From 04f1a734e37fc9a0235e6ece148083d76b3b79cc Mon Sep 17 00:00:00 2001
From: Chaiwat Suwannarat <dermhioasw123@gmail.com>
Date: Thu, 2 May 2024 22:18:55 +0700
Subject: [PATCH] =?UTF-8?q?=E2=9A=A0=EF=B8=8F=20Solve=20security=20problem?=
 =?UTF-8?q?s=20https://github.com/Maseshi/Shioru/issues/84?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 source/utils/miscUtils.js | 19 ++++++-------------
 1 file changed, 6 insertions(+), 13 deletions(-)

diff --git a/source/utils/miscUtils.js b/source/utils/miscUtils.js
index dc25de89..ddc1716d 100644
--- a/source/utils/miscUtils.js
+++ b/source/utils/miscUtils.js
@@ -35,19 +35,12 @@ const currencyFormatter = (number, digits) => {
  * is a valid URL, and `false` otherwise.
  */
 const validateURL = (string) => {
-  const pattern = new RegExp(
-    '^' + // Start of the line
-      '(https?:\\/\\/)?' + // Protocol
-      '((([a-z\\d]([a-z\\d-]*[a-z\\d])*)\\.)+[a-z]{2,}|' + // Domain name
-      '((\\d{1,3}\\.){3}\\d{1,3}))' + // OR ip (v4) address
-      '(\\:\\d+)?(\\/[-a-z\\d%_.~+]*)*' + // Port and path
-      '(\\?[;&a-z\\d%_.~+=-]*)?' + // Query string
-      '(\\#[-a-z\\d_]*)?' + // Fragment locator
-      '$', // End of the line.
-    'i'
-  )
-
-  return !!pattern.test(string)
+  try {
+    const newURL = new URL(string)
+    return newURL.protocol === 'http:' || newURL.protocol === 'https:'
+  } catch (error) {
+    return false
+  }
 }
 
 /**