From dbfb38753502b7e428f968840f054b8948de4fdc Mon Sep 17 00:00:00 2001
From: aftermath2 <cxbvnlrzfjwi@protonmail.com>
Date: Sat, 1 Apr 2023 12:00:00 +0000
Subject: [PATCH 1/3] Escape characters using two backslashes

---
 android/app/src/main/java/com/robosats/WebAppInterface.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/android/app/src/main/java/com/robosats/WebAppInterface.kt b/android/app/src/main/java/com/robosats/WebAppInterface.kt
index 23017bae..38fb026e 100644
--- a/android/app/src/main/java/com/robosats/WebAppInterface.kt
+++ b/android/app/src/main/java/com/robosats/WebAppInterface.kt
@@ -41,7 +41,7 @@ class WebAppInterface(private val context: MainActivity, private val webView: We
 
     // Security patterns for input validation
     private val UUID_PATTERN = Pattern.compile("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", Pattern.CASE_INSENSITIVE)
-    private val SAFE_STRING_PATTERN = Pattern.compile("^[a-zA-Z0-9\s_\-.,:;!?()\[\]{}\"]*$")
+    private val SAFE_STRING_PATTERN = Pattern.compile("^[a-zA-Z0-9\\s_\\-.,:;!?()\\[\\]{}\\"]*$")
 
     // Maximum length for input strings
     private val MAX_INPUT_LENGTH = 1000

From 62df6d590eaac3249d5fe3918fae650a3abbd7d2 Mon Sep 17 00:00:00 2001
From: aftermath2 <cxbvnlrzfjwi@protonmail.com>
Date: Sat, 1 Apr 2023 12:00:00 +0000
Subject: [PATCH 2/3] Use one backlash for the double quote

---
 android/app/src/main/java/com/robosats/WebAppInterface.kt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/android/app/src/main/java/com/robosats/WebAppInterface.kt b/android/app/src/main/java/com/robosats/WebAppInterface.kt
index 38fb026e..53c33a1e 100644
--- a/android/app/src/main/java/com/robosats/WebAppInterface.kt
+++ b/android/app/src/main/java/com/robosats/WebAppInterface.kt
@@ -41,7 +41,7 @@ class WebAppInterface(private val context: MainActivity, private val webView: We
 
     // Security patterns for input validation
     private val UUID_PATTERN = Pattern.compile("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", Pattern.CASE_INSENSITIVE)
-    private val SAFE_STRING_PATTERN = Pattern.compile("^[a-zA-Z0-9\\s_\\-.,:;!?()\\[\\]{}\\"]*$")
+    private val SAFE_STRING_PATTERN = Pattern.compile("^[a-zA-Z0-9\\s_\\-.,:;!?()\\[\\]{}\"]*$")
 
     // Maximum length for input strings
     private val MAX_INPUT_LENGTH = 1000

From 12937086d6beb0827bb5004c8a54e4f899f34be5 Mon Sep 17 00:00:00 2001
From: aftermath2 <cxbvnlrzfjwi@protonmail.com>
Date: Sat, 1 Apr 2023 12:00:00 +0000
Subject: [PATCH 3/3] Restore clipboard content validation

---
 .../src/main/java/com/robosats/WebAppInterface.kt  | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/android/app/src/main/java/com/robosats/WebAppInterface.kt b/android/app/src/main/java/com/robosats/WebAppInterface.kt
index 53c33a1e..45296baa 100644
--- a/android/app/src/main/java/com/robosats/WebAppInterface.kt
+++ b/android/app/src/main/java/com/robosats/WebAppInterface.kt
@@ -43,9 +43,6 @@ class WebAppInterface(private val context: MainActivity, private val webView: We
     private val UUID_PATTERN = Pattern.compile("^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$", Pattern.CASE_INSENSITIVE)
     private val SAFE_STRING_PATTERN = Pattern.compile("^[a-zA-Z0-9\\s_\\-.,:;!?()\\[\\]{}\"]*$")
 
-    // Maximum length for input strings
-    private val MAX_INPUT_LENGTH = 1000
-
     init {
         // Check if libraries are loaded and show a toast notification if there's an issue
         if (!RoboIdentities.areLibrariesLoaded()) {
@@ -108,6 +105,13 @@ class WebAppInterface(private val context: MainActivity, private val webView: We
 
     @JavascriptInterface
     fun copyToClipboard(message: String) {
+        // Validate input
+        if (!isValidInput(message)) {
+            Log.e(TAG, "Invalid input for copyToClipboard")
+            Toast.makeText(context, "Invalid content for clipboard", Toast.LENGTH_SHORT).show()
+            return
+        }
+
         try {
             // Copy to clipboard
             val clipboard = context.getSystemService(Context.CLIPBOARD_SERVICE) as android.content.ClipboardManager
@@ -441,8 +445,8 @@ class WebAppInterface(private val context: MainActivity, private val webView: We
         safeEvaluateJavascript("javascript:window.AndroidRobosats.onRejectPromise('$uuid', '$encodedError')")
     }
 
-    private fun isValidInput(input: String?, maxLength: Int = MAX_INPUT_LENGTH): Boolean {
-        if (input == null || input.isEmpty() || input.length > maxLength) {
+    private fun isValidInput(input: String?): Boolean {
+        if (input == null || input.isEmpty()) {
             return false
         }
         return SAFE_STRING_PATTERN.matcher(input).matches()