search

bowser-js / bowser

a browser detector
Other
5.48k stars 486 forks source link

Parsing the version number throws an error if it contains letters #513

Open ssp opened 2 years ago

ssp commented 2 years ago

Template to report about browser detection issue

We observed a user agent

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 OPR/82.0.4227.58/VoplfMPIL3LW69FfgZ

which causes .satisfies to throw an error. E.g.

const browser = Bowser.getParser('Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36 OPR/82.0.4227.58/VoplfMPIL3LW69FfgZ');
browser.satisfies({
      mobile: {
        opera: '>=60',
      },
      safari: '>=12',
      chrome: '>=88',
      android: '>=88',
      samsung_internet: '>=12',
      firefox: '>=90',
      edge: '>=90',
      opera: '>=80',
      ie: '>11',
    });

results in:

RangeError: Invalid array length
at ./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:3125
at Array.map (<anonymous>)
at Function.e.map (./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:3404)
at ./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:3088
at Array.map (<anonymous>)
at Function.e.map (./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:3404)
at Function.e.compareVersions (./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:2993)
at e.t.compareVersion (./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:11272)
at e.t.satisfies (./node_modules/.pnpm/bowser@2.11.0/node_modules/bowser/es5.js:1:10778)
at isBrowserValid (./src/lib/browserValidator.ts:10:36)
...

We can protect ourselves from this by adding a try catch, but my expectation was that bowser does not expose problems like this to the caller.