search

brave / brave-browser

Brave browser for Android, iOS, Linux, macOS, Windows.
https://brave.com
Mozilla Public License 2.0
17.71k stars 2.31k forks source link

Brave Protocol Handler Doesn't Parse Correctly #41467

Open eneerge opened 1 week ago

eneerge commented 1 week ago

Description

The Brave Protocol parser on Linux (possibly Windows, but have not tested) does not appear to work properly when the protocol hyperlink does not follow the same URL schema of HTTP.

I have mocked up this page that shows one protocol (rdp) link that works and two that do not work: https://jsfiddle.net/hgw7prx4/

If the above link goes dead, here is the HTML to recreate it:

<!DOCTYPE html>
<html>
  <head><title>Brave Proto Handler Broken</title></head>
  <body>
    <a href="rdp://full%20address=s:someserver.com:1234&enablecredsspsupport=i:1&prompt%20for%20credentials%20on%20client=i:1" target="_blank">RDP Link that is Broken</a> - Percent breaks the proto
    <br><br>
    <a href="rdp://nopercentsign.com=s:someserver.com:1234&enablecredsspsupport=i:1&prompt%20for%20credentials%20on%20client=i:1" target="_blank">RDP Link that is Broken 2</a> - This link breaks because of the = sign before an ?
    <br><br>
    <a href="rdp://nopercentsign.com?=s:someserver.com:1234&enablecredsspsupport=i:1&prompt%20for%20credentials%20on%20client=i:1" target="_blank">RDP Link that works</a> - Works because now that ? is in the text and there's no % in the first part of the address
  </body>
</html>

In the above example, I have created 3 links. Two are links that cause the Brave to fail to open the protocol handler. The last link works fine and passes through to the default protocol handler.

From what I found, it seems that Brave does not like seeing a percent sign in the first portion of the uri. Nor does it like an = after the first portion.

The URI scheme for RDP is here: https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/clients/remote-desktop-uri

It states that the following is a valid RDP URI: rdp://full%20address=s:mypc:3389&audiomode=i:2&disable%20themes=i:1

However, the above will not work in Brave due to the issues I mentioned above.

RMMs and other software utilize the legacy RDP URI scheme, but using Brave is not possible when this scheme is used.

Steps to reproduce

  1. https://jsfiddle.net/hgw7prx4/
  2. Click on the links

Actual result

When clicking on one of the broken links, Brave skips loading the default handler and opens a new tab pointing to http://rdp//nopercentsign.com=s:someserver.com:1234&enablecredsspsupport=i:1&prompt%20for%20credentials%20on%20client=i:1

Expected result

The default protocol handler app launches with the parameters passed to it from Brave.

Reproduces how often

Easily reproduced

Brave version (brave://version info)

Brave 1.70.123 Chromium: 129.0.6668.89 (Official Build) (64-bit) Revision 7c1bbf03546a64d969d010808e4f5c99fdf343bb OS Linux

Channel information

Reproducibility

Miscellaneous information

All 3 URIs mentioned above work in Firefox.

eneerge commented 1 week ago

I've developed an extension that solves the issue I was having: https://github.com/eneerge/RDP-Protocol-Handler-for-Chrome