add validation of update mirror urls

[christopherpross]

Link to issue number:

#17205

Summary of the issue:

Users could configure an invalid update mirror URL, which would only be discovered when attempting to check for updates. This PR implements a validation mechanism that ensures the specified update mirror is valid before allowing it to be set in the settings.

Description of user facing changes

A new validation process has been added when setting an update mirror URL in NVDA's settings. Users will now receive feedback if the URL they provide is not a valid update mirror. The "Test" button in the settings will now ensure that the mirror responds with the expected format, preventing invalid configurations.

Description of development approach

• Refactored parsing logic for update responses into a new function: parseUpdateCheckResponse.
• Defined the minimum schema for an update mirror response based on the following required keys:
  • version
  • launcherUrl
  • apiVersion
• Implemented a new function _isResponseUpdateMirrorValid in settingsDialogs.py, which calls parseUpdateCheckResponse to validate the mirror's response.
• Added _isResponseUpdateMirrorValid as the responseValidator in the _SetURLDialog for update mirrors.

Testing strategy:

• Ran NVDA from source.
• Ensured the update mirror URL was set to "no Mirror".
• Test 1: Set the URL to "https://www.nvaccess.org/nvdaUpdateCheck".
  • Pressed the "Test" button and verified that the URL was marked as valid.
• Test 2: Set the URL to "https://google.de".
  • Pressed the "Test" button and verified that the URL was marked as invalid.
• Test 3: Set the URL to "https://github.com".
  • Pressed the "Test" button and verified that the URL was marked as invalid.
• Test 4: Set the URL to the Chinese NVDA Community Update Mirror (https://nvaccess.mirror.nvdadr.com/nvdaUpdateCheck).
  • Verified that this URL was marked as valid.
• Additional tests with random strings to ensure that invalid URLs are correctly marked as invalid.

Known issues with pull request:

No known issues.

Code Review Checklist:

• Documentation:
  • Change log entry
  • User Documentation
  • Developer / Technical Documentation
  • Context sensitive help for GUI changes
• Testing:
  • Unit tests
  • System (end to end) tests
  • Manual testing
• UX of all users considered:
  • Speech
  • Braille
  • Low Vision
  • Different web browsers
  • Localization in other languages / culture than English
• API is compatible with existing add-ons.
• Security precautions taken.

@coderabbitai summary

[SaschaCowley]

Thanks @christopherpross. A couple of minor adjustments, plus I think you may have forgotten to push the schema validation.

[SaschaCowley]

response is necessarily OK, as testing fails before running the validator for any status other than 200.

Suggested change

	if not response.ok:
	return False
	responseContent = response.text
	responseContent = response.text

[SaschaCowley]

In your PR description, you say:

• Defined the minimum schema for an update mirror response based on the following required keys:
  • version
  • launcherUrl
  • apiVersion

However it doesn't seem that you have implemented this in _isResponseUpdateMirrorValid or anywhere else. Am I missing something?

[christopherpross]

@SaschaCowley Hey, sorry I see. While merging, there is a change not applied. So this is lost. In the next few days, I will fix that. Sorry for the inconvinience.

[SaschaCowley]

Suggested change

	data = res.text
	info = parseUpdateCheckResponse(data)
	info = parseUpdateCheckResponse(res.text)