Harden resolver and expand traffic runtime controls
This commit is contained in:
beckline
@@ -32,7 +32,7 @@ func canonicalizeAppKey(appKey string, command string) string {
|
||||
key := strings.TrimSpace(appKey)
|
||||
cmd := strings.TrimSpace(command)
|
||||
|
||||
fields := strings.Fields(cmd)
|
||||
fields := splitCommandTokens(cmd)
|
||||
if len(fields) == 0 && key != "" {
|
||||
fields = []string{key}
|
||||
}
|
||||
@@ -61,12 +61,12 @@ func canonicalizeAppKey(appKey string, command string) string {
|
||||
switch base {
|
||||
case "flatpak":
|
||||
if id := extractRunTarget(clean); id != "" {
|
||||
return "flatpak:" + id
|
||||
return "flatpak:" + strings.ToLower(strings.TrimSpace(id))
|
||||
}
|
||||
return "flatpak"
|
||||
case "snap":
|
||||
if name := extractRunTarget(clean); name != "" {
|
||||
return "snap:" + name
|
||||
return "snap:" + strings.ToLower(strings.TrimSpace(name))
|
||||
}
|
||||
return "snap"
|
||||
case "gtk-launch":
|
||||
@@ -74,7 +74,7 @@ func canonicalizeAppKey(appKey string, command string) string {
|
||||
if len(clean) >= 2 {
|
||||
id := strings.TrimSpace(clean[1])
|
||||
if id != "" && !strings.HasPrefix(id, "-") {
|
||||
return "desktop:" + id
|
||||
return "desktop:" + strings.ToLower(id)
|
||||
}
|
||||
}
|
||||
case "env":
|
||||
@@ -102,11 +102,11 @@ func canonicalizeAppKey(appKey string, command string) string {
|
||||
if strings.Contains(primary, "/") {
|
||||
b := filepath.Base(primary)
|
||||
if b != "" && b != "." && b != "/" {
|
||||
return b
|
||||
return strings.ToLower(strings.TrimSpace(b))
|
||||
}
|
||||
}
|
||||
|
||||
return primary
|
||||
return strings.ToLower(strings.TrimSpace(primary))
|
||||
}
|
||||
|
||||
func stripOuterQuotes(s string) string {
|
||||
@@ -151,3 +151,65 @@ func extractRunTarget(fields []string) string {
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// splitCommandTokens performs lightweight shell-style tokenization.
|
||||
// It supports single/double quotes and backslash escaping which is enough
|
||||
// for canonical app key extraction.
|
||||
func splitCommandTokens(raw string) []string {
|
||||
s := strings.TrimSpace(raw)
|
||||
if s == "" {
|
||||
return nil
|
||||
}
|
||||
|
||||
out := make([]string, 0, 8)
|
||||
var cur strings.Builder
|
||||
inSingle := false
|
||||
inDouble := false
|
||||
escaped := false
|
||||
|
||||
flush := func() {
|
||||
if cur.Len() == 0 {
|
||||
return
|
||||
}
|
||||
out = append(out, cur.String())
|
||||
cur.Reset()
|
||||
}
|
||||
|
||||
for _, r := range s {
|
||||
if escaped {
|
||||
cur.WriteRune(r)
|
||||
escaped = false
|
||||
continue
|
||||
}
|
||||
switch r {
|
||||
case '\\':
|
||||
if inSingle {
|
||||
cur.WriteRune(r)
|
||||
} else {
|
||||
escaped = true
|
||||
}
|
||||
case '\'':
|
||||
if inDouble {
|
||||
cur.WriteRune(r)
|
||||
} else {
|
||||
inSingle = !inSingle
|
||||
}
|
||||
case '"':
|
||||
if inSingle {
|
||||
cur.WriteRune(r)
|
||||
} else {
|
||||
inDouble = !inDouble
|
||||
}
|
||||
case ' ', '\t', '\n', '\r':
|
||||
if inSingle || inDouble {
|
||||
cur.WriteRune(r)
|
||||
} else {
|
||||
flush()
|
||||
}
|
||||
default:
|
||||
cur.WriteRune(r)
|
||||
}
|
||||
}
|
||||
flush()
|
||||
return out
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user