From dd022eab04d19ad1b11274c07b7cc622530442a3 Mon Sep 17 00:00:00 2001
From: Michael Albert <michael.albert@awesome-technologies.de>
Date: Thu, 30 Apr 2020 18:45:37 +0200
Subject: [PATCH] Validate URL on input instead of automatic rewrite of http to
 https

Change-Id: I3f3a9c5fb408af1f03ef876456133b331dc4cea3
---
 src/components/LoginPage.js |  8 ++++++++
 src/i18n/de.js              |  2 ++
 src/i18n/en.js              |  2 ++
 src/synapse/authProvider.js | 16 +++-------------
 4 files changed, 15 insertions(+), 13 deletions(-)

diff --git a/src/components/LoginPage.js b/src/components/LoginPage.js
index 19280b3..9cbcf6e 100644
--- a/src/components/LoginPage.js
+++ b/src/components/LoginPage.js
@@ -90,6 +90,14 @@ const LoginPage = ({ theme }) => {
     const errors = {};
     if (!values.homeserver) {
       errors.homeserver = translate("ra.validation.required");
+    } else {
+      if (!values.homeserver.match(/^(http|https):\/\//)) {
+        errors.homeserver = translate("synapseadmin.auth.protocol_error");
+      } else if (
+        !values.homeserver.match(/^(http|https):\/\/[a-zA-Z0-9\-.]+$/)
+      ) {
+        errors.homeserver = translate("synapseadmin.auth.url_error");
+      }
     }
     if (!values.username) {
       errors.username = translate("ra.validation.required");
diff --git a/src/i18n/de.js b/src/i18n/de.js
index 07a83fe..b86dae0 100644
--- a/src/i18n/de.js
+++ b/src/i18n/de.js
@@ -6,6 +6,8 @@ export default {
     auth: {
       homeserver: "Heimserver",
       welcome: "Willkommen bei Synapse-admin",
+      protocol_error: "Die URL muss mit 'http://' oder 'https://' beginnen",
+      url_error: "Keine gültige Matrix Server URL",
     },
     users: {
       invalid_user_id:
diff --git a/src/i18n/en.js b/src/i18n/en.js
index 7bb739a..8a3974c 100644
--- a/src/i18n/en.js
+++ b/src/i18n/en.js
@@ -6,6 +6,8 @@ export default {
     auth: {
       homeserver: "Homeserver",
       welcome: "Welcome to Synapse-admin",
+      protocol_error: "URL has to start with 'http://' or 'https://'",
+      url_error: "Not a valid Matrix server URL",
     },
     users: {
       invalid_user_id:
diff --git a/src/synapse/authProvider.js b/src/synapse/authProvider.js
index 14ef26c..5068c44 100644
--- a/src/synapse/authProvider.js
+++ b/src/synapse/authProvider.js
@@ -1,13 +1,5 @@
 import { fetchUtils } from "react-admin";
 
-const ensureHttpsForUrl = url => {
-  if (/^https:\/\//i.test(url)) {
-    return url;
-  }
-  const domain = url.replace(/http.?:\/\//g, "");
-  return "https://" + domain;
-};
-
 const stripTrailingSlash = str => {
   if (!str) {
     return;
@@ -17,7 +9,7 @@ const stripTrailingSlash = str => {
 
 const authProvider = {
   // called when the user attempts to log in
-  login: ({ homeserver, username, password }) => {
+  login: ({ base_url, username, password }) => {
     console.log("login ");
     const options = {
       method: "POST",
@@ -28,10 +20,8 @@ const authProvider = {
       }),
     };
 
-    const url = window.decodeURIComponent(homeserver);
-    const trimmed_url = url.trim().replace(/\s/g, "");
-    const login_api_url =
-      ensureHttpsForUrl(trimmed_url) + "/_matrix/client/r0/login";
+    const decoded_base_url = window.decodeURIComponent(base_url);
+    const login_api_url = decoded_base_url + "/_matrix/client/r0/login";
 
     return fetchUtils.fetchJson(login_api_url, options).then(({ json }) => {
       const normalized_base_url = stripTrailingSlash(