📌 Description
Components like src/components/dashboard/CommitmentDetailNftSection.tsx
(onViewOnExplorer, ExternalLink) and NFT/marketplace views build outbound
links to a Stellar explorer using contract/token/owner identifiers. Outbound
links opened in a new tab without rel="noopener noreferrer", and explorer URLs
constructed from unvalidated identifiers, expose the app to reverse tabnabbing
and malformed/redirecting URLs.
This issue centralizes explorer/external link construction and hardens it.
Goal: all external links are built through a validated helper that enforces
an allowlisted explorer base and safe rel/target attributes.
🎯 Requirements and Context
- Add a
buildExplorerUrl(kind, id) helper that validates id shape (Stellar
address / tx hash / token id) and only emits URLs against an allowlisted
explorer base from config.
- Ensure all
target="_blank" links use rel="noopener noreferrer".
- Reject or safely encode unexpected identifier input.
- Apply across NFT section, NFT display, marketplace, and commitment detail.
- Align with
docs/backend-security-checklist.md / backend-threat-model.md
where relevant.
🛠️ Suggested Execution
1. Create a branch
git checkout -b feature/safe-external-links
2. Implement changes
- Add
src/utils/explorerLinks.ts with buildExplorerUrl + validation.
- Replace ad-hoc link construction in the components above.
- Add
src/utils/__tests__/explorerLinks.test.ts.
3. Test and commit
- Run
npm test.
- Edge cases: malformed id, injection attempt in id, missing explorer config,
unknown link kind.
Example commit message
fix: validated explorer link helper and safe rel/target on external links
✅ Guidelines
- Minimum 95% test coverage on the link helper.
- Clear documentation of allowlist and validation rules.
- Timeframe: 96 hours.
🏷️ Labels
type-security · area-frontend · MAYBE REWARDED · GRANTFOX OSS · OFFICIAL CAMPAIGN
💬 Community & Support
- Join the CommitLabs contributor Discord: https://discord.gg/WV7tdYkJk
- Introduce yourself before starting to avoid duplicate work.
- Maintainers triage actively and review fast.
📌 Description
Components like
src/components/dashboard/CommitmentDetailNftSection.tsx(
onViewOnExplorer,ExternalLink) and NFT/marketplace views build outboundlinks to a Stellar explorer using contract/token/owner identifiers. Outbound
links opened in a new tab without
rel="noopener noreferrer", and explorer URLsconstructed from unvalidated identifiers, expose the app to reverse tabnabbing
and malformed/redirecting URLs.
This issue centralizes explorer/external link construction and hardens it.
🎯 Requirements and Context
buildExplorerUrl(kind, id)helper that validatesidshape (Stellaraddress / tx hash / token id) and only emits URLs against an allowlisted
explorer base from config.
target="_blank"links userel="noopener noreferrer".docs/backend-security-checklist.md/backend-threat-model.mdwhere relevant.
🛠️ Suggested Execution
1. Create a branch
2. Implement changes
src/utils/explorerLinks.tswithbuildExplorerUrl+ validation.src/utils/__tests__/explorerLinks.test.ts.3. Test and commit
npm test.unknown link kind.
Example commit message
✅ Guidelines
🏷️ Labels
type-security·area-frontend·MAYBE REWARDED·GRANTFOX OSS·OFFICIAL CAMPAIGN💬 Community & Support