Check link click (#4463)

* Warn when opening a suspicious link.

Upgrade RTE to 2.38.3

* Update screenshots

* Add tests on LinkPresenter and LinkView.

* Format file

---------

Co-authored-by: ElementBot <[email protected]>

Author: bmarty

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/MessagesPresenter.kt

@@ -32,6 +32,7 @@ import io.element.android.features.messages.impl.actionlist.ActionListEvents
 import io.element.android.features.messages.impl.actionlist.ActionListState
 import io.element.android.features.messages.impl.actionlist.model.TimelineItemAction
 import io.element.android.features.messages.impl.crypto.identity.IdentityChangeState
+import io.element.android.features.messages.impl.link.LinkState
 import io.element.android.features.messages.impl.messagecomposer.MessageComposerEvents
 import io.element.android.features.messages.impl.messagecomposer.MessageComposerState
 import io.element.android.features.messages.impl.pinned.banner.PinnedMessagesBannerState
@@ -96,6 +97,7 @@ class MessagesPresenter @AssistedInject constructor(
     @Assisted private val timelinePresenter: Presenter<TimelineState>,
     private val timelineProtectionPresenter: Presenter<TimelineProtectionState>,
     private val identityChangeStatePresenter: Presenter<IdentityChangeState>,
+    private val linkPresenter: Presenter<LinkState>,
     @Assisted private val actionListPresenter: Presenter<ActionListState>,
     private val customReactionPresenter: Presenter<CustomReactionState>,
     private val reactionSummaryPresenter: Presenter<ReactionSummaryState>,
@@ -136,6 +138,7 @@ class MessagesPresenter @AssistedInject constructor(
         val timelineProtectionState = timelineProtectionPresenter.present()
         val identityChangeState = identityChangeStatePresenter.present()
         val actionListState = actionListPresenter.present()
+        val linkState = linkPresenter.present()
         val customReactionState = customReactionPresenter.present()
         val reactionSummaryState = reactionSummaryPresenter.present()
         val readReceiptBottomSheetState = readReceiptBottomSheetPresenter.present()
@@ -245,6 +248,7 @@ class MessagesPresenter @AssistedInject constructor(
             timelineState = timelineState,
             timelineProtectionState = timelineProtectionState,
             identityChangeState = identityChangeState,
+            linkState = linkState,
             actionListState = actionListState,
             customReactionState = customReactionState,
             reactionSummaryState = reactionSummaryState,

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/MessagesState.kt

@@ -10,6 +10,7 @@ package io.element.android.features.messages.impl
 import androidx.compose.runtime.Immutable
 import io.element.android.features.messages.impl.actionlist.ActionListState
 import io.element.android.features.messages.impl.crypto.identity.IdentityChangeState
+import io.element.android.features.messages.impl.link.LinkState
 import io.element.android.features.messages.impl.messagecomposer.MessageComposerState
 import io.element.android.features.messages.impl.pinned.banner.PinnedMessagesBannerState
 import io.element.android.features.messages.impl.timeline.TimelineState
@@ -38,6 +39,7 @@ data class MessagesState(
     val timelineState: TimelineState,
     val timelineProtectionState: TimelineProtectionState,
     val identityChangeState: IdentityChangeState,
+    val linkState: LinkState,
     val actionListState: ActionListState,
     val customReactionState: CustomReactionState,
     val reactionSummaryState: ReactionSummaryState,

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/MessagesStateProvider.kt

@@ -12,6 +12,8 @@ import io.element.android.features.messages.impl.actionlist.ActionListState
 import io.element.android.features.messages.impl.actionlist.anActionListState
 import io.element.android.features.messages.impl.crypto.identity.IdentityChangeState
 import io.element.android.features.messages.impl.crypto.identity.anIdentityChangeState
+import io.element.android.features.messages.impl.link.LinkState
+import io.element.android.features.messages.impl.link.aLinkState
 import io.element.android.features.messages.impl.messagecomposer.MessageComposerState
 import io.element.android.features.messages.impl.messagecomposer.aMessageComposerState
 import io.element.android.features.messages.impl.pinned.banner.PinnedMessagesBannerState
@@ -103,6 +105,7 @@ fun aMessagesState(
     ),
     timelineProtectionState: TimelineProtectionState = aTimelineProtectionState(),
     identityChangeState: IdentityChangeState = anIdentityChangeState(),
+    linkState: LinkState = aLinkState(),
     readReceiptBottomSheetState: ReadReceiptBottomSheetState = aReadReceiptBottomSheetState(),
     actionListState: ActionListState = anActionListState(),
     customReactionState: CustomReactionState = aCustomReactionState(),
@@ -124,6 +127,7 @@ fun aMessagesState(
     voiceMessageComposerState = voiceMessageComposerState,
     timelineProtectionState = timelineProtectionState,
     identityChangeState = identityChangeState,
+    linkState = linkState,
     timelineState = timelineState,
     readReceiptBottomSheetState = readReceiptBottomSheetState,
     actionListState = actionListState,

