Page MenuHomePhabricator

[native] Pass a referrer to Google Play
ClosedPublic

Authored by tomek on Mar 31 2023, 10:08 AM.
Tags
None
Referenced Files
F3587105: D7271.id24653.diff
Mon, Dec 30, 1:13 AM
Unknown Object (File)
Fri, Dec 20, 8:56 PM
Unknown Object (File)
Fri, Dec 20, 8:18 PM
Unknown Object (File)
Fri, Dec 20, 5:48 PM
Unknown Object (File)
Fri, Dec 13, 9:22 AM
Unknown Object (File)
Sat, Dec 7, 7:23 AM
Unknown Object (File)
Sat, Dec 7, 7:23 AM
Unknown Object (File)
Fri, Dec 6, 9:55 PM
Subscribers

Details

Summary

This value can be then accessed using expo-application getInstallReferrerAsync function.

Test Plan

Delete Comm from an emulator. Click a link that opens the store. Run the app on that device. Log the referrer when the app is started - it should contain the secret.

Diff Detail

Repository
rCOMM Comm
Branch
invite2
Lint
No Lint Coverage
Unit
No Test Coverage

Event Timeline

keyserver/src/keyserver.js
131

I was thinking about some kind of sanitization here, but I don't think this is necessary. If a user receives a malicious link and clicks it, we don't have to be involved - the damage is already done. Also, the store url can be typed directly by the user, so it doesn't mean that we're redirecting to it.

136

My testing indicates that we can't put any value into the referrer field - it gets replaced by utm_source=google-play&utm_medium=organic. We can set some specific parts of referrer value https://developers.google.com/analytics/devguides/collection/android/v4/campaigns?hl=pl#campaign-params from which source looks the most relevant. So the value we put here is url-encoded utm_source=invite/${secret}

keyserver/src/keyserver.js
136

Should we call urlencode(secret)?

keyserver/src/keyserver.js
136
  1. When :secret contains something that isn't already urlencoded, a different endpoint on keyserver will be accessed. E.g. /invite/123/abc doesn't match /invite/:secret - instead * route is matched.
  2. When :secret is already url encoded we probably should encode it. E.g. /invite/123%2Fabc makes secret equal to 123/abc and breaks the store link. But even if we encode it, it might break the referrer value, e.g. if the secret would be decoded to aaa&something=value. I have to check how we can avoid this issue.
keyserver/src/keyserver.js
136

I think the solution might be to limit the possible set of secret characters to just alphanumeric. If we avoid % char, the secret should be in a state where decoding it doesn't change it. If this endpoint is called with secret containing special chars, we should avoid passing it as a referrer.

Limit set of allowed chars in the secret.
Make code more readable by using encode function.

keyserver/src/keyserver.js
132 ↗(On Diff #24577)

This function keeps growing - in one of the next diffs I'm going to extract it to a separate place.

ashoat added inline comments.
keyserver/src/keyserver.js
132 ↗(On Diff #24577)

Thanks for preempting this diff comment!

This revision is now accepted and ready to land.Apr 3 2023, 3:58 PM
This revision was automatically updated to reflect the committed changes.