From 89edd8089eb6e6540b7bee392d03d3e452a1a7e8 Mon Sep 17 00:00:00 2001 From: Hamza Mahjoubi Date: Tue, 10 Dec 2024 23:28:20 +0700 Subject: [PATCH] fix: phishing detection fixes Signed-off-by: Hamza Mahjoubi --- lib/Service/PhishingDetection/DateCheck.php | 7 ++++++- lib/Service/PhishingDetection/LinkCheck.php | 8 ++++++++ tests/Unit/Service/Phishing/DateCheckTest.php | 19 +++++++++++++++++++ tests/Unit/Service/Phishing/LinkCheckTest.php | 8 ++++++++ 4 files changed, 41 insertions(+), 1 deletion(-) diff --git a/lib/Service/PhishingDetection/DateCheck.php b/lib/Service/PhishingDetection/DateCheck.php index c68322fe85..aeabee964e 100644 --- a/lib/Service/PhishingDetection/DateCheck.php +++ b/lib/Service/PhishingDetection/DateCheck.php @@ -9,6 +9,7 @@ namespace OCA\Mail\Service\PhishingDetection; +use DateException; use OCA\Mail\PhishingDetectionResult; use OCP\AppFramework\Utility\ITimeFactory; use OCP\IL10N; @@ -24,7 +25,11 @@ public function __construct(IL10N $l10n, ITimeFactory $timeFactory) { public function run(string $date): PhishingDetectionResult { $now = $this->timeFactory->getDateTime('now'); - $dt = $this->timeFactory->getDateTime($date); + try { + $dt = $this->timeFactory->getDateTime($date); + } catch (DateException $e) { + return new PhishingDetectionResult(PhishingDetectionResult::DATE_CHECK, false); + } if ($dt > $now) { return new PhishingDetectionResult(PhishingDetectionResult::DATE_CHECK, true, $this->l10n->t('Sent date is in the future')); } diff --git a/lib/Service/PhishingDetection/LinkCheck.php b/lib/Service/PhishingDetection/LinkCheck.php index 31672f8036..9eb23252ea 100644 --- a/lib/Service/PhishingDetection/LinkCheck.php +++ b/lib/Service/PhishingDetection/LinkCheck.php @@ -63,6 +63,14 @@ public function run(string $htmlMessage) : PhishingDetectionResult { if ($href === '') { continue; } + // handle links that are wrapped in brackets, quotes, etc. + $firstChar = $linkText[0]; + $lastChar = $linkText[strlen($linkText) - 1]; + + if (!ctype_alpha($firstChar) && !ctype_alpha($lastChar)) { + $linkText = substr($linkText, 1, -1); + } + $zippedArray[] = [ 'href' => $href, 'linkText' => $linkText diff --git a/tests/Unit/Service/Phishing/DateCheckTest.php b/tests/Unit/Service/Phishing/DateCheckTest.php index 9839e87848..3bd34510b6 100644 --- a/tests/Unit/Service/Phishing/DateCheckTest.php +++ b/tests/Unit/Service/Phishing/DateCheckTest.php @@ -65,4 +65,23 @@ public function testInTheFuture(): void { $this->assertTrue($result->isPhishing()); } + public function testInvalidDate(): void { + + $this->time->expects($this->exactly(2)) + ->method('getDateTime') + ->willReturnCallback(function ($argument): DateTime { + static $callCount = 0; + $callCount++; + + if ($callCount === 1) { + return new \DateTime('now'); + } + throw new \DateException(); + }); + + $result = $this->service->run('invalid date'); + + $this->assertFalse($result->isPhishing()); + } + } diff --git a/tests/Unit/Service/Phishing/LinkCheckTest.php b/tests/Unit/Service/Phishing/LinkCheckTest.php index 03bfe9672d..5511834096 100644 --- a/tests/Unit/Service/Phishing/LinkCheckTest.php +++ b/tests/Unit/Service/Phishing/LinkCheckTest.php @@ -42,6 +42,14 @@ public function testCompleteAddressPass(): void { $this->assertFalse($result->isPhishing()); } + public function testAddressInParenthesessPass(): void { + $htmlMessage = '(https://nextcloud.com/)'; + + $result = $this->service->run($htmlMessage); + + $this->assertFalse($result->isPhishing()); + } + public function testCompleteAddressFail(): void { $htmlMessage = 'https://google.com/

';