#50141: fix: validate protocol scheme names in setAsDefaultProtocolClient
Merged
Description of Change
On Windows, app.setAsDefaultProtocolClient(protocol) directly concatenates the protocol string into the registry key path with no validation. A protocol name containing \ could write to an arbitrary subkey under HKCU\Software\Classes\, potentially hijacking existing protocol handlers.
To fix this, add Browser::IsValidProtocolScheme() which validates that a protocol name conforms to the RFC 3986 scheme grammar:
scheme = ALPHA *( ALPHA / DIGIT / "+" / "-" / "." )
This rejects backslashes, forward slashes, whitespace, and any other characters not permitted in URI schemes.
Checklist
- PR description included
-
npm testpasses - tests are changed or added
- PR release notes describe the change in a way relevant to app developers, and are capitalized, punctuated, and past tense.
Release Notes
Notes: Added validation to protocol client methods to reject protocol names that do not conform to the RFC 3986 URI scheme grammar.
Backports
Semver Impact
Major
Breaking changes
Minor
New features
Patch
Bug fixes
None
Docs, tests, etc.
Semantic Versioning helps users understand the impact of updates:
- Major (X.y.z): Breaking changes that may require code modifications
- Minor (x.Y.z): New features that maintain backward compatibility
- Patch (x.y.Z): Bug fixes that don't change the API
- None: Changes that don't affect using facing parts of Electron