Fix two problems with URL wildcard matching#12257
Merged
droidmonkey merged 1 commit intodevelopfrom Jul 4, 2025
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR fixes two issues with URL wildcard matching by escaping periods correctly in regex patterns and preserving the wildcard-dot sequence, and it updates the corresponding unit tests to reflect the new behavior.
- Replaced a manual regex replacement with
Tools::escapeRegexto properly escape special characters. - Updated the wildcard host regex to include a literal
.after the wildcard. - Adjusted unit tests to remove expectations for matching the base domain when a leading
*.wildcard is used.
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| src/browser/BrowserService.cpp | Use Tools::escapeRegex and revise host-wildcard regex to include literal . |
| tests/TestBrowser.cpp | Updated expected result counts and removed https://*.github.com/* assertions |
Comments suppressed due to low confidence (4)
src/browser/BrowserService.cpp:1575
- [nitpick] Consider renaming the variable
reto something more descriptive likeescapedPatternorregexPatternto improve readability and maintainability.
auto re = Tools::escapeRegex(firstPart);
src/browser/BrowserService.cpp:1575
- It may help future maintainers to add a brief comment explaining exactly which characters
Tools::escapeRegexis escaping and why this change was introduced.
auto re = Tools::escapeRegex(firstPart);
tests/TestBrowser.cpp:441
- [nitpick] The comment here says "Defaults to https" but the expected string has no protocol; consider clarifying the comment or updating the expected value to include
https://if that’s intended.
QCOMPARE(firstUrl(result[4]), QString("github.com/*"));
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## develop #12257 +/- ##
===========================================
- Coverage 64.25% 64.24% -0.01%
===========================================
Files 375 375
Lines 39303 39303
===========================================
- Hits 25251 25249 -2
- Misses 14052 14054 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
varjolintu
reviewed
Jul 3, 2025
varjolintu
reviewed
Jul 3, 2025
varjolintu
approved these changes
Jul 3, 2025
* Fixes #12255 * Periods were not being escaped in the url string before being used in a regex resulting in matching 'any character' between domain parts * Wildcards entered as `*.` were being replaced with simply `*` resulting in unexpected matches to occur. Fixing this has a side effect of `https://*.github.com` NOT matching `https://github.com` which should be the expected behavior. Users can enter both url's if they desire to match the primary and all sub domains or leave out the wildcard entirely to use normal matching behavior.
7c5ae49 to
6fff47c
Compare
dragonekii
pushed a commit
to dragonekii/keepassxc-custom
that referenced
this pull request
Dec 8, 2025
Release 2.7.11 (2025-11-23) - Add image, HTML, Markdown preview, and text editing support to inline attachment viewer [keepassxreboot#12085, keepassxreboot#12244, keepassxreboot#12654] - Add database merge confirmation dialog [keepassxreboot#10173] - Add option to auto-generate a password for new entries [keepassxreboot#12593] - Add support for group sync in KeeShare [keepassxreboot#11593] - Add {UUID} placeholder for use in references [keepassxreboot#12511] - Add “Wait for Enter” search option [keepassxreboot#12263] - Add keyboard shortcut to “Jump to Group” from search results [keepassxreboot#12225] - Add predefined search for TOTP entries [keepassxreboot#12199] - Add confirmation when closing database via ESC key [keepassxreboot#11963] - Add support for escaping placeholder expressions [keepassxreboot#11904] - Reduce tab indentation width in notes fields [keepassxreboot#11919] - Cap default Argon2 parallelism when creating a new database [keepassxreboot#11853] - Database lock after inactivity now enabled by default and set to 900 seconds [keepassxreboot#12689, keepassxreboot#12609] - Copying TOTP now opens setup dialog if none is configured for entry [keepassxreboot#12584] - Make double click action configurable [keepassxreboot#12322] - Remove unused “Last Accessed” from GUI [keepassxreboot#12602] - Auto-Type: Add more granular confirmation settings [keepassxreboot#12370] - Auto-Type: