Fix: external application requests via redirect URLs shows wrong orig…

…in. (#1900) Task/Issue URL: https://app.asana.com/0/1176047645786601/1204521390227183/f **Description**: If the external application URL was the result of a cross-origin redirect, then we display the wrong origin in the external application request popup. Instead, I propose we check if redirects occurred, and use the origin of the most recent redirect as the first choice for the domain displayed to the user. This is only a proposed fix, and will likely need a thorough review to ensure we don't cause breakage in legitimate external application requests. **Steps to test this PR**: 1. Visit https://alesandroortiz.com/security/chromium/external-protocol/spoof-links.html 2. Click **Tel** 3. Check the origin in the popup is aogarantiza.com and not alesandroortiz.com 4. Manually enter tel://155555 into address bar 5. Ensure popup appears with origin "155555" 6. Visit this test page: https://crossorigin.site/tel.html 7. Click the button 8. Ensure the origin is displayed as "crossorigin.site"  --- ###### Internal references: [Pull Request Review Checklist](https://app.asana.com/0/1202500774821704/1203764234894239/f) [Software Engineering Expectations](https://app.asana.com/0/59792373528535/199064865822552) [Technical Design Template](https://app.asana.com/0/59792373528535/184709971311943) [Pull Request Documentation](https://app.asana.com/0/1202500774821704/1204012835277482/f)
duckduckgo · Dec 20, 2023 · 19c06f2 · 19c06f2
1 parent d30f00b
commit 19c06f2
Showing 1 changed file with 7 additions and 8 deletions.
diff --git a/DuckDuckGo/Tab/Navigation/ExternalAppSchemeHandler.swift b/DuckDuckGo/Tab/Navigation/ExternalAppSchemeHandler.swift
@@ -53,8 +53,8 @@ final class ExternalAppSchemeHandler {
 
 extension ExternalAppSchemeHandler: NavigationResponder {
 
-    @MainActor
-    func decidePolicy(for navigationAction: NavigationAction, preferences: inout NavigationPreferences) async -> NavigationActionPolicy? {
+    // swiftlint:disable:next function_body_length
+    @MainActor func decidePolicy(for navigationAction: NavigationAction, preferences: inout NavigationPreferences) async -> NavigationActionPolicy? {
         let externalUrl = navigationAction.url
         // only proceed with non-external-scheme navigations
         guard externalUrl.isExternalSchemeLink, let scheme = externalUrl.scheme else {
@@ -114,19 +114,18 @@ extension ExternalAppSchemeHandler: NavigationResponder {
         }
 
         let permissionType = PermissionType.externalScheme(scheme: scheme)
-        // use domain from the url for user-entered app schemes, otherwise use current website domain
-        let domain = navigationAction.isUserEnteredUrl ? navigationAction.url.host ?? "" : navigationAction.sourceFrame.securityOrigin.host
-        permissionModel.permissions([permissionType], requestedForDomain: domain, url: externalUrl) { [workspace, weak self] isGranted in
+        // Check for cross-origin redirects first, then use domain from the url for user-entered app schemes, then use current website domain
+        let redirectDomain = navigationAction.redirectHistory?.reversed().first(where: { $0.url.host != navigationAction.url.host })?.url.host
+        let domain = redirectDomain ?? (navigationAction.isUserEnteredUrl ? navigationAction.url.host ?? "" : navigationAction.sourceFrame.securityOrigin.host)
+        permissionModel.permissions([permissionType], requestedForDomain: domain, url: externalUrl) { [workspace] isGranted in
             if isGranted {
                 workspace.open(externalUrl)
-
                 // if "Always allow" is set and this is the only navigation in the tab: close the tab
-                if self?.shouldCloseTabOnExternalAppOpen == true, let webView = navigationAction.targetFrame?.webView {
+                if self.shouldCloseTabOnExternalAppOpen == true, let webView = navigationAction.targetFrame?.webView {
                     webView.close()
                 }
             }
         }
-
         return .cancel
     }