impl: strict URL validation for the connection screen

fioan89 · fioan89 · commit 06f0feb390f4 · 2025-07-25T18:02:45.000+03:00
This commit rejects any URL that is opaque, not hierarchical, not using http or https
protocol, or it misses the hostname.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,7 @@
 
 - support for checking if CLI is signed
 - improved progress reporting while downloading the CLI
+- URL validation is stricter in the connection screen
 
 ## 2.21.1 - 2025-06-26
 
diff --git a/src/main/kotlin/com/coder/gateway/util/URLExtensions.kt b/src/main/kotlin/com/coder/gateway/util/URLExtensions.kt
@@ -1,10 +1,12 @@
 package com.coder.gateway.util
 
+import com.coder.gateway.util.WebUrlValidationResult.Invalid
 import java.net.IDN
 import java.net.URI
 import java.net.URL
 
-fun String.toURL(): URL = URL(this)
+
+fun String.toURL(): URL = URI.create(this).toURL()
 
 fun URL.withPath(path: String): URL = URL(
     this.protocol,
@@ -13,6 +15,23 @@ fun URL.withPath(path: String): URL = URL(
     if (path.startsWith("/")) path else "/$path",
 )
 
+fun URI.validateStrictWebUrl(): WebUrlValidationResult = try {
+    when {
+        isOpaque -> Invalid("$this is opaque, instead of hierarchical")
+        !isAbsolute -> Invalid("$this is relative, it must be absolute")
+        scheme?.lowercase() !in setOf("http", "https") -> Invalid("Scheme for $this must be either http or https")
+        authority.isNullOrBlank() -> Invalid("$this does not have a hostname")
+        else -> WebUrlValidationResult.Valid
+    }
+} catch (e: Exception) {
+    Invalid(e.message ?: "$this could not be parsed as a URI reference")
+}
+
+sealed class WebUrlValidationResult {
+    object Valid : WebUrlValidationResult()
+    data class Invalid(val reason: String) : WebUrlValidationResult()
+}
+
 /**
  * Return the host, converting IDN to ASCII in case the file system cannot
  * support the necessary character set.
diff --git a/src/main/kotlin/com/coder/gateway/views/steps/CoderWorkspacesStepView.kt b/src/main/kotlin/com/coder/gateway/views/steps/CoderWorkspacesStepView.kt
@@ -20,9 +20,11 @@ import com.coder.gateway.util.DialogUi
 import com.coder.gateway.util.InvalidVersionException
 import com.coder.gateway.util.OS
 import com.coder.gateway.util.SemVer
+import com.coder.gateway.util.WebUrlValidationResult
 import com.coder.gateway.util.humanizeConnectionError
 import com.coder.gateway.util.isCancellation
 import com.coder.gateway.util.toURL
+import com.coder.gateway.util.validateStrictWebUrl
 import com.coder.gateway.util.withoutNull
 import com.intellij.icons.AllIcons
 import com.intellij.ide.ActivityTracker
@@ -78,6 +80,8 @@ import javax.swing.JLabel
 import javax.swing.JTable
 import javax.swing.JTextField
 import javax.swing.ListSelectionModel
+import javax.swing.event.DocumentEvent
+import javax.swing.event.DocumentListener
 import javax.swing.table.DefaultTableCellRenderer
 import javax.swing.table.TableCellRenderer
 
@@ -133,7 +137,6 @@ class CoderWorkspacesStepView :
     private var tfUrl: JTextField? = null
     private var tfUrlComment: JLabel? = null
     private var cbExistingToken: JCheckBox? = null
-    private var cbFallbackOnSignature: JCheckBox? = null
 
