1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/proxy_resolution/proxy_config.h"
6
7 #include <memory>
8 #include <utility>
9
10 #include "base/check.h"
11 #include "base/check_op.h"
12 #include "base/notreached.h"
13 #include "base/strings/string_tokenizer.h"
14 #include "base/strings/string_util.h"
15 #include "base/values.h"
16 #include "build/buildflag.h"
17 #include "net/base/proxy_server.h"
18 #include "net/base/proxy_string_util.h"
19 #include "net/net_buildflags.h"
20 #include "net/proxy_resolution/proxy_info.h"
21
22 namespace net {
23
24 namespace {
25
26 // If |proxies| is non-empty, sets it in |dict| under the key |name|.
AddProxyListToValue(const char * name,const ProxyList & proxies,base::Value::Dict * dict)27 void AddProxyListToValue(const char* name,
28 const ProxyList& proxies,
29 base::Value::Dict* dict) {
30 if (!proxies.IsEmpty()) {
31 dict->Set(name, proxies.ToValue());
32 }
33 }
34
35 // Split the |uri_list| on commas and add each entry to |proxy_list| in turn.
AddProxyURIListToProxyList(std::string uri_list,ProxyList * proxy_list,ProxyServer::Scheme default_scheme,bool allow_bracketed_proxy_chains,bool is_quic_allowed)36 void AddProxyURIListToProxyList(std::string uri_list,
37 ProxyList* proxy_list,
38 ProxyServer::Scheme default_scheme,
39 bool allow_bracketed_proxy_chains,
40 bool is_quic_allowed) {
41 base::StringTokenizer proxy_uri_list(uri_list, ",");
42 while (proxy_uri_list.GetNext()) {
43 proxy_list->AddProxyChain(
44 allow_bracketed_proxy_chains
45 ? MultiProxyUrisToProxyChain(proxy_uri_list.token(), default_scheme,
46 is_quic_allowed)
47 : ProxyUriToProxyChain(proxy_uri_list.token(), default_scheme,
48 is_quic_allowed));
49 }
50 }
51
52 } // namespace
53
54 ProxyConfig::ProxyRules::ProxyRules() = default;
55
56 ProxyConfig::ProxyRules::ProxyRules(const ProxyRules& other) = default;
57
58 ProxyConfig::ProxyRules::~ProxyRules() = default;
59
Apply(const GURL & url,ProxyInfo * result) const60 void ProxyConfig::ProxyRules::Apply(const GURL& url, ProxyInfo* result) const {
61 if (empty()) {
62 result->UseDirect();
63 return;
64 }
65
66 if (bypass_rules.Matches(url, reverse_bypass)) {
67 result->UseDirectWithBypassedProxy();
68 return;
69 }
70
71 switch (type) {
72 case ProxyRules::Type::PROXY_LIST: {
73 result->UseProxyList(single_proxies);
74 return;
75 }
76 case ProxyRules::Type::PROXY_LIST_PER_SCHEME: {
77 const ProxyList* entry = MapUrlSchemeToProxyList(url.scheme());
78 if (entry) {
79 result->UseProxyList(*entry);
80 } else {
81 // We failed to find a matching proxy server for the current URL
82 // scheme. Default to direct.
83 result->UseDirect();
84 }
85 return;
86 }
87 default: {
88 NOTREACHED();
89 }
90 }
91 }
92
ParseFromString(const std::string & proxy_rules,bool allow_bracketed_proxy_chains,bool is_quic_allowed)93 void ProxyConfig::ProxyRules::ParseFromString(const std::string& proxy_rules,
94 bool allow_bracketed_proxy_chains,
95 bool is_quic_allowed) {
96 // Reset.
97 type = Type::EMPTY;
98 single_proxies = ProxyList();
99 proxies_for_http = ProxyList();
100 proxies_for_https = ProxyList();
101 proxies_for_ftp = ProxyList();
102 fallback_proxies = ProxyList();
103
104 #if !BUILDFLAG(ENABLE_BRACKETED_PROXY_URIS)
105 // `allow_multi_proxy_chains` can only be true in non-release builds;
106 CHECK(!allow_bracketed_proxy_chains);
107 #endif // !BUILDFLAG(ENABLE_BRACKETED_PROXY_URIS)
108
109 #if !BUILDFLAG(ENABLE_QUIC_PROXY_SUPPORT)
110 CHECK(!is_quic_allowed);
111 #endif // BUILDFLAG(ENABLE_QUIC_PROXY_SUPPORT)
112
113 base::StringTokenizer proxy_server_list(proxy_rules, ";");
114 while (proxy_server_list.GetNext()) {
115 base::StringTokenizer proxy_server_for_scheme(
116 proxy_server_list.token_begin(), proxy_server_list.token_end(), "=");
117
118 while (proxy_server_for_scheme.GetNext()) {
119 std::string url_scheme = proxy_server_for_scheme.token();
120
121 // If we fail to get the proxy server here, it means that
122 // this is a regular proxy server configuration, i.e. proxies
123 // are not configured per protocol.
