1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/base/net_util.h"
6
7 #include <unicode/regex.h>
8 #include <unicode/ucnv.h>
9 #include <unicode/uidna.h>
10 #include <unicode/ulocdata.h>
11 #include <unicode/uniset.h>
12 #include <unicode/uscript.h>
13 #include <unicode/uset.h>
14 #include <algorithm>
15 #include <iterator>
16 #include <map>
17
18 #include "build/build_config.h"
19
20 #if defined(OS_WIN)
21 #include <windows.h>
22 #include <winsock2.h>
23 #include <iphlpapi.h>
24 #pragma comment(lib, "iphlpapi.lib")
25 #elif defined(OS_POSIX)
26 #include <fcntl.h>
27 #ifndef ANDROID
28 #include <ifaddrs.h>
29 #endif
30 #include <netdb.h>
31 #include <net/if.h>
32 #include <netinet/in.h>
33 #if defined(__BIONIC__) && defined(ANDROID)
34 #include <netinet/in6.h>
35 #endif
36 #endif
37
38 #include "base/base64.h"
39 #include "base/basictypes.h"
40 #include "base/file_path.h"
41 #include "base/file_util.h"
42 #include "base/i18n/file_util_icu.h"
43 #include "base/i18n/icu_string_conversions.h"
44 #include "base/i18n/time_formatting.h"
45 #include "base/json/string_escape.h"
46 #include "base/logging.h"
47 #include "base/memory/singleton.h"
48 #include "base/message_loop.h"
49 #include "base/metrics/histogram.h"
50 #include "base/path_service.h"
51 #include "base/stl_util-inl.h"
52 #include "base/string_number_conversions.h"
53 #include "base/string_piece.h"
54 #include "base/string_split.h"
55 #include "base/string_tokenizer.h"
56 #include "base/string_util.h"
57 #include "base/stringprintf.h"
58 #include "base/synchronization/lock.h"
59 #include "base/sys_string_conversions.h"
60 #include "base/time.h"
61 #include "base/utf_offset_string_conversions.h"
62 #include "base/utf_string_conversions.h"
63 #include "googleurl/src/gurl.h"
64 #include "googleurl/src/url_canon.h"
65 #include "googleurl/src/url_canon_ip.h"
66 #include "googleurl/src/url_parse.h"
67 #include "grit/net_resources.h"
68 #include "net/base/dns_util.h"
69 #include "net/base/escape.h"
70 #include "net/base/net_module.h"
71 #if defined(OS_WIN)
72 #include "net/base/winsock_init.h"
73 #endif
74 #include "unicode/datefmt.h"
75
76 using base::Time;
77
78 namespace net {
79
80 namespace {
81
82 // what we prepend to get a file URL
83 static const FilePath::CharType kFileURLPrefix[] =
84 FILE_PATH_LITERAL("file:///");
85
86 // The general list of blocked ports. Will be blocked unless a specific
87 // protocol overrides it. (Ex: ftp can use ports 20 and 21)
88 static const int kRestrictedPorts[] = {
89 1, // tcpmux
90 7, // echo
91 9, // discard
92 11, // systat
93 13, // daytime
94 15, // netstat
95 17, // qotd
96 19, // chargen
97 20, // ftp data
98 21, // ftp access
99 22, // ssh
100 23, // telnet
101 25, // smtp
102 37, // time
103 42, // name
104 43, // nicname
105 53, // domain
106 77, // priv-rjs
107 79, // finger
108 87, // ttylink
109 95, // supdup
110 101, // hostriame
111 102, // iso-tsap
112 103, // gppitnp
113 104, // acr-nema
114 109, // pop2
115 110, // pop3
116 111, // sunrpc
117 113, // auth
118 115, // sftp
119 117, // uucp-path
120 119, // nntp
121 123, // NTP
122 135, // loc-srv /epmap
123 139, // netbios
124 143, // imap2
125 179, // BGP
126 389, // ldap
127 465, // smtp+ssl
128 512, // print / exec
129 513, // login
130 514, // shell
131 515, // printer
132 526, // tempo
133 530, // courier
134 531, // chat
135 532, // netnews
136 540, // uucp
137 556, // remotefs
138 563, // nntp+ssl
139 587, // stmp?
140 601, // ??
141 636, // ldap+ssl
142 993, // ldap+ssl
143 995, // pop3+ssl
144 2049, // nfs
145 3659, // apple-sasl / PasswordServer
146 4045, // lockd
147 6000, // X11
148 6665, // Alternate IRC [Apple addition]
149 6666, // Alternate IRC [Apple addition]
150 6667, // Standard IRC [Apple addition]
151 6668, // Alternate IRC [Apple addition]
152 6669, // Alternate IRC [Apple addition]
153 0xFFFF, // Used to block all invalid port numbers (see
154 // third_party/WebKit/Source/WebCore/platform/KURLGoogle.cpp, port())
155 };
156
157 // FTP overrides the following restricted ports.
158 static const int kAllowedFtpPorts[] = {
159 21, // ftp data
160 22, // ssh
161 };
162
163 template<typename STR>
GetSpecificHeaderT(const STR & headers,const STR & name)164 STR GetSpecificHeaderT(const STR& headers, const STR& name) {
165 // We want to grab the Value from the "Key: Value" pairs in the headers,
166 // which should look like this (no leading spaces, \n-separated) (we format
167 // them this way in url_request_inet.cc):
168 // HTTP/1.1 200 OK\n
169 // ETag: "6d0b8-947-24f35ec0"\n
170 // Content-Length: 2375\n
171 // Content-Type: text/html; charset=UTF-8\n
172 // Last-Modified: Sun, 03 Sep 2006 04:34:43 GMT\n
173 if (headers.empty())
174 return STR();
175
176 STR match;
177 match.push_back('\n');
178 match.append(name);
179 match.push_back(':');
180
181 typename STR::const_iterator begin =
182 search(headers.begin(), headers.end(), match.begin(), match.end(),
183 base::CaseInsensitiveCompareASCII<typename STR::value_type>());
184
185 if (begin == headers.end())
186 return STR();
187
188 begin += match.length();
189
190 typename STR::const_iterator end = find(begin, headers.end(), '\n');
191
192 STR ret;
193 TrimWhitespace(STR(begin, end), TRIM_ALL, &ret);
194 return ret;
195 }
196
197 // Similar to Base64Decode. Decodes a Q-encoded string to a sequence
198 // of bytes. If input is invalid, return false.
QPDecode(const std::string & input,std::string * output)199 bool QPDecode(const std::string& input, std::string* output) {
200 std::string temp;
201 temp.reserve(input.size());
202 std::string::const_iterator it = input.begin();
203 while (it != input.end()) {
204 if (*it == '_') {
205 temp.push_back(' ');
206 } else if (*it == '=') {
207 if (input.end() - it < 3) {
208 return false;
209 }
210 if (IsHexDigit(static_cast<unsigned char>(*(it + 1))) &&
211 IsHexDigit(static_cast<unsigned char>(*(it + 2)))) {
212 unsigned char ch = HexDigitToInt(*(it + 1)) * 16 +
213 HexDigitToInt(*(it + 2));
214 temp.push_back(static_cast<char>(ch));
215 ++it;
216 ++it;
217 } else {
218 return false;
219 }
220 } else if (0x20 < *it && *it < 0x7F) {
221 // In a Q-encoded word, only printable ASCII characters
222 // represent themselves. Besides, space, '=', '_' and '?' are
223 // not allowed, but they're already filtered out.