Add URL typing preset and add copy options to menu [keepassxreboot#12341] - Browser: Do not allow sites automatically if entry added from browser extension [keepassxreboot#12413] - Browser: Add options to restrict exposed groups [keepassxreboot#9852, keepassxreboot#12119] - Bitwarden Import: Add support for timestamps and password history [keepassxreboot#12588] - macOS: Add Liquid Glass icon [keepassxreboot#12642] - macOS: Remove theme-based menubar icon toggle [keepassxreboot#12685] - macOS: Add Window and Help menus [keepassxreboot#12357] - Windows: Add option to add KeePassXC to PATH during installation [keepassxreboot#12171] - Fix window geometry not being restored properly when KeePassXC starts in tray [keepassxreboot#12683] - Fix potential database truncation when using direct write save method with YubiKeys [keepassxreboot#11841] - Fix issue with database backup saving [keepassxreboot#11874] - Fix UI lockups during startup with multiple tabs [keepassxreboot#12053] - Fix keyboard shortcuts when menubar is hidden [keepassxreboot#12431] - Fix clipboard being cleared on exit even if no password was copied [keepassxreboot#12603] - Fix single-instance detection when username contains invalid filename characters [keepassxreboot#12559] - Fix “Search Wait for Enter” setting not being save [keepassxreboot#12614] - Fix hotkey accelerators not being escaped properly on database tabs [keepassxreboot#12630] - Fix confusing error if user cancels out of key file edit dialog [keepassxreboot#12639] - Fix issues with saved searches and “Press Enter to Search” option [keepassxreboot#12314] - Fix URL wildcard matching [keepassxreboot#12257] - Fix TOTP visibility on unlock and settings change [keepassxreboot#12220] - Fix KeeShare entries with reference attributes not updating [keepassxreboot#11809] - Fix sort order not being maintained when toggling filters in database reports [keepassxreboot#11849] - Fix several UI font and layout issues [keepassxreboot#11967, keepassxreboot#12102] - Prevent mouse wheel scroll on edit username field [keepassxreboot#12398] - Improve base translation consistency [keepassxreboot#12432] - Improve inactivity timer [keepassxreboot#12246] - Documentation improvements [keepassxreboot#12373, keepassxreboot#12506] - Browser: Fix ordering of clientDataJSON in Passkey response object [keepassxreboot#12120] - Browser: Fix URL matching for additional URLs [keepassxreboot#12196] - Browser: Fix group settings inheritance [keepassxreboot#12368] - Browser: Allow read-only native messaging config files [keepassxreboot#12236] - Browser: Optimise entry iteration in browser access control dialog [keepassxreboot#11817] - Browser: Fix “Do not ask permission for HTTP Basic Auth” option [keepassxreboot#11871] - Browser: Fix native messaging path for Tor Browser launcher on Linux [keepassxreboot#12005] - Auto-Type: Fix empty window behaviour [keepassxreboot#12622] - Auto-Type: Take delays into account when typing TOTP [keepassxreboot#12691] - SSH Agent: Fix out-of-memory crash with malformed SSH keys [keepassxreboot#12606] - CSV Import: Fix modified and creation time import [keepassxreboot#12379] - CSV Import: Fix duplication of root groups on import [keepassxreboot#12240] - Proton Pass Import: Fix email addresses not being imported when no username set [keepassxreboot#11888] - macOS: Fix secure input getting stuck [keepassxreboot#11928] - Windows: Prevent launch as SYSTEM user from MSI installer [keepassxreboot#12705] - Windows: Remove broken check for MSVC Redistributable from MSI installer [keepassxreboot#11950] - Linux: Fix startup delay due to StartupNotify setting in desktop file [keepassxreboot#12306] - Linux: Fix memory initialisation when --pw-stdin is used with a pipe [keepassxreboot#12050]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
*.were being replaced with simply*resulting in unexpected matches to occur. Fixing this has a side effect ofhttps://*.github.comNOT matchinghttps://github.comwhich should be the expected behavior. Users can enter both url's if they desire to match the primary and all sub domains or leave out the wildcard entirely to use normal matching behavior.Testing strategy
Updated unit tests to conform with new expected behavior
Type of change