@keepassxc.org>
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -222,7 +222,7 @@ void TestBrowser::testSearchEntries()
    QCOMPARE(result[4]->url(), QString("http://github.com"));
    QCOMPARE(result[5]->url(), QString("http://github.com/login"));

-    // With matching there should be only 3 results + 4 without a scheme
+    // With matching there should be only 4 results + 4 without a scheme
    browserSettings()->setMatchUrlScheme(true);
    result = m_browserService->searchEntries(db, "https://github.com", "https://github.com/session");
    QCOMPARE(result.length(), 7);
@ -396,6 +396,121 @@ void TestBrowser::testSearchEntriesWithAdditionalURLs()
    QCOMPARE(additionalResult[0]->url(), QString("https://github.com/"));
 }

+void TestBrowser::testSearchEntriesWithWildcardURLs()
+{
+    auto db = QSharedPointer<Database>::create();
+    auto* root = db->rootGroup();
+
+    QStringList urls = {
+        "https://github.com/login_page/*",
+        "https://github.com/*/second",
+        "https://github.com/*",
+        "http://github.com/*",
+        "github.com/*", // Defaults to https
+        "https://*.github.com/*",
+        "https://subdomain.*.github.com/*/second",
+        "https://*.sub.github.com/*",
+        "https://********", // Invalid wildcard URL
+        "https://subdomain.yes.github.com/*",
+        "https://example.com:8448/*",
+        "https://example.com/*/*",
+        "https://example.com/$/*",
+        "https://127.128.129.*:8448/",
+        "https://127.128.*/",
+        "https://127.160.*.2/login",
+        "http://[2001:db8:85a3:8d3:1319:8a2e:370:*]/",
+        "https://[2001:db8:85a3:8d3:*]:443/",
+        "fe80::1ff:fe23:4567:890a",
+        "2001-db8-85a3-8d3-1319-8a2e-370-7348.ipv6-literal.net",
+        "\"https://thisisatest.com/login.php\"" // Exact URL
+    };
+
+    createEntries(urls, root, true);
+    browserSettings()->setMatchUrlScheme(false);
+
+    // Return first Additional URL
+    auto firstUrl = [&](Entry* entry) { return entry->attributes()->value(EntryAttributes::AdditionalUrlAttribute); };
+
+    auto result = m_browserService->searchEntries(
+        db, "https://github.com/login_page/second", "https://github.com/login_page/second");
+    QCOMPARE(result.length(), 6);
+    QCOMPARE(firstUrl(result[0]), QString("https://github.com/login_page/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://github.com/*/second"));
+    QCOMPARE(firstUrl(result[2]), QString("https://github.com/*"));
+    QCOMPARE(firstUrl(result[3]), QString("http://github.com/*"));
+    QCOMPARE(firstUrl(result[4]), QString("github.com/*"));
+    QCOMPARE(firstUrl(result[5]), QString("https://*.github.com/*"));
+
+    result = m_browserService->searchEntries(
+        db, "https://subdomain.sub.github.com/login_page/second", "https://subdomain.sub.github.com/login_page/second");
+    QCOMPARE(result.length(), 3);
+    QCOMPARE(firstUrl(result[0]), QString("https://*.github.com/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://subdomain.*.github.com/*/second"));
+    QCOMPARE(firstUrl(result[2]), QString("https://*.sub.github.com/*"));
+
+    result = m_browserService->searchEntries(
+        db, "https://subdomain.sub.github.com/other_page", "https://subdomain.sub.github.com/other_page");
+    QCOMPARE(result.length(), 2);
+    QCOMPARE(firstUrl(result[0]), QString("https://*.github.com/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://*.sub.github.com/*"));
+
+    result = m_browserService->searchEntries(
+        db, "https://subdomain.yes.github.com/other_page/second", "https://subdomain.yes.github.com/other_page/second");
+    QCOMPARE(result.length(), 3);
+    QCOMPARE(firstUrl(result[0]), QString("https://*.github.com/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://subdomain.*.github.com/*/second"));
+    QCOMPARE(firstUrl(result[2]), QString("https://subdomain.yes.github.com/*"));
+
+    result = m_browserService->searchEntries(
+        db, "https://example.com:8448/login/page", "https://example.com:8448/login/page");
+    QCOMPARE(result.length(), 2);
+    QCOMPARE(firstUrl(result[0]), QString("https://example.com:8448/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://example.com/*/*"));
+
+    result = m_browserService->searchEntries(
+        db, "https://example.com:8449/login/page", "https://example.com:8449/login/page");
+    QCOMPARE(result.length(), 1);
+    QCOMPARE(firstUrl(result[0]), QString("https://example.com/*/*"));
+
+    result =
+        m_browserService->searchEntries(db, "https://example.com/$/login_page", "https://example.com/$/login_page");
+    QCOMPARE(result.length(), 2);
+    QCOMPARE(firstUrl(result[0]), QString("https://example.com/*/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://example.com/$/*"));
+
+    result = m_browserService->searchEntries(db, "https://127.128.129.130:8448/", "https://127.128.129.130:8448/");
+    QCOMPARE(result.length(), 2);
+
+    result = m_browserService->searchEntries(db, "https://127.128.129.130/", "https://127.128.129.130/");
+    QCOMPARE(result.length(), 1);
+    QCOMPARE(firstUrl(result[0]), QString("https://127.128.*/"));
+
+    result = m_browserService->searchEntries(db, "https://127.1.129.130/", "https://127.1.129.130/");
+    QCOMPARE(result.length(), 0);
+
+    result = m_browserService->searchEntries(db, "https://127.160.8.2/login", "https://127.160.8.2/login");
+    QCOMPARE(result.length(), 1);
+    QCOMPARE(firstUrl(result[0]), QString("https://127.160.*.2/login"));
+
+    // Exact URL
+    result =
+        m_browserService->searchEntries(db, "https://thisisatest.com/login.php", "https://thisisatest.com/login.php");
+    QCOMPARE(result.length(), 1);
+    QCOMPARE(firstUrl(result[0]), QString("\"https://thisisatest.com/login.php\""));
+
+    // With scheme matching enabled
+    browserSettings()->setMatchUrlScheme(true);
+    result = m_browserService->searchEntries(
+        db, "https://github.com/login_page/second", "https://github.com/login_page/second");
+
+    QCOMPARE(result.length(), 5);
+    QCOMPARE(firstUrl(result[0]), QString("https://github.com/login_page/*"));
+    QCOMPARE(firstUrl(result[1]), QString("https://github.com/*/second"));
+    QCOMPARE(firstUrl(result[2]), QString("https://github.com/*"));
+    QCOMPARE(firstUrl(result[3]), QString("github.com/*")); // Defaults to https
+    QCOMPARE(firstUrl(result[4]), QString("https://*.github.com/*"));
+}
+
 void TestBrowser::testInvalidEntries()
 {
    auto db = QSharedPointer<Database>::create();
@ -516,14 +631,18 @@ void TestBrowser::testSubdomainsAndPaths()
    QCOMPARE(result.length(), 1);
 }

