From 7f5fac76d51e0e9d602356cc8d70d560c93b00b8 Mon Sep 17 00:00:00 2001
From: Tadayoshi Sato <sato.tadayoshi@gmail.com>
Date: Fri, 2 Feb 2024 18:58:06 +0900
Subject: [PATCH] fix(connect): HAWNG-474 make sure only http(s) is used for
 connection scheme

---
 .../connect/discover/discover-service.ts      | 10 ++++++++--
 .../src/plugins/shared/connect-service.ts     | 20 ++++++++++++++++---
 2 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/packages/hawtio/src/plugins/connect/discover/discover-service.ts b/packages/hawtio/src/plugins/connect/discover/discover-service.ts
index 3e928f0a..76889488 100644
--- a/packages/hawtio/src/plugins/connect/discover/discover-service.ts
+++ b/packages/hawtio/src/plugins/connect/discover/discover-service.ts
@@ -96,7 +96,7 @@ class DiscoverService {
     }
 
     const url = new URL(agent.url)
-    conn.scheme = url.protocol.substring(0, url.protocol.length - 1) // strip last ':'
+    conn.scheme = this.schemeFromUrl(url)
     conn.host = url.hostname
     conn.port = parseInt(url.port)
     conn.path = url.pathname
@@ -105,6 +105,12 @@ class DiscoverService {
     return conn
   }
 
+  private schemeFromUrl(url: URL): 'http' | 'https' {
+    const scheme = url.protocol.substring(0, url.protocol.length - 1) // strip last ':'
+    // Scheme other than 'http' or 'https' is not valid in the context of Jolokia agent
+    return scheme === 'http' || scheme === 'https' ? scheme : 'http'
+  }
+
   jvmToConnection(jvm: Jvm): Connection {
     const conn = { ...INITIAL_CONNECTION, name: `local-${jvm.port}` }
     if (!jvm.scheme || !jvm.hostname || jvm.port === 0 || !jvm.path) {
@@ -112,7 +118,7 @@ class DiscoverService {
       return conn
     }
 
-    conn.scheme = jvm.scheme
+    conn.scheme = jvm.scheme === 'http' || jvm.scheme === 'https' ? jvm.scheme : 'http'
     conn.host = jvm.hostname
     conn.port = jvm.port
     conn.path = jvm.path
diff --git a/packages/hawtio/src/plugins/shared/connect-service.ts b/packages/hawtio/src/plugins/shared/connect-service.ts
index 5528b109..c7410d29 100644
--- a/packages/hawtio/src/plugins/shared/connect-service.ts
+++ b/packages/hawtio/src/plugins/shared/connect-service.ts
@@ -11,7 +11,7 @@ export type Connections = {
 
 export type Connection = {
   name: string
-  scheme: string
+  scheme: 'http' | 'https'
   host: string
   port: number
   path: string
@@ -146,8 +146,22 @@ class ConnectService implements IConnectService {
   }
 
   loadConnections(): Connections {
-    const conns = localStorage.getItem(STORAGE_KEY_CONNECTIONS)
-    return conns ? JSON.parse(conns) : {}
+    const item = localStorage.getItem(STORAGE_KEY_CONNECTIONS)
+    if (!item) {
+      return {}
+    }
+    const conns: Connections = JSON.parse(item)
+
+    // Make sure scheme is not compromised for each connection
+    Object.values(conns).forEach(conn => {
+      if (conn.scheme !== 'http' && conn.scheme !== 'https') {
+        log.warn('Invalid scheme for connection:', conn)
+        // Force resetting to 'http' for any invalid scheme
+        conn.scheme = 'http'
+      }
+    })
+
+    return conns
   }
 
   saveConnections(connections: Connections) {