224 DCHECK(*it != 0x3D && *it != 0x5F && *it != 0x3F);
225 temp.push_back(*it);
226 } else {
227 return false;
228 }
229 ++it;
230 }
231 output->swap(temp);
232 return true;
233 }
234
235 enum RFC2047EncodingType {Q_ENCODING, B_ENCODING};
DecodeBQEncoding(const std::string & part,RFC2047EncodingType enc_type,const std::string & charset,std::string * output)236 bool DecodeBQEncoding(const std::string& part, RFC2047EncodingType enc_type,
237 const std::string& charset, std::string* output) {
238 std::string decoded;
239 if (enc_type == B_ENCODING) {
240 if (!base::Base64Decode(part, &decoded)) {
241 return false;
242 }
243 } else {
244 if (!QPDecode(part, &decoded)) {
245 return false;
246 }
247 }
248
249 UErrorCode err = U_ZERO_ERROR;
250 UConverter* converter(ucnv_open(charset.c_str(), &err));
251 if (U_FAILURE(err)) {
252 return false;
253 }
254
255 // A single byte in a legacy encoding can be expanded to 3 bytes in UTF-8.
256 // A 'two-byte character' in a legacy encoding can be expanded to 4 bytes
257 // in UTF-8. Therefore, the expansion ratio is 3 at most.
258 int length = static_cast<int>(decoded.length());
259 char* buf = WriteInto(output, length * 3);
260 length = ucnv_toAlgorithmic(UCNV_UTF8, converter, buf, length * 3,
261 decoded.data(), length, &err);
262 ucnv_close(converter);
263 if (U_FAILURE(err)) {
264 return false;
265 }
266 output->resize(length);
267 return true;
268 }
269
DecodeWord(const std::string & encoded_word,const std::string & referrer_charset,bool * is_rfc2047,std::string * output)270 bool DecodeWord(const std::string& encoded_word,
271 const std::string& referrer_charset,
272 bool* is_rfc2047,
273 std::string* output) {
274 *is_rfc2047 = false;
275 output->clear();
276 if (encoded_word.empty())
277 return true;
278
279 if (!IsStringASCII(encoded_word)) {
280 // Try UTF-8, referrer_charset and the native OS default charset in turn.
281 if (IsStringUTF8(encoded_word)) {
282 *output = encoded_word;
283 } else {
284 std::wstring wide_output;
285 if (!referrer_charset.empty() &&
286 base::CodepageToWide(encoded_word, referrer_charset.c_str(),
287 base::OnStringConversionError::FAIL,
288 &wide_output)) {
289 *output = WideToUTF8(wide_output);
290 } else {
291 *output = WideToUTF8(base::SysNativeMBToWide(encoded_word));
292 }
293 }
294
295 return true;
296 }
297
298 // RFC 2047 : one of encoding methods supported by Firefox and relatively
299 // widely used by web servers.
300 // =?charset?<E>?<encoded string>?= where '<E>' is either 'B' or 'Q'.
301 // We don't care about the length restriction (72 bytes) because
302 // many web servers generate encoded words longer than the limit.
303 std::string tmp;
304 *is_rfc2047 = true;
305 int part_index = 0;
306 std::string charset;
307 StringTokenizer t(encoded_word, "?");
308 RFC2047EncodingType enc_type = Q_ENCODING;
309 while (*is_rfc2047 && t.GetNext()) {
310 std::string part = t.token();
311 switch (part_index) {
312 case 0:
313 if (part != "=") {
314 *is_rfc2047 = false;
315 break;
316 }
317 ++part_index;
318 break;
319 case 1:
320 // Do we need charset validity check here?
321 charset = part;
322 ++part_index;
323 break;
324 case 2:
325 if (part.size() > 1 ||
326 part.find_first_of("bBqQ") == std::string::npos) {
327 *is_rfc2047 = false;
328 break;
329 }
330 if (part[0] == 'b' || part[0] == 'B') {
331 enc_type = B_ENCODING;
332 }
333 ++part_index;
334 break;
335 case 3:
336 *is_rfc2047 = DecodeBQEncoding(part, enc_type, charset, &tmp);
337 if (!*is_rfc2047) {
338 // Last minute failure. Invalid B/Q encoding. Rather than
339 // passing it through, return now.
340 return false;
341 }
342 ++part_index;
343 break;
344 case 4:
345 if (part != "=") {
346 // Another last minute failure !
347 // Likely to be a case of two encoded-words in a row or
348 // an encoded word followed by a non-encoded word. We can be
349 // generous, but it does not help much in terms of compatibility,
350 // I believe. Return immediately.
351 *is_rfc2047 = false;
352 return false;
353 }
354 ++part_index;
355 break;
356 default:
357 *is_rfc2047 = false;
358 return false;
359 }
360 }
361
362 if (*is_rfc2047) {
363 if (*(encoded_word.end() - 1) == '=') {
364 output->swap(tmp);
365 return true;
366 }
367 // encoded_word ending prematurelly with '?' or extra '?'
368 *is_rfc2047 = false;
369 return false;
370 }
371
372 // We're not handling 'especial' characters quoted with '\', but
373 // it should be Ok because we're not an email client but a
374 // web browser.
375
376 // What IE6/7 does: %-escaped UTF-8.
377 tmp = UnescapeURLComponent(encoded_word, UnescapeRule::SPACES);
378 if (IsStringUTF8(tmp)) {
379 output->swap(tmp);
380 return true;
381 // We can try either the OS default charset or 'origin charset' here,
382 // As far as I can tell, IE does not support it. However, I've seen
383 // web servers emit %-escaped string in a legacy encoding (usually
384 // origin charset).
385 // TODO(jungshik) : Test IE further and consider adding a fallback here.
386 }
387 return false;
388 }
389
DecodeParamValue(const std::string & input,const std::string & referrer_charset,std::string * output)390 bool DecodeParamValue(const std::string& input,
391 const std::string& referrer_charset,
392 std::string* output) {
393 std::string tmp;
394 // Tokenize with whitespace characters.
395 StringTokenizer t(input, " \t\n\r");
396 t.set_options(StringTokenizer::RETURN_DELIMS);
397 bool is_previous_token_rfc2047 = true;
398 while (t.GetNext()) {
399 if (t.token_is_delim()) {
400 // If the previous non-delimeter token is not RFC2047-encoded,
401 // put in a space in its place. Otheriwse, skip over it.
402 if (!is_previous_token_rfc2047) {
403 tmp.push_back(' ');
404 }
405 continue;
406 }
407 // We don't support a single multibyte character split into
408 // adjacent encoded words. Some broken mail clients emit headers
409 // with that problem, but most web servers usually encode a filename
410 // in a single encoded-word. Firefox/Thunderbird do not support
411 // it, either.
412 std::string decoded;
413 if (!DecodeWord(t.token(), referrer_charset, &is_previous_token_rfc2047,
414 &decoded))
415 return false;
416 tmp.append(decoded);
417 }
418 output->swap(tmp);
419 return true;
420 }
421
422 // TODO(mpcomplete): This is a quick and dirty implementation for now. I'm
423 // sure this doesn't properly handle all (most?) cases.
424 template<typename STR>
GetHeaderParamValueT(const STR & header,const STR & param_name,QuoteRule::Type quote_rule)425 STR GetHeaderParamValueT(const STR& header, const STR& param_name,
426 QuoteRule::Type quote_rule) {
427 // This assumes args are formatted exactly like "bla; arg1=value; arg2=value".
428 typename STR::const_iterator param_begin =
429 search(header.begin(), header.end(), param_name.begin(), param_name.end(),
430 base::CaseInsensitiveCompareASCII<typename STR::value_type>());
431
432 if (param_begin == header.end())
433 return STR();
434 param_begin += param_name.length();
435
436 STR whitespace;
437 whitespace.push_back(' ');
438 whitespace.push_back('\t');
439 const typename STR::size_type equals_offset =
440 header.find_first_not_of(whitespace, param_begin - header.begin());
441 if (equals_offset == STR::npos || header.at(equals_offset) != '=')
442 return STR();
443
444 param_begin = header.begin() + equals_offset + 1;
445 if (param_begin == header.end())
446 return STR();
447
448 typename STR::const_iterator param_end;
449 if (*param_begin == '"' && quote_rule == QuoteRule::REMOVE_OUTER_QUOTES) {
450 ++param_begin; // skip past the quote.