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/MessagesView.kt

@@ -56,6 +56,8 @@ import io.element.android.features.messages.impl.actionlist.ActionListEvents
 import io.element.android.features.messages.impl.actionlist.ActionListView
 import io.element.android.features.messages.impl.actionlist.model.TimelineItemAction
 import io.element.android.features.messages.impl.crypto.identity.IdentityChangeStateView
+import io.element.android.features.messages.impl.link.LinkEvents
+import io.element.android.features.messages.impl.link.LinkView
 import io.element.android.features.messages.impl.messagecomposer.AttachmentsBottomSheet
 import io.element.android.features.messages.impl.messagecomposer.DisabledComposerView
 import io.element.android.features.messages.impl.messagecomposer.MessageComposerEvents
@@ -104,6 +106,7 @@ import io.element.android.libraries.matrix.api.core.UserId
 import io.element.android.libraries.matrix.api.encryption.identity.IdentityState
 import io.element.android.libraries.textcomposer.model.TextEditorState
 import io.element.android.libraries.ui.strings.CommonStrings
+import io.element.android.wysiwyg.link.Link
 import kotlinx.collections.immutable.ImmutableList
 import timber.log.Timber
 import kotlin.random.Random
@@ -207,7 +210,14 @@ fun MessagesView(
                 onContentClick = ::onContentClick,
                 onMessageLongClick = ::onMessageLongClick,
                 onUserDataClick = { hidingKeyboard { onUserDataClick(it) } },
-                onLinkClick = onLinkClick,
+                onLinkClick = { link, customTab ->
+                    if (customTab) {
+                        onLinkClick(link.url, true)
+                        // Do not check those links, they are internal link only
+                    } else {
+                        state.linkState.eventSink(LinkEvents.OnLinkClick(link))
+                    }
+                },
                 onReactionClick = ::onEmojiReactionClick,
                 onReactionLongClick = ::onEmojiReactionLongClick,
                 onMoreReactionsClick = ::onMoreReactionsClick,
@@ -258,6 +268,12 @@ fun MessagesView(
         onUserDataClick = onUserDataClick,
     )
     ReinviteDialog(state = state)
+    LinkView(
+        onLinkValid = { link ->
+            onLinkClick(link.url, false)
+        },
+        state = state.linkState,
+    )
 }
 
 @Composable
@@ -279,7 +295,7 @@ private fun MessagesViewContent(
     state: MessagesState,
     onContentClick: (TimelineItem.Event) -> Unit,
     onUserDataClick: (UserId) -> Unit,
-    onLinkClick: (String, Boolean) -> Unit,
+    onLinkClick: (Link, Boolean) -> Unit,
     onReactionClick: (key: String, TimelineItem.Event) -> Unit,
     onReactionLongClick: (key: String, TimelineItem.Event) -> Unit,
     onMoreReactionsClick: (TimelineItem.Event) -> Unit,
@@ -353,7 +369,7 @@ private fun MessagesViewContent(
                         state = state.timelineState,
                         timelineProtectionState = state.timelineProtectionState,
                         onUserDataClick = onUserDataClick,
-                        onLinkClick = { url -> onLinkClick(url, false) },
+                        onLinkClick = { link -> onLinkClick(link, false) },
                         onContentClick = onContentClick,
                         onMessageLongClick = onMessageLongClick,
                         onSwipeToReply = onSwipeToReply,
@@ -388,7 +404,7 @@ private fun MessagesViewContent(
                 MessagesViewComposerBottomSheetContents(
                     subcomposing = subcomposing,
                     state = state,
-                    onLinkClick = onLinkClick,
+                    onLinkClick = { url, customTab -> onLinkClick(Link(url), customTab) },
                 )
             },
             sheetContentKey = sheetResizeContentKey.intValue,

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/di/MessagesModule.kt

@@ -14,6 +14,8 @@ import io.element.android.features.messages.impl.crypto.identity.IdentityChangeS
 import io.element.android.features.messages.impl.crypto.identity.IdentityChangeStatePresenter
 import io.element.android.features.messages.impl.crypto.sendfailure.resolve.ResolveVerifiedUserSendFailurePresenter
 import io.element.android.features.messages.impl.crypto.sendfailure.resolve.ResolveVerifiedUserSendFailureState
+import io.element.android.features.messages.impl.link.LinkPresenter
+import io.element.android.features.messages.impl.link.LinkState
 import io.element.android.features.messages.impl.pinned.banner.PinnedMessagesBannerPresenter
 import io.element.android.features.messages.impl.pinned.banner.PinnedMessagesBannerState
 import io.element.android.features.messages.impl.timeline.components.customreaction.CustomReactionPresenter
@@ -46,6 +48,9 @@ interface MessagesModule {
     @Binds
     fun bindTimelineProtectionPresenter(presenter: TimelineProtectionPresenter): Presenter<TimelineProtectionState>
 
