Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Hold for Payment] [$1000] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma #27080

Closed
4 of 6 tasks
izarutskaya opened this issue Sep 9, 2023 · 79 comments
Assignees
Labels
Awaiting Payment Auto-added when associated PR is deployed to production Bug Something is broken. Auto assigns a BugZero manager. Daily KSv2 Engineering Internal Requires API changes or must be handled by Expensify staff Reviewing Has a PR in review

Comments

@izarutskaya
Copy link

izarutskaya commented Sep 9, 2023

If you haven’t already, check out our contributing guidelines for onboarding and email contributors@expensify.com to request to join our Slack channel!


Action Performed:

  1. Go to https://staging.new.expensify.com/
  2. Tap any report
  3. Enter -77.com
  4. Send the message
  5. Long press the sent message
  6. Tap edit comment
  7. Enter -77.com [slash add before dot com]
  8. Tap tick
  9. Long press the message
  10. Tap edit comment

Expected Result:

When user sends -77.com, then edits this comment, it must be displayed in same format
-77.com

Actual Result:

When user sends -77.com , it is shown as link. And when user edit this comment, it is displayed in different format -77.com

Workaround:

Unknown

Platforms:

Which of our officially supported platforms is this issue occurring on?

  • Android / native
  • Android / Chrome
  • iOS / native
  • iOS / Safari
  • MacOS / Chrome / Safari
  • MacOS / Desktop

Version Number: 1.3.66-3

Reproducible in staging?: Y

Reproducible in production?: Y

If this was caught during regression testing, add the test name, ID and link from TestRail:

Email or phone of affected tester (no customers):

Logs: https://stackoverflow.com/c/expensify/questions/4856

Notes/Photos/Videos: Any additional supporting documentation

Bug6193588_hyphen.mp4

Expensify/Expensify Issue URL:

Issue reported by: Applause-Internal Team

Slack conversation:@

View all open jobs on GitHub

Upwork Automation - Do Not Edit
  • Upwork Job URL: https://www.upwork.com/jobs/~0185d689f506bdc532
  • Upwork Job ID: 1701603965592113152
  • Last Price Increase: 2023-10-13
@izarutskaya izarutskaya added Daily KSv2 Bug Something is broken. Auto assigns a BugZero manager. labels Sep 9, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 9, 2023

Triggered auto assignment to @greg-schroeder (Bug), see https://stackoverflow.com/c/expensify/questions/14418 for more details.

@melvin-bot
Copy link

melvin-bot bot commented Sep 9, 2023

Bug0 Triage Checklist (Main S/O)

  • This "bug" occurs on a supported platform (ensure Platforms in OP are ✅)
  • This bug is not a duplicate report (check E/App issues and #expensify-bugs)
    • If it is, comment with a link to the original report, close the issue and add any novel details to the original issue instead
  • This bug is reproducible using the reproduction steps in the OP. S/O
    • If the reproduction steps are clear and you're unable to reproduce the bug, check with the reporter and QA first, then close the issue.
    • If the reproduction steps aren't clear and you determine the correct steps, please update the OP.
  • This issue is filled out as thoroughly and clearly as possible
    • Pay special attention to the title, results, platforms where the bug occurs, and if the bug happens on staging/production.
  • I have reviewed and subscribed to the linked Slack conversation to ensure Slack/Github stay in sync

@melvin-bot melvin-bot bot added the Overdue label Sep 12, 2023
@greg-schroeder greg-schroeder added the External Added to denote the issue can be worked on by a contributor label Sep 12, 2023
@melvin-bot melvin-bot bot changed the title mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma [$500] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma Sep 12, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 12, 2023

Job added to Upwork: https://www.upwork.com/jobs/~0185d689f506bdc532

@melvin-bot melvin-bot bot added the Help Wanted Apply this label when an issue is open to proposals by contributors label Sep 12, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 12, 2023

Current assignee @greg-schroeder is eligible for the External assigner, not assigning anyone new.

