From 192a7e0d7ec3b4d487d8f083527cdd317a962dc0 Mon Sep 17 00:00:00 2001
From: Ahmad Mujahid <55625580+AhmadMuj@users.noreply.github.com>
Date: Sun, 9 Feb 2025 15:18:01 +0400
Subject: feat: add URL protocol validation to extension and mobile app (#996)

---
 apps/browser-extension/src/NotConfiguredPage.tsx | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'apps/browser-extension')

diff --git a/apps/browser-extension/src/NotConfiguredPage.tsx b/apps/browser-extension/src/NotConfiguredPage.tsx
index 31d45d6a..fdda480e 100644
--- a/apps/browser-extension/src/NotConfiguredPage.tsx
+++ b/apps/browser-extension/src/NotConfiguredPage.tsx
@@ -22,6 +22,16 @@ export default function NotConfiguredPage() {
       setError("Server address is required");
       return;
     }
+
+    // Add URL protocol validation
+    if (
+      !serverAddress.startsWith("http://") &&
+      !serverAddress.startsWith("https://")
+    ) {
+      setError("Server address must start with http:// or https://");
+      return;
+    }
+
     setSettings((s) => ({ ...s, address: serverAddress.replace(/\/$/, "") }));
     navigate("/signin");
   };
-- 
cgit v1.2.3-70-g09d2