+    @Binds
+    fun bindLinkPresenter(presenter: LinkPresenter): Presenter<LinkState>
+
     @Binds
     fun bindVoiceMessageComposerPresenter(presenter: VoiceMessageComposerPresenter): Presenter<VoiceMessageComposerState>
 

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/link/ConfirmingLinkClick.kt

@@ -0,0 +1,15 @@
+/*
+ * Copyright 2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.features.messages.impl.link
+
+import io.element.android.libraries.architecture.AsyncAction
+import io.element.android.wysiwyg.link.Link
+
+data class ConfirmingLinkClick(
+    val link: Link,
+) : AsyncAction.Confirming

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/link/LinkChecker.kt

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.features.messages.impl.link
+
+import com.squareup.anvil.annotations.ContributesBinding
+import io.element.android.libraries.core.data.tryOrNull
+import io.element.android.libraries.core.extensions.containsRtLOverride
+import io.element.android.libraries.di.AppScope
+import io.element.android.wysiwyg.link.Link
+import java.net.URI
+import javax.inject.Inject
+
+interface LinkChecker {
+    fun isSafe(link: Link): Boolean
+}
+
+@ContributesBinding(AppScope::class)
+class DefaultLinkChecker @Inject constructor() : LinkChecker {
+    override fun isSafe(link: Link): Boolean {
+        return if (link.url.containsRtLOverride()) {
+            false
+        } else {
+            val textUrl = tryOrNull { URI(link.text).toURL() }
+            val urlUrl = tryOrNull { URI(link.url).toURL() }
+            if (textUrl == null || urlUrl == null) {
+                // The text is not a Url, or the url is not valid
+                true
+            } else {
+                // the hosts must match
+                textUrl.host == urlUrl.host
+            }
+        }
+    }
+}

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/link/LinkEvents.kt

@@ -0,0 +1,16 @@
+/*
+ * Copyright 2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.features.messages.impl.link
+
+import io.element.android.wysiwyg.link.Link
+
+sealed interface LinkEvents {
+    data class OnLinkClick(val link: Link) : LinkEvents
+    data object Confirm : LinkEvents
+    data object Cancel : LinkEvents
+}

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/link/LinkPresenter.kt

@@ -0,0 +1,53 @@
+/*
+ * Copyright 2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.features.messages.impl.link
+
+import androidx.compose.runtime.Composable
+import androidx.compose.runtime.MutableState
+import androidx.compose.runtime.mutableStateOf
+import androidx.compose.runtime.remember
+import io.element.android.libraries.architecture.AsyncAction
+import io.element.android.libraries.architecture.Presenter
+import io.element.android.wysiwyg.link.Link
+import javax.inject.Inject
+
+class LinkPresenter @Inject constructor(
+    private val linkChecker: LinkChecker,
+) : Presenter<LinkState> {
+    @Composable
+    override fun present(): LinkState {
+        val linkClick: MutableState<AsyncAction<Link>> = remember { mutableStateOf(AsyncAction.Uninitialized) }
+
+        fun handleEvents(linkEvents: LinkEvents) {
+            when (linkEvents) {
+                is LinkEvents.OnLinkClick -> {
+                    linkClick.value = AsyncAction.Loading
+                    val result = linkChecker.isSafe(linkEvents.link)
+                    if (result) {
+                        linkClick.value = AsyncAction.Success(linkEvents.link)
+                    } else {
+                        // Confirm first
+                        linkClick.value = ConfirmingLinkClick(linkEvents.link)
+                    }
+                }
+                LinkEvents.Confirm -> {
+                    linkClick.value = (linkClick.value as? ConfirmingLinkClick)
+                        ?.let { AsyncAction.Success(it.link) }
+                        ?: AsyncAction.Uninitialized
+                }
+                LinkEvents.Cancel -> {
+                    linkClick.value = AsyncAction.Uninitialized
+                }
+            }
+        }
+        return LinkState(
+            linkClick = linkClick.value,
+            eventSink = ::handleEvents,
+        )
+    }
+}

features/messages/impl/src/main/kotlin/io/element/android/features/messages/impl/link/LinkState.kt

@@ -0,0 +1,16 @@
+/*
+ * Copyright 2025 New Vector Ltd.
+ *
+ * SPDX-License-Identifier: AGPL-3.0-only OR LicenseRef-Element-Commercial
+ * Please see LICENSE files in the repository root for full details.
+ */
+
+package io.element.android.features.messages.impl.link
+
+import io.element.android.libraries.architecture.AsyncAction
+import io.element.android.wysiwyg.link.Link
+
+data class LinkState(
+    val linkClick: AsyncAction<Link>,
+    val eventSink: (LinkEvents) -> Unit,
+)