Put some guardrails around the recaptcha host language param (#3734)

* Add some guardrails for recaptcha host language param

* Formatting

Author: sam-gc

packages-exp/auth-exp/src/platform_browser/recaptcha/recaptcha_loader.test.ts

@@ -142,6 +142,13 @@ describe('platform-browser/recaptcha/recaptcha_loader', () => {
         const loader = new ReCaptchaLoaderImpl();
         expect(await loader.load(auth)).to.eq(_window().grecaptcha);
       });
+
+      it('fails if the host language is invalid', async () => {
+        expect(() => loader.load(auth, 'javascript:injection')).to.throw(
+          FirebaseError,
+          'auth/argument-error'
+        );
+      });
     });
   });
 });

packages-exp/auth-exp/src/platform_browser/recaptcha/recaptcha_loader.ts

@@ -18,6 +18,7 @@
 import { querystring } from '@firebase/util';
 
 import { AUTH_ERROR_FACTORY, AuthErrorCode } from '../../core/errors';
+import { assert } from '../../core/util/assert';
 import { Delay } from '../../core/util/delay';
 import { Auth, AuthCore } from '../../model/auth';
 import { _window } from '../auth_window';
@@ -45,6 +46,10 @@ export class ReCaptchaLoaderImpl implements ReCaptchaLoader {
   private readonly librarySeparatelyLoaded = !!_window().grecaptcha;
 
   load(auth: AuthCore, hl = ''): Promise<Recaptcha> {
+    assert(isHostLanguageValid(hl), AuthErrorCode.ARGUMENT_ERROR, {
+      appName: auth.name
+    });
+
     if (this.shouldResolveImmediately(hl)) {
       return Promise.resolve(_window().grecaptcha!);
     }
@@ -123,6 +128,10 @@ export class ReCaptchaLoaderImpl implements ReCaptchaLoader {
   }
 }
 
+function isHostLanguageValid(hl: string): boolean {
+  return hl.length <= 6 && /^\s*[a-zA-Z0-9\-]*\s*$/.test(hl);
+}
+
 export class MockReCaptchaLoaderImpl implements ReCaptchaLoader {
   async load(auth: Auth): Promise<Recaptcha> {
     return new MockReCaptcha(auth);