451 param_end = find(param_begin, header.end(), '"');
452 // If the closing quote is missing, we will treat the rest of the
453 // string as the parameter. We can't set |param_end| to the
454 // location of the separator (';'), since the separator is
455 // technically quoted. See: http://crbug.com/58840
456 } else {
457 param_end = find(param_begin+1, header.end(), ';');
458 }
459
460 return STR(param_begin, param_end);
461 }
462
463 // Does some simple normalization of scripts so we can allow certain scripts
464 // to exist together.
465 // TODO(brettw) bug 880223: we should allow some other languages to be
466 // oombined such as Chinese and Latin. We will probably need a more
467 // complicated system of language pairs to have more fine-grained control.
NormalizeScript(UScriptCode code)468 UScriptCode NormalizeScript(UScriptCode code) {
469 switch (code) {
470 case USCRIPT_KATAKANA:
471 case USCRIPT_HIRAGANA:
472 case USCRIPT_KATAKANA_OR_HIRAGANA:
473 case USCRIPT_HANGUL: // This one is arguable.
474 return USCRIPT_HAN;
475 default:
476 return code;
477 }
478 }
479
IsIDNComponentInSingleScript(const char16 * str,int str_len)480 bool IsIDNComponentInSingleScript(const char16* str, int str_len) {
481 UScriptCode first_script = USCRIPT_INVALID_CODE;
482 bool is_first = true;
483
484 int i = 0;
485 while (i < str_len) {
486 unsigned code_point;
487 U16_NEXT(str, i, str_len, code_point);
488
489 UErrorCode err = U_ZERO_ERROR;
490 UScriptCode cur_script = uscript_getScript(code_point, &err);
491 if (err != U_ZERO_ERROR)
492 return false; // Report mixed on error.
493 cur_script = NormalizeScript(cur_script);
494
495 // TODO(brettw) We may have to check for USCRIPT_INHERENT as well.
496 if (is_first && cur_script != USCRIPT_COMMON) {
497 first_script = cur_script;
498 is_first = false;
499 } else {
500 if (cur_script != USCRIPT_COMMON && cur_script != first_script)
501 return false;
502 }
503 }
504 return true;
505 }
506
507 // Check if the script of a language can be 'safely' mixed with
508 // Latin letters in the ASCII range.
IsCompatibleWithASCIILetters(const std::string & lang)509 bool IsCompatibleWithASCIILetters(const std::string& lang) {
510 // For now, just list Chinese, Japanese and Korean (positive list).
511 // An alternative is negative-listing (languages using Greek and
512 // Cyrillic letters), but it can be more dangerous.
513 return !lang.substr(0, 2).compare("zh") ||
514 !lang.substr(0, 2).compare("ja") ||
515 !lang.substr(0, 2).compare("ko");
516 }
517
518 typedef std::map<std::string, icu::UnicodeSet*> LangToExemplarSetMap;
519
520 class LangToExemplarSet {
521 public:
GetInstance()522 static LangToExemplarSet* GetInstance() {
523 return Singleton<LangToExemplarSet>::get();
524 }
525
526 private:
527 LangToExemplarSetMap map;
LangToExemplarSet()528 LangToExemplarSet() { }
~LangToExemplarSet()529 ~LangToExemplarSet() {
530 STLDeleteContainerPairSecondPointers(map.begin(), map.end());
531 }
532
533 friend class Singleton<LangToExemplarSet>;
534 friend struct DefaultSingletonTraits<LangToExemplarSet>;
535 friend bool GetExemplarSetForLang(const std::string&, icu::UnicodeSet**);
536 friend void SetExemplarSetForLang(const std::string&, icu::UnicodeSet*);
537
538 DISALLOW_COPY_AND_ASSIGN(LangToExemplarSet);
539 };
540
GetExemplarSetForLang(const std::string & lang,icu::UnicodeSet ** lang_set)541 bool GetExemplarSetForLang(const std::string& lang,
542 icu::UnicodeSet** lang_set) {
543 const LangToExemplarSetMap& map = LangToExemplarSet::GetInstance()->map;
544 LangToExemplarSetMap::const_iterator pos = map.find(lang);
545 if (pos != map.end()) {
546 *lang_set = pos->second;
547 return true;
548 }
549 return false;
550 }
551
SetExemplarSetForLang(const std::string & lang,icu::UnicodeSet * lang_set)552 void SetExemplarSetForLang(const std::string& lang,
553 icu::UnicodeSet* lang_set) {
554 LangToExemplarSetMap& map = LangToExemplarSet::GetInstance()->map;
555 map.insert(std::make_pair(lang, lang_set));
556 }
557
558 static base::Lock lang_set_lock;
559
560 // Returns true if all the characters in component_characters are used by
561 // the language |lang|.
IsComponentCoveredByLang(const icu::UnicodeSet & component_characters,const std::string & lang)562 bool IsComponentCoveredByLang(const icu::UnicodeSet& component_characters,
563 const std::string& lang) {
564 static const icu::UnicodeSet kASCIILetters(0x61, 0x7a); // [a-z]
565 icu::UnicodeSet* lang_set;
566 // We're called from both the UI thread and the history thread.
567 {
568 base::AutoLock lock(lang_set_lock);
569 if (!GetExemplarSetForLang(lang, &lang_set)) {
570 UErrorCode status = U_ZERO_ERROR;
571 ULocaleData* uld = ulocdata_open(lang.c_str(), &status);
572 // TODO(jungshik) Turn this check on when the ICU data file is
573 // rebuilt with the minimal subset of locale data for languages
574 // to which Chrome is not localized but which we offer in the list
575 // of languages selectable for Accept-Languages. With the rebuilt ICU
576 // data, ulocdata_open never should fall back to the default locale.
577 // (issue 2078)
578 // DCHECK(U_SUCCESS(status) && status != U_USING_DEFAULT_WARNING);
579 if (U_SUCCESS(status) && status != U_USING_DEFAULT_WARNING) {
580 lang_set = reinterpret_cast<icu::UnicodeSet *>(
581 ulocdata_getExemplarSet(uld, NULL, 0,
582 ULOCDATA_ES_STANDARD, &status));
583 // If |lang| is compatible with ASCII Latin letters, add them.
584 if (IsCompatibleWithASCIILetters(lang))
585 lang_set->addAll(kASCIILetters);
586 } else {
587 lang_set = new icu::UnicodeSet(1, 0);
588 }
589 lang_set->freeze();
590 SetExemplarSetForLang(lang, lang_set);
591 ulocdata_close(uld);
592 }
593 }
594 return !lang_set->isEmpty() && lang_set->containsAll(component_characters);
595 }
596
597 // Returns true if the given Unicode host component is safe to display to the
598 // user.
IsIDNComponentSafe(const char16 * str,int str_len,const std::wstring & languages)599 bool IsIDNComponentSafe(const char16* str,
600 int str_len,
601 const std::wstring& languages) {
602 // Most common cases (non-IDN) do not reach here so that we don't
603 // need a fast return path.
604 // TODO(jungshik) : Check if there's any character inappropriate
605 // (although allowed) for domain names.
606 // See http://www.unicode.org/reports/tr39/#IDN_Security_Profiles and
607 // http://www.unicode.org/reports/tr39/data/xidmodifications.txt
608 // For now, we borrow the list from Mozilla and tweaked it slightly.
609 // (e.g. Characters like U+00A0, U+3000, U+3002 are omitted because
610 // they're gonna be canonicalized to U+0020 and full stop before
611 // reaching here.)
