Page MenuHomePhabricator

[native] Pass a referrer to Google Play
ClosedPublic

Authored by tomek on Mar 31 2023, 10:08 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Dec 20, 8:56 PM
Unknown Object (File)
Fri, Dec 20, 8:18 PM
Unknown Object (File)
Fri, Dec 20, 5:48 PM
Unknown Object (File)
Fri, Dec 13, 9:22 AM
Unknown Object (File)
Sat, Dec 7, 7:23 AM
Unknown Object (File)
Sat, Dec 7, 7:23 AM
Unknown Object (File)
Fri, Dec 6, 9:55 PM
Unknown Object (File)
Thu, Dec 5, 8:39 PM
Subscribers

Details

Summary

This value can be then accessed using expo-application getInstallReferrerAsync function.

Test Plan

Delete Comm from an emulator. Click a link that opens the store. Run the app on that device. Log the referrer when the app is started - it should contain the secret.

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

keyserver/src/keyserver.js
131 ↗(On Diff #24519)

I was thinking about some kind of sanitization here, but I don't think this is necessary. If a user receives a malicious link and clicks it, we don't have to be involved - the damage is already done. Also, the store url can be typed directly by the user, so it doesn't mean that we're redirecting to it.

136 ↗(On Diff #24519)

My testing indicates that we can't put any value into the referrer field - it gets replaced by utm_source=google-play&utm_medium=organic. We can set some specific parts of referrer value https://developers.google.com/analytics/devguides/collection/android/v4/campaigns?hl=pl#campaign-params from which source looks the most relevant. So the value we put here is url-encoded utm_source=invite/${secret}

keyserver/src/keyserver.js
136 ↗(On Diff #24519)

Should we call urlencode(secret)?

keyserver/src/keyserver.js
136 ↗(On Diff #24519)
  1. When :secret contains something that isn't already urlencoded, a different endpoint on keyserver will be accessed. E.g. /invite/123/abc doesn't match /invite/:secret - instead * route is matched.
  2. When :secret is already url encoded we probably should encode it. E.g. /invite/123%2Fabc makes secret equal to 123/abc and breaks the store link. But even if we encode it, it might break the referrer value, e.g. if the secret would be decoded to aaa&something=value. I have to check how we can avoid this issue.
keyserver/src/keyserver.js
136 ↗(On Diff #24519)

I think the solution might be to limit the possible set of secret characters to just alphanumeric. If we avoid % char, the secret should be in a state where decoding it doesn't change it. If this endpoint is called with secret containing special chars, we should avoid passing it as a referrer.

Limit set of allowed chars in the secret.
Make code more readable by using encode function.

keyserver/src/keyserver.js
132 ↗(On Diff #24577)

This function keeps growing - in one of the next diffs I'm going to extract it to a separate place.

ashoat added inline comments.
keyserver/src/keyserver.js
132 ↗(On Diff #24577)

Thanks for preempting this diff comment!

This revision is now accepted and ready to land.Apr 3 2023, 3:58 PM
This revision was automatically updated to reflect the committed changes.