From b456f0821fdea25bc317b48f2f82a16a58914126 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Damian=20B=C3=BCchel?= <damian.buechel@let.ethz.ch>
Date: Wed, 19 May 2021 02:43:07 +0200
Subject: [PATCH] SEBWIN-449: Ensured server URL is also sanitized when not
 using SEB server and removed check for authentication token for Jitsi Meet.

---
 SafeExamBrowser.Proctoring/ProctoringController.cs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/SafeExamBrowser.Proctoring/ProctoringController.cs b/SafeExamBrowser.Proctoring/ProctoringController.cs
index 2f9038a6..89979ba9 100644
--- a/SafeExamBrowser.Proctoring/ProctoringController.cs
+++ b/SafeExamBrowser.Proctoring/ProctoringController.cs
@@ -89,9 +89,10 @@ namespace SafeExamBrowser.Proctoring
 
 			if (settings.JitsiMeet.Enabled)
 			{
+				this.settings.JitsiMeet.ServerUrl = Sanitize(settings.JitsiMeet.ServerUrl);
+
 				start = !string.IsNullOrWhiteSpace(settings.JitsiMeet.RoomName);
 				start &= !string.IsNullOrWhiteSpace(settings.JitsiMeet.ServerUrl);
-				start &= !string.IsNullOrWhiteSpace(settings.JitsiMeet.Token);
 			}
 			else if (settings.Zoom.Enabled)
 			{
@@ -117,7 +118,7 @@ namespace SafeExamBrowser.Proctoring
 			logger.Info("Proctoring instruction received.");
 
 			settings.JitsiMeet.RoomName = roomName;
-			settings.JitsiMeet.ServerUrl = serverUrl.Replace($"{Uri.UriSchemeHttp}{Uri.SchemeDelimiter}", "").Replace($"{Uri.UriSchemeHttps}{Uri.SchemeDelimiter}", "");
+			settings.JitsiMeet.ServerUrl = Sanitize(serverUrl);
 			settings.JitsiMeet.Token = token;
 
 			StopProctoring();
@@ -242,5 +243,10 @@ namespace SafeExamBrowser.Proctoring
 				return html;
 			}
 		}
+
+		private string Sanitize(string serverUrl)
+		{
+			return serverUrl?.Replace($"{Uri.UriSchemeHttp}{Uri.SchemeDelimiter}", "").Replace($"{Uri.UriSchemeHttps}{Uri.SchemeDelimiter}", "");
+		}
 	}
 }