612 // The original list is available at
613 // http://kb.mozillazine.org/Network.IDN.blacklist_chars and
614 // at http://mxr.mozilla.org/seamonkey/source/modules/libpref/src/init/all.js#703
615
616 UErrorCode status = U_ZERO_ERROR;
617 #ifdef U_WCHAR_IS_UTF16
618 icu::UnicodeSet dangerous_characters(icu::UnicodeString(
619 L"[[\\ \u00bc\u00bd\u01c3\u0337\u0338"
620 L"\u05c3\u05f4\u06d4\u0702\u115f\u1160][\u2000-\u200b]"
621 L"[\u2024\u2027\u2028\u2029\u2039\u203a\u2044\u205f]"
622 L"[\u2154-\u2156][\u2159-\u215b][\u215f\u2215\u23ae"
623 L"\u29f6\u29f8\u2afb\u2afd][\u2ff0-\u2ffb][\u3014"
624 L"\u3015\u3033\u3164\u321d\u321e\u33ae\u33af\u33c6\u33df\ufe14"
625 L"\ufe15\ufe3f\ufe5d\ufe5e\ufeff\uff0e\uff06\uff61\uffa0\ufff9]"
626 L"[\ufffa-\ufffd]]"), status);
627 DCHECK(U_SUCCESS(status));
628 icu::RegexMatcher dangerous_patterns(icu::UnicodeString(
629 // Lone katakana no, so, or n
630 L"[^\\p{Katakana}][\u30ce\u30f3\u30bd][^\\p{Katakana}]"
631 // Repeating Japanese accent characters
632 L"|[\u3099\u309a\u309b\u309c][\u3099\u309a\u309b\u309c]"),
633 0, status);
634 #else
635 icu::UnicodeSet dangerous_characters(icu::UnicodeString(
636 "[[\\u0020\\u00bc\\u00bd\\u01c3\\u0337\\u0338"
637 "\\u05c3\\u05f4\\u06d4\\u0702\\u115f\\u1160][\\u2000-\\u200b]"
638 "[\\u2024\\u2027\\u2028\\u2029\\u2039\\u203a\\u2044\\u205f]"
639 "[\\u2154-\\u2156][\\u2159-\\u215b][\\u215f\\u2215\\u23ae"
640 "\\u29f6\\u29f8\\u2afb\\u2afd][\\u2ff0-\\u2ffb][\\u3014"
641 "\\u3015\\u3033\\u3164\\u321d\\u321e\\u33ae\\u33af\\u33c6\\u33df\\ufe14"
642 "\\ufe15\\ufe3f\\ufe5d\\ufe5e\\ufeff\\uff0e\\uff06\\uff61\\uffa0\\ufff9]"
643 "[\\ufffa-\\ufffd]]", -1, US_INV), status);
644 DCHECK(U_SUCCESS(status));
645 icu::RegexMatcher dangerous_patterns(icu::UnicodeString(
646 // Lone katakana no, so, or n
647 "[^\\p{Katakana}][\\u30ce\\u30f3\u30bd][^\\p{Katakana}]"
648 // Repeating Japanese accent characters
649 "|[\\u3099\\u309a\\u309b\\u309c][\\u3099\\u309a\\u309b\\u309c]"),
650 0, status);
651 #endif
652 DCHECK(U_SUCCESS(status));
653 icu::UnicodeSet component_characters;
654 icu::UnicodeString component_string(str, str_len);
655 component_characters.addAll(component_string);
656 if (dangerous_characters.containsSome(component_characters))
657 return false;
658
659 DCHECK(U_SUCCESS(status));
660 dangerous_patterns.reset(component_string);
661 if (dangerous_patterns.find())
662 return false;
663
664 // If the language list is empty, the result is completely determined
665 // by whether a component is a single script or not. This will block
666 // even "safe" script mixing cases like <Chinese, Latin-ASCII> that are
667 // allowed with |languages| (while it blocks Chinese + Latin letters with
668 // an accent as should be the case), but we want to err on the safe side
669 // when |languages| is empty.
670 if (languages.empty())
671 return IsIDNComponentInSingleScript(str, str_len);
672
673 // |common_characters| is made up of ASCII numbers, hyphen, plus and
674 // underscore that are used across scripts and allowed in domain names.
675 // (sync'd with characters allowed in url_canon_host with square
676 // brackets excluded.) See kHostCharLookup[] array in url_canon_host.cc.
677 icu::UnicodeSet common_characters(UNICODE_STRING_SIMPLE("[[0-9]\\-_+\\ ]"),
678 status);
679 DCHECK(U_SUCCESS(status));
680 // Subtract common characters because they're always allowed so that
681 // we just have to check if a language-specific set contains
682 // the remainder.
683 component_characters.removeAll(common_characters);
684
685 std::string languages_list(WideToASCII(languages));
686 StringTokenizer t(languages_list, ",");
687 while (t.GetNext()) {
688 if (IsComponentCoveredByLang(component_characters, t.token()))
689 return true;
690 }
691 return false;
692 }
693
694 // Converts one component of a host (between dots) to IDN if safe. The result
695 // will be APPENDED to the given output string and will be the same as the input
696 // if it is not IDN or the IDN is unsafe to display. Returns whether any
697 // conversion was performed.
IDNToUnicodeOneComponent(const char16 * comp,size_t comp_len,const std::wstring & languages,string16 * out)698 bool IDNToUnicodeOneComponent(const char16* comp,
699 size_t comp_len,
700 const std::wstring& languages,
701 string16* out) {
702 DCHECK(out);
703 if (comp_len == 0)
704 return false;
705
706 // Only transform if the input can be an IDN component.
707 static const char16 kIdnPrefix[] = {'x', 'n', '-', '-'};
708 if ((comp_len > arraysize(kIdnPrefix)) &&
709 !memcmp(comp, kIdnPrefix, arraysize(kIdnPrefix) * sizeof(char16))) {
710 // Repeatedly expand the output string until it's big enough. It looks like
711 // ICU will return the required size of the buffer, but that's not
712 // documented, so we'll just grow by 2x. This should be rare and is not on a
713 // critical path.
714 size_t original_length = out->length();
715 for (int extra_space = 64; ; extra_space *= 2) {
716 UErrorCode status = U_ZERO_ERROR;
717 out->resize(out->length() + extra_space);
718 int output_chars = uidna_IDNToUnicode(comp,
719 static_cast<int32_t>(comp_len), &(*out)[original_length], extra_space,
720 UIDNA_DEFAULT, NULL, &status);
721 if (status == U_ZERO_ERROR) {
722 // Converted successfully.
723 out->resize(original_length + output_chars);
724 if (IsIDNComponentSafe(out->data() + original_length, output_chars,
725 languages))
726 return true;
727 }
728
729 if (status != U_BUFFER_OVERFLOW_ERROR)
730 break;
731 }
732 // Failed, revert back to original string.
733 out->resize(original_length);
734 }
735
736 // We get here with no IDN or on error, in which case we just append the
737 // literal input.
738 out->append(comp, comp_len);
739 return false;
740 }
741
742 struct SubtractFromOffset {
SubtractFromOffsetnet::__anonf840f6e20111::SubtractFromOffset743 explicit SubtractFromOffset(size_t amount)
744 : amount(amount) {}
operator ()net::__anonf840f6e20111::SubtractFromOffset745 void operator()(size_t& offset) {
746 if (offset != std::wstring::npos) {
747 if (offset >= amount)
748 offset -= amount;
749 else
750 offset = std::wstring::npos;
751 }
752 }
753
754 size_t amount;
755 };
756
757 struct AddToOffset {
AddToOffsetnet::__anonf840f6e20111::AddToOffset758 explicit AddToOffset(size_t amount)
759 : amount(amount) {}
operator ()net::__anonf840f6e20111::AddToOffset760 void operator()(size_t& offset) {
761 if (offset != std::wstring::npos)
762 offset += amount;
763 }
764
765 size_t amount;
766 };
767
OffsetsIntoSection(std::vector<size_t> * offsets_for_adjustment,size_t section_begin)768 std::vector<size_t> OffsetsIntoSection(
769 std::vector<size_t>* offsets_for_adjustment,
770 size_t section_begin) {
771 std::vector<size_t> offsets_into_section;
772 if (offsets_for_adjustment) {
773 std::transform(offsets_for_adjustment->begin(),
774 offsets_for_adjustment->end(),
775 std::back_inserter(offsets_into_section),
776 ClampComponentOffset(section_begin));
777 std::for_each(offsets_into_section.begin(), offsets_into_section.end(),
778 SubtractFromOffset(section_begin));
779 }
780 return offsets_into_section;
781 }
782
ApplySectionAdjustments(const std::vector<size_t> & offsets_into_section,std::vector<size_t> * offsets_for_adjustment,size_t old_section_len,size_t new_section_len,size_t section_begin)783 void ApplySectionAdjustments(const std::vector<size_t>& offsets_into_section,
784 std::vector<size_t>* offsets_for_adjustment,
785 size_t old_section_len,
786 size_t new_section_len,
787 size_t section_begin) {
788 if (offsets_for_adjustment) {
789 DCHECK_EQ(offsets_for_adjustment->size(), offsets_into_section.size());
790 std::vector<size_t>::const_iterator host_offsets_iter =
791 offsets_into_section.begin();
792 for (std::vector<size_t>::iterator offsets_iter =
793 offsets_for_adjustment->begin();
794 offsets_iter != offsets_for_adjustment->end();
795 ++offsets_iter, ++host_offsets_iter) {
796 size_t offset = *offsets_iter;
797 if (offset == std::wstring::npos || offset < section_begin) {
798 // The offset is before the host section so leave it as is.