124 if (!proxy_server_for_scheme.GetNext()) {
125 if (type == Type::PROXY_LIST_PER_SCHEME) {
126 continue; // Unexpected.
127 }
128 AddProxyURIListToProxyList(
129 std::move(url_scheme), &single_proxies, ProxyServer::SCHEME_HTTP,
130 allow_bracketed_proxy_chains, is_quic_allowed);
131 type = Type::PROXY_LIST;
132 return;
133 }
134
135 // Trim whitespace off the url scheme.
136 base::TrimWhitespaceASCII(url_scheme, base::TRIM_ALL, &url_scheme);
137
138 // Add it to the per-scheme mappings (if supported scheme).
139 type = Type::PROXY_LIST_PER_SCHEME;
140 ProxyList* entry = MapUrlSchemeToProxyListNoFallback(url_scheme);
141 ProxyServer::Scheme default_scheme = ProxyServer::SCHEME_HTTP;
142
143 // socks=XXX is inconsistent with the other formats, since "socks"
144 // is not a URL scheme. Rather this means "for everything else, send
145 // it to the SOCKS proxy server XXX".
146 if (url_scheme == "socks") {
147 DCHECK(!entry);
148 entry = &fallback_proxies;
149 // Note that here 'socks' is understood to be SOCKS4, even though
150 // 'socks' maps to SOCKS5 in ProxyServer::GetSchemeFromURIInternal.
151 default_scheme = ProxyServer::SCHEME_SOCKS4;
152 }
153
154 if (entry) {
155 AddProxyURIListToProxyList(proxy_server_for_scheme.token(), entry,
156 default_scheme, allow_bracketed_proxy_chains,
157 is_quic_allowed);
158 }
159 }
160 }
161 }
162
MapUrlSchemeToProxyList(const std::string & url_scheme) const163 const ProxyList* ProxyConfig::ProxyRules::MapUrlSchemeToProxyList(
164 const std::string& url_scheme) const {
165 const ProxyList* proxy_server_list =
166 const_cast<ProxyRules*>(this)->MapUrlSchemeToProxyListNoFallback(
167 url_scheme);
168 if (proxy_server_list && !proxy_server_list->IsEmpty()) {
169 return proxy_server_list;
170 }
171 if (url_scheme == "ws" || url_scheme == "wss") {
172 return GetProxyListForWebSocketScheme();
173 }
174 if (!fallback_proxies.IsEmpty()) {
175 return &fallback_proxies;
176 }
177 return nullptr; // No mapping for this scheme. Use direct.
178 }
179
Equals(const ProxyRules & other) const180 bool ProxyConfig::ProxyRules::Equals(const ProxyRules& other) const {
181 return type == other.type && single_proxies.Equals(other.single_proxies) &&
182 proxies_for_http.Equals(other.proxies_for_http) &&
183 proxies_for_https.Equals(other.proxies_for_https) &&
184 proxies_for_ftp.Equals(other.proxies_for_ftp) &&
185 fallback_proxies.Equals(other.fallback_proxies) &&
186 bypass_rules == other.bypass_rules &&
187 reverse_bypass == other.reverse_bypass;
188 }
189
MapUrlSchemeToProxyListNoFallback(const std::string & scheme)190 ProxyList* ProxyConfig::ProxyRules::MapUrlSchemeToProxyListNoFallback(
191 const std::string& scheme) {
192 DCHECK_EQ(Type::PROXY_LIST_PER_SCHEME, type);
193 if (scheme == "http") {
194 return &proxies_for_http;
195 }
196 if (scheme == "https") {
197 return &proxies_for_https;
198 }
199 if (scheme == "ftp") {
200 return &proxies_for_ftp;
201 }
202 return nullptr; // No mapping for this scheme.
203 }
204
GetProxyListForWebSocketScheme() const205 const ProxyList* ProxyConfig::ProxyRules::GetProxyListForWebSocketScheme()
206 const {
207 // Follow the recommendation from RFC 6455 section 4.1.3:
208 //
209 // NOTE: Implementations that do not expose explicit UI for
210 // selecting a proxy for WebSocket connections separate from other
211 // proxies are encouraged to use a SOCKS5 [RFC1928] proxy for
212 // WebSocket connections, if available, or failing that, to prefer
213 // the proxy configured for HTTPS connections over the proxy
214 // configured for HTTP connections.