@greg-schroeder
Copy link
Contributor

Applying External

@melvin-bot
Copy link

melvin-bot bot commented Sep 12, 2023

Triggered auto assignment to Contributor-plus team member for initial proposal review - @allroundexperts (External)

@Krishna2323
Copy link
Contributor

Krishna2323 commented Sep 13, 2023

Proposal

Please re-state the problem that we are trying to solve in this issue.

mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma

What is the root cause of that problem?

There are two potential issues here, the root cause is the over-generosity of our regular expressions. Specifically:

- Patterns permitted domain names to start or end with a hyphen.
- Patterns also allowed URLs without a valid top-level domain to pass through. eg: https://nothingafter

What changes do you think we should make in order to solve the problem?

To rectify these inaccuracies, we made the following updates to the regular expressions:

For URL_WEBSITE_REGEX:

https://github.com/Expensify/expensify-common/blob/7735de14112a968fd6a4f5af710d2fbaefc8809d/lib/Url.js#L5

Adjusted to necessitate domain names to begin and conclude with a lowercase letter or number, with the flexibility of having word characters or hyphens in the middle. This change ensures the validity of the domain name part of the URL.
These modifications will ensure the exclusion of URLs with domains that begin or end with hyphens and those without a valid top-level domain.

Updated:
const URL_WEBSITE_REGEX = ${URL_PROTOCOL_REGEX}?((?:www\.)?[a-z0-9][-a-z0-9]*[a-z0-9]\.)+(?:${TLD_REGEX})(?:\:${ALLOWED_PORTS}|\b|(?=_))(?!@(?:[a-z\d-]+\.)+[a-z]{2,});

For LOOSE_URL_WEBSITE_REGEX:

https://github.com/Expensify/expensify-common/blob/7735de14112a968fd6a4f5af710d2fbaefc8809d/lib/Url.js#L14

Updated to require domain names to start and end with a lowercase letter or number.
Made the presence of a valid top-level domain mandatory after the period.

Updated:
const LOOSE_URL_WEBSITE_REGEX = ${URL_PROTOCOL_REGEX}([a-z0-9][-\w]*a-z0-9+)(?:\:${ALLOWED_PORTS}|\b|(?=_));

Result:

fixed.mp4

@melvin-bot melvin-bot bot added the Overdue label Sep 15, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 18, 2023

@greg-schroeder, @allroundexperts Eep! 4 days overdue now. Issues have feelings too...

@greg-schroeder
Copy link
Contributor

awaiting proposal review

@melvin-bot melvin-bot bot removed the Overdue label Sep 18, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 19, 2023

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸

@melvin-bot melvin-bot bot added the Overdue label Sep 21, 2023
@melvin-bot
Copy link

melvin-bot bot commented Sep 22, 2023

@greg-schroeder, @allroundexperts Uh oh! This issue is overdue by 2 days. Don't forget to update your issues!

@melvin-bot
Copy link

melvin-bot bot commented Sep 23, 2023

@greg-schroeder @allroundexperts this issue was created 2 weeks ago. Are we close to approving a proposal? If not, what's blocking us from getting this issue assigned? Don't hesitate to create a thread in #expensify-open-source to align faster in real time. Thanks!

@greg-schroeder
Copy link
Contributor

Any chance you're able to take a look @allroundexperts? Thanks!

@melvin-bot melvin-bot bot removed the Overdue label Sep 25, 2023
@allroundexperts
Copy link
Contributor

I don't think that the expected result is correct here. At least, the first part of it. Entering -77.com in slack also results in a link of 77.com similar to our app. @Krishna2323 Can you update your proposal to handle the second part only? I think that is the bug here.

@melvin-bot
Copy link

melvin-bot bot commented Sep 26, 2023

📣 It's been a week! Do we have any satisfactory proposals yet? Do we need to adjust the bounty for this issue? 💸

@tsa321
Copy link
Contributor

tsa321 commented Sep 28, 2023

@allroundexperts how about http://localhost? Isn't it valid url/link?