799 continue;
800 }
801 if (offset >= section_begin + old_section_len) {
802 // The offset is after the host section so adjust by host length delta.
803 offset += new_section_len - old_section_len;
804 } else if (*host_offsets_iter != std::wstring::npos) {
805 // The offset is within the host and valid so adjust by the host
806 // reformatting offsets results.
807 offset = section_begin + *host_offsets_iter;
808 } else {
809 // The offset is invalid.
810 offset = std::wstring::npos;
811 }
812 *offsets_iter = offset;
813 }
814 }
815 }
816
817 // If |component| is valid, its begin is incremented by |delta|.
AdjustComponent(int delta,url_parse::Component * component)818 void AdjustComponent(int delta, url_parse::Component* component) {
819 if (!component->is_valid())
820 return;
821
822 DCHECK(delta >= 0 || component->begin >= -delta);
823 component->begin += delta;
824 }
825
826 // Adjusts all the components of |parsed| by |delta|, except for the scheme.
AdjustComponents(int delta,url_parse::Parsed * parsed)827 void AdjustComponents(int delta, url_parse::Parsed* parsed) {
828 AdjustComponent(delta, &(parsed->username));
829 AdjustComponent(delta, &(parsed->password));
830 AdjustComponent(delta, &(parsed->host));
831 AdjustComponent(delta, &(parsed->port));
832 AdjustComponent(delta, &(parsed->path));
833 AdjustComponent(delta, &(parsed->query));
834 AdjustComponent(delta, &(parsed->ref));
835 }
836
837 std::wstring FormatUrlInternal(const GURL& url,
838 const std::wstring& languages,
839 FormatUrlTypes format_types,
840 UnescapeRule::Type unescape_rules,
841 url_parse::Parsed* new_parsed,
842 size_t* prefix_end,
843 std::vector<size_t>* offsets_for_adjustment);
844
845 // Helper for FormatUrl()/FormatUrlInternal().
FormatViewSourceUrl(const GURL & url,const std::wstring & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)846 std::wstring FormatViewSourceUrl(const GURL& url,
847 const std::wstring& languages,
848 FormatUrlTypes format_types,
849 UnescapeRule::Type unescape_rules,
850 url_parse::Parsed* new_parsed,
851 size_t* prefix_end,
852 std::vector<size_t>* offsets_for_adjustment) {
853 DCHECK(new_parsed);
854 DCHECK(offsets_for_adjustment);
855 const wchar_t* const kWideViewSource = L"view-source:";
856 const size_t kViewSourceLengthPlus1 = 12;
857 std::vector<size_t> saved_offsets(*offsets_for_adjustment);
858
859 GURL real_url(url.possibly_invalid_spec().substr(kViewSourceLengthPlus1));
860 // Clamp the offsets to the source area.
861 std::for_each(offsets_for_adjustment->begin(),
862 offsets_for_adjustment->end(),
863 SubtractFromOffset(kViewSourceLengthPlus1));
864 std::wstring result = FormatUrlInternal(real_url, languages, format_types,
865 unescape_rules, new_parsed, prefix_end, offsets_for_adjustment);
866 result.insert(0, kWideViewSource);
867
868 // Adjust position values.
869 if (new_parsed->scheme.is_nonempty()) {
870 // Assume "view-source:real-scheme" as a scheme.
871 new_parsed->scheme.len += kViewSourceLengthPlus1;
872 } else {
873 new_parsed->scheme.begin = 0;
874 new_parsed->scheme.len = kViewSourceLengthPlus1 - 1;
875 }
876 AdjustComponents(kViewSourceLengthPlus1, new_parsed);
877 if (prefix_end)
878 *prefix_end += kViewSourceLengthPlus1;
879 std::for_each(offsets_for_adjustment->begin(),
880 offsets_for_adjustment->end(),
881 AddToOffset(kViewSourceLengthPlus1));
882 // Restore all offsets which were not affected by FormatUrlInternal.
883 DCHECK_EQ(saved_offsets.size(), offsets_for_adjustment->size());
884 for (size_t i = 0; i < saved_offsets.size(); ++i) {
885 if (saved_offsets[i] < kViewSourceLengthPlus1)
886 (*offsets_for_adjustment)[i] = saved_offsets[i];
887 }
888 return result;
889 }
890
891 // Appends the substring |in_component| inside of the URL |spec| to |output|,
892 // and the resulting range will be filled into |out_component|. |unescape_rules|
893 // defines how to clean the URL for human readability. |offsets_for_adjustment|
894 // is an array of offsets into |output| each of which will be adjusted based on
895 // how it maps to the component being converted; if it is less than
896 // output->length(), it will be untouched, and if it is greater than
897 // output->length() + in_component.len it will be adjusted by the difference in
898 // lengths between the input and output components. Otherwise it points into
899 // the component being converted, and is adjusted to point to the same logical
900 // place in |output|. |offsets_for_adjustment| may not be NULL.
AppendFormattedComponent(const std::string & spec,const url_parse::Component & in_component,UnescapeRule::Type unescape_rules,std::wstring * output,url_parse::Component * out_component,std::vector<size_t> * offsets_for_adjustment)901 void AppendFormattedComponent(const std::string& spec,
902 const url_parse::Component& in_component,
903 UnescapeRule::Type unescape_rules,
904 std::wstring* output,
905 url_parse::Component* out_component,
906 std::vector<size_t>* offsets_for_adjustment) {
907 DCHECK(output);
908 DCHECK(offsets_for_adjustment);
909 if (in_component.is_nonempty()) {
910 size_t component_begin = output->length();
911 out_component->begin = static_cast<int>(component_begin);
912
913 // Compose a list of offsets within the component area.
914 std::vector<size_t> offsets_into_component =
915 OffsetsIntoSection(offsets_for_adjustment, component_begin);
916
917 if (unescape_rules == UnescapeRule::NONE) {
918 output->append(UTF8ToWideAndAdjustOffsets(
919 spec.substr(in_component.begin, in_component.len),
920 &offsets_into_component));
921 } else {
922 output->append(UTF16ToWideHack(
923 UnescapeAndDecodeUTF8URLComponentWithOffsets(
924 spec.substr(in_component.begin, in_component.len), unescape_rules,
925 &offsets_into_component)));
926 }
927 size_t new_component_len = output->length() - component_begin;
928 out_component->len = static_cast<int>(new_component_len);
929
930 // Apply offset adjustments.
931 size_t old_component_len = static_cast<size_t>(in_component.len);
932 ApplySectionAdjustments(offsets_into_component, offsets_for_adjustment,
933 old_component_len, new_component_len, component_begin);
934 } else {
935 out_component->reset();
936 }
937 }
938
939 // TODO(viettrungluu): This is really the old-fashioned version, made internal.
940 // I need to really convert |FormatUrl()|.
