From d52037fd5e846a8af5f5cf63cd8bce7399797920 Mon Sep 17 00:00:00 2001
From: Franky Chen <franky920920+gpg@gmail.com>
Date: Tue, 11 Jan 2022 12:13:41 +0000
Subject: [PATCH] [PT Run] Add scheme verification for application URI (#15324)

* [PT Run] Add scheme verfication for application URI

* Add test
---
 .../UriHelper/ExtendedUriParserTests.cs                     | 1 +
 .../Microsoft.Plugin.Uri/UriHelper/ExtendedUriParser.cs     | 6 +++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/modules/launcher/Plugins/Microsoft.Plugin.Uri.UnitTests/UriHelper/ExtendedUriParserTests.cs b/src/modules/launcher/Plugins/Microsoft.Plugin.Uri.UnitTests/UriHelper/ExtendedUriParserTests.cs
index 8a960a5f18..3628f3ca89 100644
--- a/src/modules/launcher/Plugins/Microsoft.Plugin.Uri.UnitTests/UriHelper/ExtendedUriParserTests.cs
+++ b/src/modules/launcher/Plugins/Microsoft.Plugin.Uri.UnitTests/UriHelper/ExtendedUriParserTests.cs
@@ -78,6 +78,7 @@ namespace Microsoft.Plugin.Uri.UnitTests.UriHelper
         [DataRow("ftp://user:password@google.com:2121", true, "ftp://user:password@google.com:2121/", false)]
         [DataRow("ftp://user:password@1.1.1.1", true, "ftp://user:password@1.1.1.1/", false)]
         [DataRow("ftp://user:password@1.1.1.1:2121", true, "ftp://user:password@1.1.1.1:2121/", false)]
+        [DataRow("^:", false, null, false)]
 
         public void TryParseCanParseHostName(string query, bool expectedSuccess, string expectedResult, bool expectedIsWebUri)
         {
diff --git a/src/modules/launcher/Plugins/Microsoft.Plugin.Uri/UriHelper/ExtendedUriParser.cs b/src/modules/launcher/Plugins/Microsoft.Plugin.Uri/UriHelper/ExtendedUriParser.cs
index 82d2327502..96aeae6873 100644
--- a/src/modules/launcher/Plugins/Microsoft.Plugin.Uri/UriHelper/ExtendedUriParser.cs
+++ b/src/modules/launcher/Plugins/Microsoft.Plugin.Uri/UriHelper/ExtendedUriParser.cs
@@ -4,6 +4,7 @@
 
 using System;
 using System.Linq;
+using System.Text.RegularExpressions;
 using Microsoft.Plugin.Uri.Interfaces;
 
 namespace Microsoft.Plugin.Uri.UriHelper
@@ -21,10 +22,13 @@ namespace Microsoft.Plugin.Uri.UriHelper
 
             // Handling URL with only scheme, typically mailto or application uri.
             // Do nothing, return the result without urlBuilder
+            // And check if scheme match REC3986 (issue #15035)
+            const string schemeRegex = @"^([a-z][a-z0-9+\-.]*):";
             if (input.EndsWith(":", StringComparison.OrdinalIgnoreCase)
                 && !input.StartsWith("http", StringComparison.OrdinalIgnoreCase)
                 && !input.Contains("/", StringComparison.OrdinalIgnoreCase)
-                && !input.All(char.IsDigit))
+                && !input.All(char.IsDigit)
+                && Regex.IsMatch(input, schemeRegex))
             {
                 result = new System.Uri(input);
                 isWebUri = false;