215 //
216 // This interpretation is a bit different from the RFC, in
217 // that it favors both SOCKSv4 and SOCKSv5.
218 //
219 // When the net::ProxyRules came from system proxy settings,
220 // "fallback_proxies" will be empty, or a a single SOCKS
221 // proxy, making this ordering match the RFC.
222 //
223 // However for other configurations it is possible for
224 // "fallback_proxies" to be a list of any ProxyServer,
225 // including non-SOCKS. In this case "fallback_proxies" is
226 // still prioritized over proxies_for_http and
227 // proxies_for_https.
228 if (!fallback_proxies.IsEmpty()) {
229 return &fallback_proxies;
230 }
231 if (!proxies_for_https.IsEmpty()) {
232 return &proxies_for_https;
233 }
234 if (!proxies_for_http.IsEmpty()) {
235 return &proxies_for_http;
236 }
237 return nullptr;
238 }
239
240 ProxyConfig::ProxyConfig() = default;
241
242 ProxyConfig::ProxyConfig(const ProxyConfig& config) = default;
243
244 ProxyConfig::ProxyConfig(ProxyConfig&& config) = default;
245
246 ProxyConfig& ProxyConfig::operator=(const ProxyConfig& config) = default;
247
248 ProxyConfig& ProxyConfig::operator=(ProxyConfig&& config) = default;
249
250 ProxyConfig::~ProxyConfig() = default;
251
Equals(const ProxyConfig & other) const252 bool ProxyConfig::Equals(const ProxyConfig& other) const {
253 return auto_detect_ == other.auto_detect_ && pac_url_ == other.pac_url_ &&
254 pac_mandatory_ == other.pac_mandatory_ &&
255 from_system_ == other.from_system_ &&
256 proxy_rules_.Equals(other.proxy_rules());
257 }
258
HasAutomaticSettings() const259 bool ProxyConfig::HasAutomaticSettings() const {
260 return auto_detect_ || has_pac_url();
261 }
262
ClearAutomaticSettings()263 void ProxyConfig::ClearAutomaticSettings() {
264 auto_detect_ = false;
265 pac_url_ = GURL();
266 }
267
ToValue() const268 base::Value ProxyConfig::ToValue() const {
269 base::Value::Dict dict;
270
271 // Output the automatic settings.
272 if (auto_detect_) {
273 dict.Set("auto_detect", auto_detect_);
274 }
275 if (has_pac_url()) {
276 dict.Set("pac_url", pac_url_.possibly_invalid_spec());
277 if (pac_mandatory_) {
278 dict.Set("pac_mandatory", pac_mandatory_);
279 }
280 }
281 if (from_system_) {
282 dict.Set("from_system", from_system_);
283 }
284
285 // Output the manual settings.
286 if (proxy_rules_.type != ProxyRules::Type::EMPTY) {
287 switch (proxy_rules_.type) {
288 case ProxyRules::Type::PROXY_LIST:
289 AddProxyListToValue("single_proxy", proxy_rules_.single_proxies, &dict);
290 break;
291 case ProxyRules::Type::PROXY_LIST_PER_SCHEME: {
292 base::Value::Dict dict2;
293 AddProxyListToValue("http", proxy_rules_.proxies_for_http, &dict2);
294 AddProxyListToValue("https", proxy_rules_.proxies_for_https, &dict2);
295 AddProxyListToValue("ftp", proxy_rules_.proxies_for_ftp, &dict2);
296 AddProxyListToValue("fallback", proxy_rules_.fallback_proxies, &dict2);
297 dict.Set("proxy_per_scheme", std::move(dict2));
298 break;
299 }
300 default:
301 NOTREACHED();
302 }
303
304 // Output the bypass rules.
305 const ProxyBypassRules& bypass = proxy_rules_.bypass_rules;
306 if (!bypass.rules().empty()) {
307 if (proxy_rules_.reverse_bypass) {
308 dict.Set("reverse_bypass", true);
309 }
310
311 base::Value::List list;
312
313 for (const auto& bypass_rule : bypass.rules()) {
314 list.Append(bypass_rule->ToString());
315 }
316
317 dict.Set("bypass_list", std::move(list));
318 }
319 }
320
321 return base::Value(std::move(dict));
322 }
323
324 } // namespace net
325