FormatUrlInternal(const GURL & url,const std::wstring & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)941 std::wstring FormatUrlInternal(const GURL& url,
942 const std::wstring& languages,
943 FormatUrlTypes format_types,
944 UnescapeRule::Type unescape_rules,
945 url_parse::Parsed* new_parsed,
946 size_t* prefix_end,
947 std::vector<size_t>* offsets_for_adjustment) {
948 url_parse::Parsed parsed_temp;
949 if (!new_parsed)
950 new_parsed = &parsed_temp;
951 else
952 *new_parsed = url_parse::Parsed();
953
954 std::vector<size_t> offsets_temp;
955 if (!offsets_for_adjustment)
956 offsets_for_adjustment = &offsets_temp;
957
958 std::wstring url_string;
959
960 // Check for empty URLs or 0 available text width.
961 if (url.is_empty()) {
962 if (prefix_end)
963 *prefix_end = 0;
964 std::for_each(offsets_for_adjustment->begin(),
965 offsets_for_adjustment->end(),
966 LimitOffset<std::wstring>(0));
967 return url_string;
968 }
969
970 // Special handling for view-source:. Don't use chrome::kViewSourceScheme
971 // because this library shouldn't depend on chrome.
972 const char* const kViewSource = "view-source";
973 // Reject "view-source:view-source:..." to avoid deep recursion.
974 const char* const kViewSourceTwice = "view-source:view-source:";
975 if (url.SchemeIs(kViewSource) &&
976 !StartsWithASCII(url.possibly_invalid_spec(), kViewSourceTwice, false)) {
977 return FormatViewSourceUrl(url, languages, format_types,
978 unescape_rules, new_parsed, prefix_end, offsets_for_adjustment);
979 }
980
981 // We handle both valid and invalid URLs (this will give us the spec
982 // regardless of validity).
983 const std::string& spec = url.possibly_invalid_spec();
984 const url_parse::Parsed& parsed = url.parsed_for_possibly_invalid_spec();
985 size_t spec_length = spec.length();
986 std::for_each(offsets_for_adjustment->begin(),
987 offsets_for_adjustment->end(),
988 LimitOffset<std::wstring>(spec_length));
989
990 // Copy everything before the username (the scheme and the separators.)
991 // These are ASCII.
992 url_string.insert(url_string.end(), spec.begin(),
993 spec.begin() + parsed.CountCharactersBefore(url_parse::Parsed::USERNAME,
994 true));
995
996 const wchar_t kHTTP[] = L"http://";
997 const char kFTP[] = "ftp.";
998 // URLFixerUpper::FixupURL() treats "ftp.foo.com" as ftp://ftp.foo.com. This
999 // means that if we trim "http://" off a URL whose host starts with "ftp." and
1000 // the user inputs this into any field subject to fixup (which is basically
1001 // all input fields), the meaning would be changed. (In fact, often the
1002 // formatted URL is directly pre-filled into an input field.) For this reason
1003 // we avoid stripping "http://" in this case.
1004 bool omit_http =
1005 (format_types & kFormatUrlOmitHTTP) && (url_string == kHTTP) &&
1006 (url.host().compare(0, arraysize(kFTP) - 1, kFTP) != 0);
1007
1008 new_parsed->scheme = parsed.scheme;
1009
1010 if ((format_types & kFormatUrlOmitUsernamePassword) != 0) {
1011 // Remove the username and password fields. We don't want to display those
1012 // to the user since they can be used for attacks,
1013 // e.g. "http://google.com:search@evil.ru/"
1014 new_parsed->username.reset();
1015 new_parsed->password.reset();
1016 // Update the offsets based on removed username and/or password.
1017 if (!offsets_for_adjustment->empty() &&
1018 (parsed.username.is_nonempty() || parsed.password.is_nonempty())) {
1019 AdjustOffset::Adjustments adjustments;
1020 if (parsed.username.is_nonempty() && parsed.password.is_nonempty()) {
1021 // The seeming off-by-one and off-by-two in these first two lines are to
1022 // account for the ':' after the username and '@' after the password.
1023 adjustments.push_back(AdjustOffset::Adjustment(
1024 static_cast<size_t>(parsed.username.begin),
1025 static_cast<size_t>(parsed.username.len + parsed.password.len +
1026 2), 0));
1027 } else {
1028 const url_parse::Component* nonempty_component =
1029 parsed.username.is_nonempty() ? &parsed.username : &parsed.password;
1030 // The seeming off-by-one in below is to account for the '@' after the
1031 // username/password.
1032 adjustments.push_back(AdjustOffset::Adjustment(
1033 static_cast<size_t>(nonempty_component->begin),
1034 static_cast<size_t>(nonempty_component->len + 1), 0));
1035 }
1036
1037 // Make offset adjustment.
1038 std::for_each(offsets_for_adjustment->begin(),
1039 offsets_for_adjustment->end(),
1040 AdjustOffset(adjustments));
1041 }
1042 } else {
1043 AppendFormattedComponent(spec, parsed.username, unescape_rules, &url_string,
1044 &new_parsed->username, offsets_for_adjustment);
1045 if (parsed.password.is_valid())
1046 url_string.push_back(':');
1047 AppendFormattedComponent(spec, parsed.password, unescape_rules, &url_string,
1048 &new_parsed->password, offsets_for_adjustment);
1049 if (parsed.username.is_valid() || parsed.password.is_valid())
1050 url_string.push_back('@');
1051 }
1052 if (prefix_end)
1053 *prefix_end = static_cast<size_t>(url_string.length());
1054
1055 AppendFormattedHostWithOffsets(url, languages, &url_string, new_parsed,
1056 offsets_for_adjustment);
1057
1058 // Port.
1059 if (parsed.port.is_nonempty()) {
1060 url_string.push_back(':');
1061 new_parsed->port.begin = url_string.length();
1062 url_string.insert(url_string.end(),
1063 spec.begin() + parsed.port.begin,
1064 spec.begin() + parsed.port.end());
1065 new_parsed->port.len = url_string.length() - new_parsed->port.begin;
1066 } else {
1067 new_parsed->port.reset();
1068 }
1069
1070 // Path and query both get the same general unescape & convert treatment.
1071 if (!(format_types & kFormatUrlOmitTrailingSlashOnBareHostname) ||
1072 !CanStripTrailingSlash(url)) {
1073 AppendFormattedComponent(spec, parsed.path, unescape_rules, &url_string,
1074 &new_parsed->path, offsets_for_adjustment);
1075 }
1076 if (parsed.query.is_valid())
1077 url_string.push_back('?');
1078 AppendFormattedComponent(spec, parsed.query, unescape_rules, &url_string,
1079 &new_parsed->query, offsets_for_adjustment);
1080
1081 // Reference is stored in valid, unescaped UTF-8, so we can just convert.
1082 if (parsed.ref.is_valid()) {
1083 url_string.push_back('#');
1084 size_t ref_begin = url_string.length();
1085 new_parsed->ref.begin = static_cast<int>(ref_begin);
1086
1087 // Compose a list of offsets within the section.
1088 std::vector<size_t> offsets_into_ref =
1089 OffsetsIntoSection(offsets_for_adjustment, ref_begin);
1090
1091 if (parsed.ref.len > 0) {
1092 url_string.append(UTF8ToWideAndAdjustOffsets(spec.substr(parsed.ref.begin,
1093 parsed.ref.len),
1094 &offsets_into_ref));
1095 }
1096 size_t old_ref_len = static_cast<size_t>(parsed.ref.len);
1097 size_t new_ref_len = url_string.length() - new_parsed->ref.begin;
1098 new_parsed->ref.len = static_cast<int>(new_ref_len);
1099
1100 // Apply offset adjustments.
1101 ApplySectionAdjustments(offsets_into_ref, offsets_for_adjustment,
1102 old_ref_len, new_ref_len, ref_begin);
1103 }
1104
1105 // If we need to strip out http do it after the fact. This way we don't need
1106 // to worry about how offset_for_adjustment is interpreted.
