📌 Description
src/utils/explorerLinks.ts builds external explorer URLs and has a test file,
but metadata-driven links (e.g. from NFT metadata or commitment fields) can flow
into anchors elsewhere. Any externally-sourced URL rendered as a link must be
validated to prevent javascript:/data: schemes and open-redirect/tabnabbing.
This issue hardens external-link rendering across components that consume
metadata, centralizing validation and safe rel/target attributes.
🎯 Requirements and Context
- Add/extend a
safeExternalUrl helper that allows only http(s) and known
explorer hosts; reject other schemes.
- Apply it wherever metadata-derived URLs become anchors (NFT/commitment detail).
- Enforce
rel="noopener noreferrer" on all target="_blank" links.
- No regressions to existing explorer-link behaviour.
🛠️ Suggested Execution
1. Fork the repo and create a branch
git checkout -b security/sanitize-external-links
2. Implement changes
- Extend
src/utils/explorerLinks.ts with a safeExternalUrl guard and apply it
in metadata-consuming components.
- Add
src/utils/__tests__/safeExternalUrl.test.ts covering allowed hosts,
rejected schemes (javascript:, data:, vbscript:), and rel/target.
- Add
docs/security/EXTERNAL_LINKS.md documenting the allowlist and policy.
- Validate that no unsafe URL can become a clickable link.
3. Test and commit
- Run
pnpm test.
- Cover edge cases: protocol-relative URLs, mixed-case schemes, encoded payloads,
empty/undefined URLs.
Example commit message
security: validate and guard external explorer links from metadata
✅ Guidelines
- Minimum 95% test coverage on new/changed lines.
- Clear, reviewer-friendly documentation.
- Timeframe: 96 hours.
🏷️ Labels
type-security · area-frontend · MAYBE REWARDED · GRANTFOX OSS ·
OFFICIAL CAMPAIGN
💬 Community & Support
- Join the CommitLabs contributor Discord to coordinate and get unblocked fast:
https://discord.gg/WV7tdYkJk
- Introduce yourself before starting so we can avoid duplicate work and pair you
with a reviewer. Maintainers triage actively and review fast.
📌 Description
src/utils/explorerLinks.tsbuilds external explorer URLs and has a test file,but metadata-driven links (e.g. from NFT metadata or commitment fields) can flow
into anchors elsewhere. Any externally-sourced URL rendered as a link must be
validated to prevent
javascript:/data:schemes and open-redirect/tabnabbing.This issue hardens external-link rendering across components that consume
metadata, centralizing validation and safe
rel/targetattributes.🎯 Requirements and Context
safeExternalUrlhelper that allows onlyhttp(s)and knownexplorer hosts; reject other schemes.
rel="noopener noreferrer"on alltarget="_blank"links.🛠️ Suggested Execution
1. Fork the repo and create a branch
2. Implement changes
src/utils/explorerLinks.tswith asafeExternalUrlguard and apply itin metadata-consuming components.
src/utils/__tests__/safeExternalUrl.test.tscovering allowed hosts,rejected schemes (
javascript:,data:,vbscript:), andrel/target.docs/security/EXTERNAL_LINKS.mddocumenting the allowlist and policy.3. Test and commit
pnpm test.empty/undefined URLs.
Example commit message
✅ Guidelines
🏷️ Labels
type-security·area-frontend·MAYBE REWARDED·GRANTFOX OSS·OFFICIAL CAMPAIGN💬 Community & Support
https://discord.gg/WV7tdYkJk
with a reviewer. Maintainers triage actively and review fast.