@melvin-bot melvin-bot bot added the Overdue label Sep 28, 2023
byte1012 added a commit to byte1012/App that referenced this issue Nov 17, 2023
@greg-schroeder
Copy link
Contributor

Looks like this was deployed to prod 5 days ago, not sure what's up with the automation 🤔

@greg-schroeder
Copy link
Contributor

Although this one wasn't deployed at all afaict: Expensify/expensify-common#598

This one is weird because of the unusual merging/review situation - can anyone help confirm what's left before this can be considered finished up?

@allroundexperts
Copy link
Contributor

@greg-schroeder Expensify/expensify-common#598 doesn't need to be deployed as its just a package. The second PR actually applied the changes of the first PR into our App. This is finished already.

@greg-schroeder
Copy link
Contributor

Okay sorry for the delay on this one, there's no automation at all so my filters keep ignoring this issue. Let me go through and figure out what's left to do here so we can close it.

@greg-schroeder
Copy link
Contributor

PR 1: #31346
PR 2: Expensify/expensify-common#598

Reporter: QA / NA
Contributor was @byte1012
C+ was @allroundexperts

So this was eventually upgraded to $1k, so I will send a manual offer to @byte1012 for this one. Sibtain you can make a manual request for $1k for the reviewer role.

@greg-schroeder
Copy link
Contributor

@byte1012 can you follow the steps here so I can pay you? Thanks!

@greg-schroeder greg-schroeder added Daily KSv2 Awaiting Payment Auto-added when associated PR is deployed to production and removed Weekly KSv2 labels Dec 19, 2023
@greg-schroeder greg-schroeder changed the title [$1000] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma [Holy for Payment] [$1000] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma Dec 19, 2023
@greg-schroeder
Copy link
Contributor

greg-schroeder commented Dec 19, 2023

You could also apply for the job I made here: https://www.upwork.com/ab/applicants/1736927955655499776/job-details

Just please confirm your name/upwork profile for future reference

@greg-schroeder greg-schroeder changed the title [Holy for Payment] [$1000] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma [Hold for Payment] [$1000] mWeb- Compose-Adding hyphen in url, although invalid shown as link and editing shows different forma Dec 19, 2023
@allroundexperts
Copy link
Contributor

Checklist

  1. fix: add support for localhost urls in markdown expensify-common#535
  2. https://github.com/Expensify/expensify-common/pull/535/files#r1431325869
  3. N/A
  4. A regression test would be overkill in this case since we've covered this particular case in the unit tests pretty comprehensively.

@greg-schroeder
Copy link
Contributor

Thanks!

@greg-schroeder
Copy link
Contributor

Bump @byte1012

@greg-schroeder
Copy link
Contributor

Trying to get this contributor's details: #26941 (comment)

@byte1012
Copy link
Contributor

Contributor details
Your Expensify account email: kelleyaquilino@gmail.com
Upwork Profile Link: https://www.upwork.com/freelancers/~01f484b51cfedb480a

Copy link

melvin-bot bot commented Dec 25, 2023

✅ Contributor details stored successfully. Thank you for contributing to Expensify!

@byte1012
Copy link
Contributor

@greg-schroeder done. sorry about delay. I missed this issue for a while

@byte1012
Copy link
Contributor

@greg-schroeder could you send me an offer on upwork ?

@melvin-bot melvin-bot bot added Daily KSv2 and removed Daily KSv2 labels Dec 25, 2023
@greg-schroeder
Copy link
Contributor

@byte1012 offer sent

@greg-schroeder
Copy link
Contributor

Once you're able to accept we'll close this out!

@greg-schroeder
Copy link
Contributor

Paid!

@JmillsExpensify
Copy link

$1,000 payment to @allroundexperts based on this comment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Awaiting Payment Auto-added when associated PR is deployed to production Bug Something is broken. Auto assigns a BugZero manager. Daily KSv2 Engineering Internal Requires API changes or must be handled by Expensify staff Reviewing Has a PR in review
Projects
None yet
Development

No branches or pull requests

9 participants