     private val notificationBanner = NotificationBanner()
     private var tableOfWorkspaces =
@@ -219,6 +222,31 @@ class CoderWorkspacesStepView :
                                 // Reconnect when the enter key is pressed.
                                 maybeAskTokenThenConnect()
                             }
+                            // Add document listener to clear error when user types
+                            document.addDocumentListener(object : DocumentListener {
+                                override fun insertUpdate(e: DocumentEvent?) = clearErrorState()
+                                override fun removeUpdate(e: DocumentEvent?) = clearErrorState()
+                                override fun changedUpdate(e: DocumentEvent?) = clearErrorState()
+
+                                private fun clearErrorState() {
+                                    tfUrlComment?.apply {
+                                        foreground = UIUtil.getContextHelpForeground()
+                                        if (tfUrl?.text.equals(client?.url?.toString())) {
+                                            text =
+                                                CoderGatewayBundle.message(
+                                                    "gateway.connector.view.coder.workspaces.connect.text.connected",
+                                                    client!!.url.host,
+                                                )
+                                        } else {
+                                            text = CoderGatewayBundle.message(
+                                                "gateway.connector.view.coder.workspaces.connect.text.comment",
+                                                CoderGatewayBundle.message("gateway.connector.view.coder.workspaces.connect.text"),
+                                            )
+                                        }
+                                        icon = null
+                                    }
+                                }
+                            })
                         }.component
                 button(CoderGatewayBundle.message("gateway.connector.view.coder.workspaces.connect.text")) {
                     // Reconnect when the connect button is pressed.
@@ -268,15 +296,15 @@ class CoderWorkspacesStepView :
             }
             row {
                 cell() // For alignment.
-                    checkBox(CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.title"))
-                        .bindSelected(state::fallbackOnCoderForSignatures).applyToComponent {
-                            addActionListener { event ->
-                                state.fallbackOnCoderForSignatures = (event.source as JBCheckBox).isSelected
-                            }
+                checkBox(CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.title"))
+                    .bindSelected(state::fallbackOnCoderForSignatures).applyToComponent {
+                        addActionListener { event ->
+                            state.fallbackOnCoderForSignatures = (event.source as JBCheckBox).isSelected
                         }
-                        .comment(
-                            CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.comment"),
-                        )
+                    }
+                    .comment(
+                        CoderGatewayBundle.message("gateway.connector.settings.fallback-on-coder-for-signatures.comment"),
+                    )
 
             }.layout(RowLayout.PARENT_GRID)
             row {
@@ -539,6 +567,15 @@ class CoderWorkspacesStepView :
         component.apply() // Force bindings to be filled.
         val newURL = fields.coderURL.toURL()
         if (settings.requireTokenAuth) {
+            val result = newURL.toURI().validateStrictWebUrl()
+            if (result is WebUrlValidationResult.Invalid) {
+                tfUrlComment.apply {
+                    this?.foreground = UIUtil.getErrorForeground()
+                    this?.text = result.reason
+                    this?.icon = UIUtil.getBalloonErrorIcon()
+                }
+                return
+            }
             val pastedToken =
                 dialogUi.askToken(
                     newURL,
diff --git a/src/test/kotlin/com/coder/gateway/util/URLExtensionsTest.kt b/src/test/kotlin/com/coder/gateway/util/URLExtensionsTest.kt
@@ -60,4 +60,58 @@ internal class URLExtensionsTest {
             )
         }
     }
+
+    @Test
+    fun `valid http URL should return Valid`() {
+        val uri = URI("http://coder.com")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(WebUrlValidationResult.Valid, result)
+    }
+
+    @Test
+    fun `valid https URL with path and query should return Valid`() {
+        val uri = URI("https://coder.com/bin/coder-linux-amd64?query=1")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(WebUrlValidationResult.Valid, result)
+    }
+
+    @Test
+    fun `relative URL should return Invalid with appropriate message`() {
+        val uri = URI("/bin/coder-linux-amd64")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(
+            WebUrlValidationResult.Invalid("$uri is relative, it must be absolute"),
+            result
+        )
+    }
+
+    @Test
+    fun `opaque URI like mailto should return Invalid`() {
+        val uri = URI("mailto:user@coder.com")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(
+            WebUrlValidationResult.Invalid("$uri is opaque, instead of hierarchical"),
+            result
+        )
+    }
+
+    @Test
+    fun `unsupported scheme like ftp should return Invalid`() {
+        val uri = URI("ftp://coder.com")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(
+            WebUrlValidationResult.Invalid("Scheme for $uri must be either http or https"),
+            result
+        )
+    }
+
+    @Test
+    fun `http URL with missing authority should return Invalid`() {
+        val uri = URI("http:///bin/coder-linux-amd64")
+        val result = uri.validateStrictWebUrl()
+        assertEquals(
+            WebUrlValidationResult.Invalid("$uri does not have a hostname"),
+            result
+        )
+    }
 }
