mirror of
https://github.com/garrytan/gstack.git
synced 2026-05-10 06:28:23 +08:00
ac80abdc34
Layer 1 (unit): 18 tests for URL sanitization in sidebar-utils.ts — http/https pass, chrome:// rejected, javascript: rejected, control chars stripped, truncation. Layer 2 (integration): 13 tests for server HTTP endpoints — auth, sidebar-command queue writes, activeTabUrl override/fallback, event relay to chat buffer, message queuing, queue overflow (429), chat clear, agent kill. Source changes for testability: - Extract sanitizeExtensionUrl() to browse/src/sidebar-utils.ts - Add BROWSE_HEADLESS_SKIP env var to skip browser launch in HTTP-only tests - Add SIDEBAR_QUEUE_PATH env var to both server.ts and sidebar-agent.ts - Add SIDEBAR_AGENT_TIMEOUT env var to sidebar-agent.ts - Sync package.json version to match VERSION (0.12.2.0) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
22 lines
629 B
TypeScript
22 lines
629 B
TypeScript
/**
|
|
* Shared sidebar utilities — extracted for testability.
|
|
*/
|
|
|
|
/**
|
|
* Sanitize a URL from the Chrome extension before embedding in a prompt.
|
|
* Only accepts http/https, strips control characters, truncates to 2048 chars.
|
|
* Returns null if the URL is invalid or uses a non-http scheme.
|
|
*/
|
|
export function sanitizeExtensionUrl(url: string | null | undefined): string | null {
|
|
if (!url) return null;
|
|
try {
|
|
const u = new URL(url);
|
|
if (u.protocol === 'http:' || u.protocol === 'https:') {
|
|
return u.href.replace(/[\x00-\x1f\x7f]/g, '').slice(0, 2048);
|
|
}
|
|
return null;
|
|
} catch {
|
|
return null;
|
|
}
|
|
}
|