Fix bad handling of trusted domains with no scheme (microsoft#249858)

TylerLeonhardt · web-flow · commit a8420f7cb3e7 · 2025-05-27T15:54:56.000+10:00
Fix microsoft#249353 Agent mode fixed this one entirely 🚀
diff --git a/src/vs/workbench/contrib/url/common/urlGlob.ts b/src/vs/workbench/contrib/url/common/urlGlob.ts
@@ -30,7 +30,7 @@ function normalizeURL(url: string | URI): URI {
  */
 export function testUrlMatchesGlob(uri: string | URI, globUrl: string): boolean {
 	const normalizedUrl = normalizeURL(uri);
-	let normalizedGlobUrl = normalizeURL(globUrl);
+	let normalizedGlobUrl: URI;
 
 	const globHasScheme = /^[^./:]*:\/\//.test(globUrl);
 	// if the glob does not have a scheme we assume the scheme is http or https
@@ -40,6 +40,8 @@ export function testUrlMatchesGlob(uri: string | URI, globUrl: string): boolean
 			return false;
 		}
 		normalizedGlobUrl = normalizeURL(`${normalizedUrl.scheme}://${globUrl}`);
+	} else {
+		normalizedGlobUrl = normalizeURL(globUrl);
 	}
 
 	return (
diff --git a/src/vs/workbench/contrib/url/test/browser/trustedDomains.test.ts b/src/vs/workbench/contrib/url/test/browser/trustedDomains.test.ts
@@ -49,6 +49,8 @@ suite('Link protection domain matching', () => {
 		linkAllowedByRules('https://a.x.org', ['*.x.org']);
 		linkAllowedByRules('https://a.b.x.org', ['*.x.org']);
 		linkAllowedByRules('https://x.org', ['*.x.org']);
+		// https://github.com/microsoft/vscode/issues/249353
+		linkAllowedByRules('https://x.org:3000', ['*.x.org:3000']);
 	});
 
 	test('sub paths', () => {
