From f36312faa3b2fc0447667d42f880c8c9c433efec Mon Sep 17 00:00:00 2001
From: Pileks <jure@amber-it.co>
Date: Wed, 19 Jul 2023 20:59:36 +0200
Subject: [PATCH] URI authority should start with word characters

---
 packages/core/src/__tests__/Uri.spec.ts |  6 ++++++
 packages/core/src/types/Uri.ts          | 12 ++++++++++++
 2 files changed, 18 insertions(+)

diff --git a/packages/core/src/__tests__/Uri.spec.ts b/packages/core/src/__tests__/Uri.spec.ts
index 4e832db94..a02bbae06 100644
--- a/packages/core/src/__tests__/Uri.spec.ts
+++ b/packages/core/src/__tests__/Uri.spec.ts
@@ -78,4 +78,10 @@ describe("Uri", () => {
     expect(uri.authority).toEqual("authority");
     expect(uri.path).toEqual("something?uri=wrap://something/something2");
   });
+
+  it("Shouldn't accept authorities that don't start with alphanumeric characters", () => {
+    expect(() => {
+      new Uri("../invalid/path");
+    }).toThrow(/URI authority must start with an alphanumeric character or an underscore\./);
+  });
 });
diff --git a/packages/core/src/types/Uri.ts b/packages/core/src/types/Uri.ts
index 73d5ccd13..bd138ba10 100644
--- a/packages/core/src/types/Uri.ts
+++ b/packages/core/src/types/Uri.ts
@@ -175,6 +175,18 @@ export class Uri {
 
     // Extract the authority and path
     const authority = parts[0];
+
+    // Authority should begin with a word character (alphanumeric, underscore)
+    const validAuthorityRegExp = /^\w.*/;
+    if (!validAuthorityRegExp.test(authority)) {
+      return ResultErr(
+        Error(
+          `URI authority must start with an alphanumeric character or an underscore.\n` +
+            `Invalid URI Received: ${input}`
+        )
+      );
+    }
+
     const path = parts.slice(1).join("/");
 
     if (!path) {