Revert "Merge pull request #386 from ziflow/master"

gregjacobs · gregjacobs · commit 2e1f2115619f · 2022-09-07T16:05:07.000-04:00
This reverts commit 8119d5c, reversing changes made to b0c15d6.
diff --git a/src/autolinker.ts b/src/autolinker.ts
@@ -913,8 +913,6 @@ export default class Autolinker {
             textOrHtml = textOrHtml.replace(/</g, '&lt;').replace(/>/g, '&gt;');
         }
 
-        textOrHtml = this.stripUnsafeCharacters(textOrHtml);
-
         let matches = this.parse(textOrHtml),
             newHtml: string[] = [],
             lastIndex = 0;
@@ -1022,16 +1020,6 @@ export default class Autolinker {
 
         return tagBuilder;
     }
-
-    /**
-     * Strips characters considered as unsafe
-     * SNYK-AUTOLINKER-2438289
-     * @param text
-     * @private
-     */
-    private stripUnsafeCharacters(text: string) {
-        return text.replace(/[\u202a-\u202e\u200e-\u200f]/g, '');
-    }
 }
 
 export interface AutolinkerConfig {
diff --git a/tests/autolinker-url.spec.ts b/tests/autolinker-url.spec.ts
@@ -1265,30 +1265,4 @@ describe('Autolinker Url Matching -', () => {
             );
         });
     });
-
-    describe('unicode exploits', () => {
-        it('should strip out character direction override unicodes which could split links into two (https://github.com/gregjacobs/Autolinker.js/issues/377)', () => {
-            expect(autolinker.link('foo.combar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202Ebar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202abar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202bbar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202cbar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202dbar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-            expect(autolinker.link('foo.com\u202ebar.com')).toBe(
-                '<a href="http://foo.combar.com">foo.combar.com</a>'
-            );
-        });
-    });
 });
