fix: Ensure user-entered Mastodon URLs only have one "HTTP(S)://" declaration (!107) · Merge requests · The Tor Project / Web / donate-neo

stephen requested to merge massage-user-entered-mastodon-server-url into main Aug 29, 2024

The Mastodon share button on the "thank you!" page prompts the user for their home Masto server so that it can properly route them to the common Mastodon platform share-by-URL address with various prefilled content.

However, while the server URL prompt pointedly leaves off the "HTTPS://" at the start of the URL, some users may populate this field by pasting in their home Mastodon URL as it appears in their address bar - which would include the prepended "HTTPS://" as well. (And some browsers, like Chrome, prefer to hide that information as often as they feel reasonable, probably leading some users to believe they aren't copying that text.)

Ergo, as per @lelutin's suggestion, we use regex to strip prepended HTTP:// or HTTPS:// from entered Mastodon servers. (It is certainly possible to massage that user-entered URL even further, but this feels like a good midway point to meet the user.)

Fixes #101 (closed).

fix: Ensure user-entered Mastodon URLs only have one "HTTP(S)://" declaration

Merge request reports