1107 const size_t kHTTPSize = arraysize(kHTTP) - 1;
1108 if (omit_http && !url_string.compare(0, kHTTPSize, kHTTP)) {
1109 url_string = url_string.substr(kHTTPSize);
1110 AdjustOffset::Adjustments adjustments;
1111 adjustments.push_back(AdjustOffset::Adjustment(0, kHTTPSize, 0));
1112 std::for_each(offsets_for_adjustment->begin(),
1113 offsets_for_adjustment->end(),
1114 AdjustOffset(adjustments));
1115 if (prefix_end)
1116 *prefix_end -= kHTTPSize;
1117
1118 // Adjust new_parsed.
1119 DCHECK(new_parsed->scheme.is_valid());
1120 int delta = -(new_parsed->scheme.len + 3); // +3 for ://.
1121 new_parsed->scheme.reset();
1122 AdjustComponents(delta, new_parsed);
1123 }
1124
1125 return url_string;
1126 }
1127
do_strdup(const char * src)1128 char* do_strdup(const char* src) {
1129 #if defined(OS_WIN)
1130 return _strdup(src);
1131 #else
1132 return strdup(src);
1133 #endif
1134 }
1135
1136 } // namespace
1137
1138 const FormatUrlType kFormatUrlOmitNothing = 0;
1139 const FormatUrlType kFormatUrlOmitUsernamePassword = 1 << 0;
1140 const FormatUrlType kFormatUrlOmitHTTP = 1 << 1;
1141 const FormatUrlType kFormatUrlOmitTrailingSlashOnBareHostname = 1 << 2;
1142 const FormatUrlType kFormatUrlOmitAll = kFormatUrlOmitUsernamePassword |
1143 kFormatUrlOmitHTTP | kFormatUrlOmitTrailingSlashOnBareHostname;
1144
1145 // TODO(viettrungluu): We don't want non-POD globals; change this.
1146 std::multiset<int> explicitly_allowed_ports;
1147
FilePathToFileURL(const FilePath & path)1148 GURL FilePathToFileURL(const FilePath& path) {
1149 // Produce a URL like "file:///C:/foo" for a regular file, or
1150 // "file://///server/path" for UNC. The URL canonicalizer will fix up the
1151 // latter case to be the canonical UNC form: "file://server/path"
1152 FilePath::StringType url_string(kFileURLPrefix);
1153 url_string.append(path.value());
1154
1155 // Now do replacement of some characters. Since we assume the input is a
1156 // literal filename, anything the URL parser might consider special should
1157 // be escaped here.
1158
1159 // must be the first substitution since others will introduce percents as the
1160 // escape character
1161 ReplaceSubstringsAfterOffset(&url_string, 0,
1162 FILE_PATH_LITERAL("%"), FILE_PATH_LITERAL("%25"));
1163
1164 // semicolon is supposed to be some kind of separator according to RFC 2396
1165 ReplaceSubstringsAfterOffset(&url_string, 0,
1166 FILE_PATH_LITERAL(";"), FILE_PATH_LITERAL("%3B"));
1167
1168 ReplaceSubstringsAfterOffset(&url_string, 0,
1169 FILE_PATH_LITERAL("#"), FILE_PATH_LITERAL("%23"));
1170
1171 #if defined(OS_POSIX)
1172 ReplaceSubstringsAfterOffset(&url_string, 0,
1173 FILE_PATH_LITERAL("\\"), FILE_PATH_LITERAL("%5C"));
1174 #endif
1175
1176 return GURL(url_string);
1177 }
1178
GetSpecificHeader(const std::wstring & headers,const std::wstring & name)1179 std::wstring GetSpecificHeader(const std::wstring& headers,
1180 const std::wstring& name) {
1181 return GetSpecificHeaderT(headers, name);
1182 }
1183
GetSpecificHeader(const std::string & headers,const std::string & name)1184 std::string GetSpecificHeader(const std::string& headers,
1185 const std::string& name) {
1186 return GetSpecificHeaderT(headers, name);
1187 }
1188
DecodeCharset(const std::string & input,std::string * decoded_charset,std::string * value)1189 bool DecodeCharset(const std::string& input,
1190 std::string* decoded_charset,
1191 std::string* value) {
1192 StringTokenizer t(input, "'");
1193 t.set_options(StringTokenizer::RETURN_DELIMS);
1194 std::string temp_charset;
1195 std::string temp_value;
1196 int numDelimsSeen = 0;
1197 while (t.GetNext()) {
1198 if (t.token_is_delim()) {
1199 ++numDelimsSeen;
1200 continue;
1201 } else {
1202 switch (numDelimsSeen) {
1203 case 0:
1204 temp_charset = t.token();
1205 break;
1206 case 1:
1207 // Language is ignored.
1208 break;
1209 case 2:
1210 temp_value = t.token();
1211 break;
1212 default:
1213 return false;
1214 }
1215 }
1216 }
1217 if (numDelimsSeen != 2)
1218 return false;
1219 if (temp_charset.empty() || temp_value.empty())
1220 return false;
1221 decoded_charset->swap(temp_charset);
1222 value->swap(temp_value);
1223 return true;
1224 }
1225
GetFileNameFromCD(const std::string & header,const std::string & referrer_charset)1226 std::string GetFileNameFromCD(const std::string& header,
1227 const std::string& referrer_charset) {
1228 std::string decoded;
1229 std::string param_value = GetHeaderParamValue(header, "filename*",
1230 QuoteRule::KEEP_OUTER_QUOTES);
1231 if (!param_value.empty()) {
1232 if (param_value.find('"') == std::string::npos) {
1233 std::string charset;
1234 std::string value;
1235 if (DecodeCharset(param_value, &charset, &value)) {
1236 // RFC 5987 value should be ASCII-only.
1237 if (!IsStringASCII(value))
1238 return std::string();
1239 std::string tmp = UnescapeURLComponent(
1240 value,
1241 UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS);
1242 if (base::ConvertToUtf8AndNormalize(tmp, charset, &decoded))
1243 return decoded;
1244 }
1245 }
1246 }
1247 param_value = GetHeaderParamValue(header, "filename",
1248 QuoteRule::REMOVE_OUTER_QUOTES);
1249 if (param_value.empty()) {
1250 // Some servers use 'name' parameter.
1251 param_value = GetHeaderParamValue(header, "name",
1252 QuoteRule::REMOVE_OUTER_QUOTES);
1253 }
1254 if (param_value.empty())
1255 return std::string();
1256 if (DecodeParamValue(param_value, referrer_charset, &decoded))
1257 return decoded;
1258 return std::string();
1259 }
1260
GetHeaderParamValue(const std::wstring & field,const std::wstring & param_name,QuoteRule::Type quote_rule)1261 std::wstring GetHeaderParamValue(const std::wstring& field,
1262 const std::wstring& param_name,
1263 QuoteRule::Type quote_rule) {
1264 return GetHeaderParamValueT(field, param_name, quote_rule);
1265 }
1266
GetHeaderParamValue(const std::string & field,const std::string & param_name,QuoteRule::Type quote_rule)1267 std::string GetHeaderParamValue(const std::string& field,
1268 const std::string& param_name,
1269 QuoteRule::Type quote_rule) {
1270 return GetHeaderParamValueT(field, param_name, quote_rule);
1271 }
1272
1273 // TODO(brettw) bug 734373: check the scripts for each host component and
1274 // don't un-IDN-ize if there is more than one. Alternatively, only IDN for
1275 // scripts that the user has installed. For now, just put the entire
1276 // path through IDN. Maybe this feature can be implemented in ICU itself?
1277 //
1278 // We may want to skip this step in the case of file URLs to allow unicode
1279 // UNC hostnames regardless of encodings.
IDNToUnicodeWithOffsets(const char * host,size_t host_len,const std::wstring & languages,std::vector<size_t> * offsets_for_adjustment)1280 std::wstring IDNToUnicodeWithOffsets(
1281 const char* host,
1282 size_t host_len,
1283 const std::wstring& languages,
1284 std::vector<size_t>* offsets_for_adjustment) {
1285 // Convert the ASCII input to a wide string for ICU.
