fix: incomplete url substring sanitization

src/renderer/hooks/useGif.ts

@@ -1,11 +1,15 @@
 import { useEffect, useState } from 'react';
 import { TenorFetchResult, TenorGif } from '../../main/utils/tenor';
 
+const allowedHosts = ['tenor.com', 'www.tenor.com'];
+
 export default function useGif(url: string): TenorGif | null {
   const [gif, setGif] = useState<TenorGif | null>(null);
 
   useEffect(() => {
-    if (!url.startsWith('https://tenor.com')) {
+    const uri = new URL(url);
+
+    if (allowedHosts.includes(uri.host.toLowerCase())) {
       setGif(null);
       return;
     }