diff --git a/codex-rs/shell-command/src/command_safety/windows_dangerous_commands.rs b/codex-rs/shell-command/src/command_safety/windows_dangerous_commands.rs index 9e5089d08d4d..8bcaf762660a 100644 --- a/codex-rs/shell-command/src/command_safety/windows_dangerous_commands.rs +++ b/codex-rs/shell-command/src/command_safety/windows_dangerous_commands.rs @@ -315,9 +315,10 @@ fn looks_like_url(token: &str) -> bool { Lazy::new(|| Regex::new(r#"^[ "'\(\s]*([^\s"'\);]+)[\s;\)]*$"#).ok()); // If the token embeds a URL alongside other text (e.g., Start-Process('https://...')) // as a single shlex token, grab the substring starting at the first URL prefix. - let urlish = token + let lowercase_token = token.to_ascii_lowercase(); + let urlish = lowercase_token .find("https://") - .or_else(|| token.find("http://")) + .or_else(|| lowercase_token.find("http://")) .map(|idx| &token[idx..]) .unwrap_or(token); @@ -434,6 +435,19 @@ mod tests { ]))); } + #[test] + fn powershell_start_process_mixed_case_urls_are_dangerous() { + for script in [ + "Start-Process('HTTP://example.com');", + "Start-Process('hTtPs://example.com');", + ] { + assert!( + is_dangerous_command_windows(&vec_str(&["powershell", "-Command", script])), + "{script}" + ); + } + } + #[test] fn powershell_start_process_local_is_not_flagged() { assert!(!is_dangerous_command_windows(&vec_str(&[