-QList<Entry*> TestBrowser::createEntries(QStringList& urls, Group* root) const
+QList<Entry*> TestBrowser::createEntries(QStringList& urls, Group* root, bool additionalUrl) const
 {
    QList<Entry*> entries;
    for (int i = 0; i < urls.length(); ++i) {
        auto entry = new Entry();
        entry->setGroup(root);
        entry->beginUpdate();
-        entry->setUrl(urls[i]);
+        if (additionalUrl) {
+            entry->attributes()->set(EntryAttributes::AdditionalUrlAttribute, urls[i]);
+        } else {
+            entry->setUrl(urls[i]);
+        }
        entry->setUsername(QString("User %1").arg(i));
        entry->setUuid(QUuid::createUuid());
        entry->setTitle(QString("Name_%1").arg(entry->uuidToHex()));
--- a/tests/TestBrowser.h
+++ b/tests/TestBrowser.h
@ -1,5 +1,5 @@
 /*
- *  Copyright (C) 2023 KeePassXC Team <team@keepassxc.org>
+ *  Copyright (C) 2025 KeePassXC Team <team@keepassxc.org>
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -45,6 +45,7 @@ private slots:
    void testSearchEntriesByReference();
    void testSearchEntriesWithPort();
    void testSearchEntriesWithAdditionalURLs();
+    void testSearchEntriesWithWildcardURLs();
    void testInvalidEntries();
    void testSubdomainsAndPaths();
    void testBestMatchingCredentials();
@ -52,7 +53,7 @@ private slots:
    void testRestrictBrowserKey();

 private:
-    QList<Entry*> createEntries(QStringList& urls, Group* root) const;
+    QList<Entry*> createEntries(QStringList& urls, Group* root, bool additionalUrl = false) const;
    void compareEntriesByPath(QSharedPointer<Database> db, QList<Entry*> entries, QString path);

    QScopedPointer<BrowserAction> m_browserAction;
--- a/tests/TestUrlTools.cpp
+++ b/tests/TestUrlTools.cpp
@ -1,5 +1,5 @@
 /*
- *  Copyright (C) 2024 KeePassXC Team <team@keepassxc.org>
+ *  Copyright (C) 2025 KeePassXC Team <team@keepassxc.org>
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -136,6 +136,36 @@ void TestUrlTools::testIsUrlValid()
    }
 }

+void TestUrlTools::testIsUrlValidWithLooseComparison()
+{
+    QHash<QString, bool> urls;
+    urls[""] = true;
+    urls["\"https://github.com/login\""] = true;
+    urls["https://*.github.com/"] = true;
+    urls["*.github.com"] = true;
+    urls["https://*.com"] = false;
+    urls["https://*.computer.com"] = true; // TLD in domain (com) should not affect
+    urls["\"\""] = false;
+    urls["\"*.example.com\""] = false;
+    urls["http://*"] = false;
+    urls["*"] = false;
+    urls["****"] = false;
+    urls["*.co.jp"] = false;
+    urls["*.com"] = false;
+    urls["*.computer.com"] = true;
+    urls["*.computer.com/*com"] = true; // TLD in path should not affect this
+    urls["*com"] = false;
+    urls["*.com/"] = false;
+    urls["*.com/*"] = false;
+    urls["**.com/**"] = false;
+
+    QHashIterator<QString, bool> i(urls);
+    while (i.hasNext()) {
+        i.next();
+        QCOMPARE(urlTools()->isUrlValid(i.key(), true), i.value());
+    }
+}
+
 void TestUrlTools::testDomainHasIllegalCharacters()
 {
    QVERIFY(!urlTools()->domainHasIllegalCharacters("example.com"));
--- a/tests/TestUrlTools.h
+++ b/tests/TestUrlTools.h
@ -1,5 +1,5 @@
 /*
- *  Copyright (C) 2024 KeePassXC Team <team@keepassxc.org>
+ *  Copyright (C) 2025 KeePassXC Team <team@keepassxc.org>
 *
 *  This program is free software: you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
@ -34,6 +34,7 @@ private slots:
    void testIsIpAddress();
    void testIsUrlIdentical();
    void testIsUrlValid();
+    void testIsUrlValidWithLooseComparison();
    void testDomainHasIllegalCharacters();

 private: