From 2def0c1ee23a46d5c544c7a02a62bebb7fe806f3 Mon Sep 17 00:00:00 2001
From: Roland Osborne <roland.osborne@gmail.com>
Date: Mon, 3 Apr 2023 12:27:45 -0700
Subject: [PATCH] sanitizing urls

---
 app/mobile/package.json                                      | 1 +
 .../src/session/conversation/topicItem/useTopicItem.hook.js  | 4 ++--
 app/mobile/yarn.lock                                         | 5 +++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/mobile/package.json b/app/mobile/package.json
index 1c8b94c0..fae98b8b 100644
--- a/app/mobile/package.json
+++ b/app/mobile/package.json
@@ -10,6 +10,7 @@
     "test": "jest"
   },
   "dependencies": {
+    "@braintree/sanitize-url": "^6.0.2",
     "@react-native-clipboard/clipboard": "^1.11.1",
     "@react-native-firebase/app": "^17.2.0",
     "@react-native-firebase/messaging": "^17.2.0",
diff --git a/app/mobile/src/session/conversation/topicItem/useTopicItem.hook.js b/app/mobile/src/session/conversation/topicItem/useTopicItem.hook.js
index d3b5b4a1..e47e0b9b 100644
--- a/app/mobile/src/session/conversation/topicItem/useTopicItem.hook.js
+++ b/app/mobile/src/session/conversation/topicItem/useTopicItem.hook.js
@@ -9,7 +9,7 @@ import { useWindowDimensions, Text } from 'react-native';
 import Colors from 'constants/Colors';
 import { getCardByGuid } from 'context/cardUtil';
 import { decryptTopicSubject } from 'context/sealUtil';
-import * as DOMPurify from 'dompurify';
+import { sanitizeUrl } from '@braintree/sanitize-url';
 
 export function useTopicItem(item, hosting, remove, contentKey) {
 
@@ -214,7 +214,7 @@ export function useTopicItem(item, hosting, remove, contentKey) {
         if (!!pattern.test(word)) {
           clickable.push(<Text key={index}>{ group }</Text>);
           group = '';
-          clickable.push(<Text key={'link-' + index} onPress={() => Linking.openURL(word)} style={{ fontStyle: 'italic' }}>{ word + ' ' }</Text>);
+          clickable.push(<Text key={'link-' + index} onPress={() => Linking.openURL(sanitizeUrl(word))} style={{ fontStyle: 'italic' }}>{ sanitizeUrl(word) + ' ' }</Text>);
         }
         else {
           group += `${word} `;
diff --git a/app/mobile/yarn.lock b/app/mobile/yarn.lock
index 0a93e42c..3741d0f2 100644
--- a/app/mobile/yarn.lock
+++ b/app/mobile/yarn.lock
@@ -1077,6 +1077,11 @@
   resolved "https://registry.npmjs.org/@bcoe/v8-coverage/-/v8-coverage-0.2.3.tgz"
   integrity sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==
 
+"@braintree/sanitize-url@^6.0.2":
+  version "6.0.2"
+  resolved "https://registry.yarnpkg.com/@braintree/sanitize-url/-/sanitize-url-6.0.2.tgz#6110f918d273fe2af8ea1c4398a88774bb9fc12f"
+  integrity sha512-Tbsj02wXCbqGmzdnXNk0SOF19ChhRU70BsroIi4Pm6Ehp56in6vch94mfbdQ17DozxkL3BAVjbZ4Qc1a0HFRAg==
+
 "@egjs/hammerjs@^2.0.17":
   version "2.0.17"
   resolved "https://registry.npmjs.org/@egjs/hammerjs/-/hammerjs-2.0.17.tgz"