From e7c8640cc2f0b4c82d65dcba742d19b4fa0ece05 Mon Sep 17 00:00:00 2001
From: Imanol Fernandez <mortimergoro@gmail.com>
Date: Thu, 2 Jul 2020 18:53:02 +0200
Subject: [PATCH] Fix validation failures of URIs with multiple hash signs.
 (#3609)

---
 .../telemetry/GleanMetricsService.java        |  5 +++--
 .../vrbrowser/telemetry/TelemetryWrapper.java |  5 +++--
 .../mozilla/vrbrowser/utils/StringUtils.java  |  4 ++++
 .../org/mozilla/vrbrowser/utils/UrlUtils.java | 20 +++++++++++++++++--
 4 files changed, 28 insertions(+), 6 deletions(-)

diff --git a/app/src/common/shared/org/mozilla/vrbrowser/telemetry/GleanMetricsService.java b/app/src/common/shared/org/mozilla/vrbrowser/telemetry/GleanMetricsService.java
index fea1ec5b0..d37fd58a7 100644
--- a/app/src/common/shared/org/mozilla/vrbrowser/telemetry/GleanMetricsService.java
+++ b/app/src/common/shared/org/mozilla/vrbrowser/telemetry/GleanMetricsService.java
@@ -26,6 +26,7 @@
 import org.mozilla.vrbrowser.utils.UrlUtils;
 
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Hashtable;
@@ -108,7 +109,7 @@ public static void stopPageLoadTimeWithURI(String uri) {
         }
 
         try {
-            URI uriLink = URI.create(uri);
+            URI uriLink = UrlUtils.parseUri(uri);
             if (uriLink.getHost() == null) {
                 return;
             }
@@ -117,7 +118,7 @@ public static void stopPageLoadTimeWithURI(String uri) {
                 Url.INSTANCE.domains().add();
             }
             Url.INSTANCE.visits().add();
-        } catch (IllegalArgumentException e) {
+        } catch (URISyntaxException e) {
             Log.e(LOGTAG, "Invalid URL", e);
         }
     }
diff --git a/app/src/common/shared/org/mozilla/vrbrowser/telemetry/TelemetryWrapper.java b/app/src/common/shared/org/mozilla/vrbrowser/telemetry/TelemetryWrapper.java
index bfe7d5868..b1f2967bc 100644
--- a/app/src/common/shared/org/mozilla/vrbrowser/telemetry/TelemetryWrapper.java
+++ b/app/src/common/shared/org/mozilla/vrbrowser/telemetry/TelemetryWrapper.java
@@ -31,6 +31,7 @@
 import org.mozilla.vrbrowser.utils.UrlUtils;
 
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -307,7 +308,7 @@ public static void uploadPageLoadToHistogram(String uri) {
         }
 
         try {
-            URI uriLink = URI.create(uri);
+            URI uriLink = UrlUtils.parseUri(uri);
             if (uriLink.getHost() == null) {
                 return;
             }
@@ -332,7 +333,7 @@ public static void uploadPageLoadToHistogram(String uri) {
 
             loadingTimeHistogram[histogramLoadIndex]++;
 
-        } catch (IllegalArgumentException e) {
+        } catch (URISyntaxException e) {
             Log.e(LOGTAG, "Invalid URL", e);
         }
     }
diff --git a/app/src/common/shared/org/mozilla/vrbrowser/utils/StringUtils.java b/app/src/common/shared/org/mozilla/vrbrowser/utils/StringUtils.java
index 9dcf66ae3..3817c8f92 100644
--- a/app/src/common/shared/org/mozilla/vrbrowser/utils/StringUtils.java
+++ b/app/src/common/shared/org/mozilla/vrbrowser/utils/StringUtils.java
@@ -76,6 +76,10 @@ public static boolean contains(String[] aTarget, String aText) {
         return false;
     }
 
+    public static long charCount(@NonNull String aString, char target) {
+        return aString.chars().filter(ch -> ch == target).count();
+    }
+
     /**
      * The version code is composed like: yDDDHHmm
      *  * y   = Double digit year, with 16 substracted: 2017 -> 17 -> 1
diff --git a/app/src/common/shared/org/mozilla/vrbrowser/utils/UrlUtils.java b/app/src/common/shared/org/mozilla/vrbrowser/utils/UrlUtils.java
index 2e6494dee..e94a98198 100644
--- a/app/src/common/shared/org/mozilla/vrbrowser/utils/UrlUtils.java
+++ b/app/src/common/shared/org/mozilla/vrbrowser/utils/UrlUtils.java
@@ -18,6 +18,7 @@
 import java.io.File;
 import java.net.MalformedURLException;
 import java.net.URI;
+import java.net.URISyntaxException;
 import java.net.URL;
 import java.util.regex.Pattern;
 
@@ -135,14 +136,14 @@ public static String titleBarUrl(@Nullable String aUri) {
 
             } else {
                 try {
-                    URI uri = URI.create(aUri);
+                    URI uri = parseUri(aUri);
                     URL url = new URL(
                             uri.getScheme() != null ? uri.getScheme() : "",
                             uri.getAuthority() != null ? uri.getAuthority() : "",
                             "");
                     return url.toString();
 
-                } catch (MalformedURLException | IllegalArgumentException e) {
+                } catch (MalformedURLException | URISyntaxException e) {
                     return "";
                 }
             }
@@ -197,4 +198,19 @@ public static String getHost(String uri) {
             return uri;
         }
     }
+
+    public static URI parseUri(String aUri) throws URISyntaxException {
+        try {
+            return new URI(aUri);
+        } catch (URISyntaxException e) {
+            if (!StringUtils.isEmpty(aUri) && StringUtils.charCount(aUri, '#') >= 2) {
+                // Browsers are able to handle URLs with double # by ignoring everything after the
+                // second # occurrence. But Java implementation considers it an invalid URL.
+                // Remove everything after the second #.
+                int index = aUri.indexOf("#", aUri.indexOf("#") + 1);
+                return parseUri(aUri.substring(0, index));
+            }
+            throw e;
+        }
+    }
 }