Add cookie URL validation check to prevent crash (#55787)

vzaidman · meta-codesync[bot] · commit 312d58eb0124 · 2026-03-02T23:26:02.000-08:00
Summary: Pull Request resolved: #55787 Add defensive check to validate components.URL before using it to load cookies. If NSURLComponents fails to parse the URL or returns nil for components.URL, this prevents passing nil to cookiesForURL which could cause issues in the network stack. Changelog: [Internal] Reviewed By: javache Differential Revision: D94375528 fbshipit-source-id: 499b9ed9c7661b43819b0a2b15edd62775d380f7
diff --git a/packages/react-native/React/CoreModules/RCTWebSocketModule.mm b/packages/react-native/React/CoreModules/RCTWebSocketModule.mm
@@ -84,8 +84,12 @@ - (void)invalidate
   }
 
   // Load and set the cookie header.
-  NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:components.URL];
-  request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];
+  if (components != nil && components.URL != nil) {
+    NSArray<NSHTTPCookie *> *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL:components.URL];
+    request.allHTTPHeaderFields = [NSHTTPCookie requestHeaderFieldsWithCookies:cookies];
+  } else {
+    RCTLogError(@"RCTWebSocketModule: Invalid URL components - components or components.URL is nil");
+  }
 
   // Load supplied headers
   if ([options.headers() isKindOfClass:NSDictionary.class]) {
