feat(snap-keyring-bridge): sanitize redirect URL

MetaMask · Oct 11, 2024 · 3ed870e · 3ed870e
1 parent 1a7356e
commit 3ed870e
Showing 1 changed file with 20 additions and 1 deletion.
diff --git a/packages/keyring-snap-bridge/src/SnapKeyring.ts b/packages/keyring-snap-bridge/src/SnapKeyring.ts
@@ -575,13 +575,32 @@ export class SnapKeyring extends EventEmitter {
     redirect: { message?: string; url?: string },
     snapId: SnapId,
   ): Promise<void> {
-    const { message = '', url = '' } = redirect;
+    const { message = '', url: redirectUrl = '' } = redirect;
+    const url = this.#sanitizeRedirectUrl(redirectUrl);
     if (url) {
       this.#validateRedirectUrl(url, snapId);
     }
     await this.#callbacks.redirectUser(snapId, url, message);
   }
 
+  /**
+   * Sanitize a redirect URL.
+   *
+   * @param url - The URL to sanitize.
+   * @returns The new sanitized redirect URL.
+   */
+  #sanitizeRedirectUrl(url: string): string {
+    // We do check for this case since the Snap might not returns any URL at all.
+    if (!url) {
+      return url; // Nothing to sanitize in this case.
+    }
+
+    // For now, we only re-create the URL object which should take care of most of the sanitizing, like replacing
+    // upper-cased letters by their lower-cased counterparts in the "hostname" part.
+    const redirectUrl = new URL(url);
+    return redirectUrl.toString();
+  }
+
   /**
    * Validates if the redirect URL is in the Snap's allowed origins.
    *