Strip invisible Unicode from link hrefs for defense-in-depth

[romanisa]

Summary

Strips invisible Unicode characters (zero-width chars, bidirectional marks, Unicode Tags U+E0001-U+E007F, etc.) from link href attributes at multiple layers to prevent hidden content injection via mailto: links.

Bug: ADO #409639 - Rooster should strip or neutralize invisible Unicode when rendering drafts, especially in case of MailTo links

Problem

Bug explains the problem statement .. avoiding keeping it here for the sake of keeping internal details private.

Changes

Defense-in-depth - invisible Unicode stripped at 4 layers:

Layer	File	Coverage
Utility	stripInvisibleUnicode.ts (new)	Strips ~30 categories of invisible chars
HTML sanitization	sanitizeElement.ts	Paste, HTML-to-model conversion
XSS check	checkXss.ts	insertLink() API + prevents script: bypass
Format handler	linkFormatHandler.ts	DOM-to-model conversion

Characters stripped

• Zero-width chars (U+200B-U+200F)
• Bidirectional controls (U+202A-U+202E, U+2066-U+2069)
• Unicode Tags (U+E0001-U+E007F) - specifically called out in the bug
• Soft hyphen, BOM, word joiner, and other invisible formatting characters

Design decisions

• Strips from href only (not all text) - avoids breaking zero-width joiners used in some languages
• Strips rather than rejects - user-friendly for accidental BOM/soft-hyphens
• Utility in roosterjs-content-model-dom to avoid circular dependencies

Testing

• 28 new unit tests added across 4 test files
• All 90 relevant tests pass (Chrome 145)

[Copilot]

Pull request overview

Strips invisible Unicode characters from link href values across sanitization, model conversion, and XSS checking to prevent hidden-content injection (notably via mailto:).

Changes:

• Introduces stripInvisibleUnicode() utility and exports it from roosterjs-content-model-dom.
• Applies stripping during DOM→model conversion (linkProcessor, linkFormatHandler) and HTML sanitization (sanitizeElement).
• Updates checkXss() to strip invisible Unicode before evaluating script: patterns and adds unit tests across layers.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
packages/roosterjs-content-model-dom/lib/domUtils/stripInvisibleUnicode.ts	Adds the core stripping utility via a consolidated regex.
packages/roosterjs-content-model-dom/lib/index.ts	Exposes stripInvisibleUnicode from the package entrypoint.
packages/roosterjs-content-model-dom/lib/formatHandlers/segment/linkFormatHandler.ts	Strips invisibles when reading link formats from DOM attributes.
packages/roosterjs-content-model-dom/lib/domToModel/processors/linkProcessor.ts	Strips invisibles while processing <a href> into the content model.
packages/roosterjs-content-model-core/lib/command/createModelFromHtml/sanitizeElement.ts	Strips invisibles when sanitizing href attributes.
packages/roosterjs-content-model-dom/test/domUtils/stripInvisibleUnicodeTest.ts	Adds focused unit coverage for stripping behavior across many code points.
packages/roosterjs-content-model-dom/test/domToModel/processors/linkProcessorTest.ts	Ensures DOM→model link processing strips invisible Unicode in href.
packages/roosterjs-content-model-core/test/command/createModelFromHtml/sanitizeElementTest.ts	Ensures sanitizer strips invisibles from href but not unrelated attributes.
packages/roosterjs-content-model-api/lib/publicApi/utils/checkXss.ts	Strips invisibles before XSS detection and returns sanitized links.
packages/roosterjs-content-model-api/test/publicApi/utils/checkXssTest.ts	Adds tests for invisible Unicode stripping + script: obfuscation detection.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.