Endpoint Input auto strips protocol

[ddeskov-limechain]

Problem

When creating or updating a node, users may paste full URLs into the gossip, service, and gRPC web proxy endpoint fields. For example, a user might enter:

• http://my.domain.com
• https://my.domain.com/api/v1/
• my.domain.com/api/v1

These endpoint fields expect only a domain name or IP address, not a full URL with protocol or path. The previous implementation stored the input as-is, which would result in invalid endpoint configurations.

Solution

Added a stripProtocolAndPath() helper function in NodeFormData.vue that automatically sanitizes endpoint inputs by:

1. Removing protocol prefixes - Strips http://, https://, grpc://, and any other URI scheme prefixes
2. Removing URL paths - Strips everything after the first / (e.g., /api/v1/)
3. Preserving trailing dots - Keeps trailing . as it is valid in Fully Qualified Domain Names (FQDNs)

The helper is applied in two places:

getEndpointData() - Used when adding gossip and service endpoints
getGrpcWebProxyEndpoint() - Used when updating the gRPC web proxy domain

Examples

Input	Expected result after adding
http://my.domain.com	my.domain.com
https://my.domain.com/api/v1/	my.domain.com
my.domain.com/api/v1	my.domain.com
my.domain.com.	my.domain.com.
192.168.1.1	192.168.1.1

Before

After

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.85%. Comparing base (d0155ac) to head (54d0137).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2171   +/-   ##
=======================================
  Coverage   99.85%   99.85%           
=======================================
  Files         176      176           
  Lines        6763     6763           
  Branches     1290     1301   +11     
=======================================
  Hits         6753     6753           
  Misses         10       10           

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR adds automatic sanitization of endpoint inputs in the Node creation/update form by stripping protocol prefixes and URL paths from user input. This prevents users from accidentally pasting full URLs into endpoint fields that expect only domain names or IP addresses.

Changes:

• Added stripProtocolAndPath() helper function to sanitize endpoint inputs by removing protocol prefixes (http://, https://, grpc://, etc.) and URL paths
• Applied sanitization to gossip, service, and gRPC web proxy endpoint inputs
• Updated Playwright test configuration to add retries in CI environment

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 4 comments.

File	Description
front-end/src/renderer/components/Transaction/Create/NodeCreate/NodeFormData.vue	Added stripProtocolAndPath() function and integrated it into getEndpointData() and getGrpcWebProxyEndpoint() to sanitize user input
automation/playwright.config.ts	Changed test retry configuration to retry tests 2 times in CI
automation/pages/TransactionPage.ts	Removed blank line and added 500ms timeout in deleteAccount method

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[jbair06]

Let's keep all watches grouped down below.

[jbair06]

I like the idea of attempting to clean up the input if it contains ':' at this point. If ':' doesn't exist, let's still do the cleanup. Then we don't need to do it at the very end before emitting data. This way the user will always see exactly what is going to be sent.

So maybe renaming extraPortFromInput and always call it here and in getGrpcWebProxyEndpoint. What do you think?

[ddeskov-limechain]

I thought it was a great idea and I implemented it. After testing it think it gets contra intuitive as UX. For example if you start typing a domain and get to "https://", it disappears (https:// gets stripped out as you type) and the whole input just becomes blank. This feels like a bug more than a feature and appears like the app just erased your input.

It feels more natural when you paste a domain instead of manually typing it. I believe that pasting a domain is the most common case with the users, as every body would copy/paste it so he would be sure there is no typo. For this reason I can suggest 3 approaches:

1. Keeping the current state of the code as it balances typing and pasting.
2. Formatting on pasting only and not while typing.
3. Refactor to a new solution with only one input filed with a placeholder "Paste Gossip Endpoint Here". After a paste event has been detected:

 <input v-model="value" @paste="onPaste" placeholder="Paste Gossip Endpoint here />

<script setup>
import { ref } from 'vue';

const value = ref('');

function onPaste(event) {
  event.preventDefault();
  const pasted = event.clipboardData.getData('text');
  
  // Clean the pasted content
  value.value = pasted.replace(/^https?:\/\//, '');

  // Call functionality that creates a new row with  pre filled domain and port input fields that you can later edit 
}
</script>

We can replace the input filed with a button, but it will cause a user permissions prompt ("Allow this site to read clipboard?")

[ddeskov-limechain]

URL formats on blur now

Screen.Recording.2026-01-16.at.12.02.08.mov