| blob | 8d2941a10e1755f8b1f29a75ba0ff1e6c724986a |
1 import { parse } from 'tldts';
2 import type { Runtime } from 'webextension-polyfill';
4 import { sanitizeURL } from './sanitize';
5 import type { ParsedSender, ParsedUrl } from './types';
6 import { isSupportedSenderUrl } from './utils';
8 export const parseUrl = (url?: string): ParsedUrl => {
9 const check = sanitizeURL(url ?? '');
11 if (!check.valid) {
12 return {
13 displayName: null,
14 domain: null,
15 subdomain: null,
16 protocol: null,
17 port: null,
18 hostname: null,
19 isTopLevelDomain: false,
20 isPrivate: false,
21 isSecure: false,
22 };
23 }
25 const { domain, subdomain, domainWithoutSuffix, hostname, isPrivate } = parse(url ?? '', {
26 allowIcannDomains: true,
27 allowPrivateDomains: true,
28 detectIp: true,
29 });
31 return {
32 displayName: domainWithoutSuffix ?? hostname,
33 domain: domain ?? hostname /* fallback on hostname for localhost support */,
34 subdomain: subdomain && subdomain !== 'www' ? hostname : null,
35 protocol: check.protocol,
36 port: check.port,
37 hostname,
38 isTopLevelDomain: !subdomain || subdomain === 'www',
39 isPrivate: isPrivate ?? subdomain !== null,
40 isSecure: check.url.startsWith('https://'),
41 };
42 };
44 /* Safely parses the sender information, providing compatibility
45 * for non-Chromium browsers: if available, uses the MessageSender origin
46 * property for enhanced protection against compromised renderer spoofing. */
47 export const parseSender = (sender: Runtime.MessageSender): ParsedSender => {
48 const origin = (sender as any)?.origin;
49 const { url, tab } = sender;
50 const parsedUrl = parseUrl(origin ?? url ?? '');
51 const tabId = tab?.id;
53 if (!isSupportedSenderUrl(parsedUrl) || !tabId) throw new Error('Unsupported sender');
55 return { tabId, url: parsedUrl };
56 };