1286 string16 input16;
1287 input16.reserve(host_len);
1288 input16.insert(input16.end(), host, host + host_len);
1289
1290 // Do each component of the host separately, since we enforce script matching
1291 // on a per-component basis.
1292 AdjustOffset::Adjustments adjustments;
1293 string16 out16;
1294 for (size_t component_start = 0, component_end;
1295 component_start < input16.length();
1296 component_start = component_end + 1) {
1297 // Find the end of the component.
1298 component_end = input16.find('.', component_start);
1299 if (component_end == string16::npos)
1300 component_end = input16.length(); // For getting the last component.
1301 size_t component_length = component_end - component_start;
1302 size_t new_component_start = out16.length();
1303 bool converted_idn = false;
1304 if (component_end > component_start) {
1305 // Add the substring that we just found.
1306 converted_idn = IDNToUnicodeOneComponent(input16.data() + component_start,
1307 component_length, languages, &out16);
1308 }
1309 size_t new_component_length = out16.length() - new_component_start;
1310
1311 if (converted_idn && offsets_for_adjustment) {
1312 adjustments.push_back(AdjustOffset::Adjustment(
1313 component_start, component_length, new_component_length));
1314 }
1315
1316 // Need to add the dot we just found (if we found one).
1317 if (component_end < input16.length())
1318 out16.push_back('.');
1319 }
1320
1321 // Make offset adjustment.
1322 if (offsets_for_adjustment && !adjustments.empty()) {
1323 std::for_each(offsets_for_adjustment->begin(),
1324 offsets_for_adjustment->end(),
1325 AdjustOffset(adjustments));
1326 }
1327
1328 return UTF16ToWideAndAdjustOffsets(out16, offsets_for_adjustment);
1329 }
1330
IDNToUnicode(const char * host,size_t host_len,const std::wstring & languages,size_t * offset_for_adjustment)1331 std::wstring IDNToUnicode(const char* host,
1332 size_t host_len,
1333 const std::wstring& languages,
1334 size_t* offset_for_adjustment) {
1335 std::vector<size_t> offsets;
1336 if (offset_for_adjustment)
1337 offsets.push_back(*offset_for_adjustment);
1338 std::wstring result =
1339 IDNToUnicodeWithOffsets(host, host_len, languages, &offsets);
1340 if (offset_for_adjustment)
1341 *offset_for_adjustment = offsets[0];
1342 return result;
1343 }
1344
CanonicalizeHost(const std::string & host,url_canon::CanonHostInfo * host_info)1345 std::string CanonicalizeHost(const std::string& host,
1346 url_canon::CanonHostInfo* host_info) {
1347 // Try to canonicalize the host.
1348 const url_parse::Component raw_host_component(
1349 0, static_cast<int>(host.length()));
1350 std::string canon_host;
1351 url_canon::StdStringCanonOutput canon_host_output(&canon_host);
1352 url_canon::CanonicalizeHostVerbose(host.c_str(), raw_host_component,
1353 &canon_host_output, host_info);
1354
1355 if (host_info->out_host.is_nonempty() &&
1356 host_info->family != url_canon::CanonHostInfo::BROKEN) {
1357 // Success! Assert that there's no extra garbage.
1358 canon_host_output.Complete();
1359 DCHECK_EQ(host_info->out_host.len, static_cast<int>(canon_host.length()));
1360 } else {
1361 // Empty host, or canonicalization failed. We'll return empty.
1362 canon_host.clear();
1363 }
1364
1365 return canon_host;
1366 }
1367
CanonicalizeHost(const std::wstring & host,url_canon::CanonHostInfo * host_info)1368 std::string CanonicalizeHost(const std::wstring& host,
1369 url_canon::CanonHostInfo* host_info) {
1370 std::string converted_host;
1371 WideToUTF8(host.c_str(), host.length(), &converted_host);
1372 return CanonicalizeHost(converted_host, host_info);
1373 }
1374
GetDirectoryListingHeader(const string16 & title)1375 std::string GetDirectoryListingHeader(const string16& title) {
1376 static const base::StringPiece header(
1377 NetModule::GetResource(IDR_DIR_HEADER_HTML));
1378 // This can be null in unit tests.
1379 DLOG_IF(WARNING, header.empty()) <<
1380 "Missing resource: directory listing header";
1381
1382 std::string result;
1383 if (!header.empty())
1384 result.assign(header.data(), header.size());
1385
1386 result.append("<script>start(");
1387 base::JsonDoubleQuote(title, true, &result);
1388 result.append(");</script>\n");
1389
1390 return result;
1391 }
1392
IsHostCharAlpha(char c)1393 inline bool IsHostCharAlpha(char c) {
1394 // We can just check lowercase because uppercase characters have already been
1395 // normalized.
1396 return (c >= 'a') && (c <= 'z');
1397 }
1398
IsHostCharDigit(char c)1399 inline bool IsHostCharDigit(char c) {
1400 return (c >= '0') && (c <= '9');
1401 }
1402
IsCanonicalizedHostCompliant(const std::string & host,const std::string & desired_tld)1403 bool IsCanonicalizedHostCompliant(const std::string& host,
1404 const std::string& desired_tld) {
1405 if (host.empty())
1406 return false;
1407
1408 bool in_component = false;
1409 bool most_recent_component_started_alpha = false;
1410 bool last_char_was_hyphen_or_underscore = false;
1411
1412 for (std::string::const_iterator i(host.begin()); i != host.end(); ++i) {
1413 const char c = *i;
1414 if (!in_component) {
1415 most_recent_component_started_alpha = IsHostCharAlpha(c);
1416 if (!most_recent_component_started_alpha && !IsHostCharDigit(c))
1417 return false;
1418 in_component = true;
1419 } else {
1420 if (c == '.') {
1421 if (last_char_was_hyphen_or_underscore)
1422 return false;
1423 in_component = false;
1424 } else if (IsHostCharAlpha(c) || IsHostCharDigit(c)) {
1425 last_char_was_hyphen_or_underscore = false;
1426 } else if ((c == '-') || (c == '_')) {
1427 last_char_was_hyphen_or_underscore = true;
1428 } else {
1429 return false;
1430 }
1431 }
1432 }
1433
1434 return most_recent_component_started_alpha ||
1435 (!desired_tld.empty() && IsHostCharAlpha(desired_tld[0]));
1436 }
1437
GetDirectoryListingEntry(const string16 & name,const std::string & raw_bytes,bool is_dir,int64 size,Time modified)1438 std::string GetDirectoryListingEntry(const string16& name,
1439 const std::string& raw_bytes,
1440 bool is_dir,
1441 int64 size,
1442 Time modified) {
1443 std::string result;
1444 result.append("<script>addRow(");
1445 base::JsonDoubleQuote(name, true, &result);
1446 result.append(",");
1447 if (raw_bytes.empty()) {
1448 base::JsonDoubleQuote(EscapePath(UTF16ToUTF8(name)),
1449 true, &result);
1450 } else {
1451 base::JsonDoubleQuote(EscapePath(raw_bytes), true, &result);
1452 }
1453 if (is_dir) {
1454 result.append(",1,");
1455 } else {
1456 result.append(",0,");
1457 }
1458
1459 base::JsonDoubleQuote(
1460 FormatBytes(size, GetByteDisplayUnits(size), true),
1461 true,
1462 &result);
1463
1464 result.append(",");
1465
1466 string16 modified_str;
1467 // |modified| can be NULL in FTP listings.
1468 if (!modified.is_null()) {
1469 modified_str = base::TimeFormatShortDateAndTime(modified);
1470 }
1471 base::JsonDoubleQuote(modified_str, true, &result);
1472
1473 result.append(");</script>\n");
1474
1475 return result;
1476 }
1477
StripWWW(const string16 & text)1478 string16 StripWWW(const string16& text) {
1479 const string16 www(ASCIIToUTF16("www."));
1480 return StartsWith(text, www, true) ? text.substr(www.length()) : text;
1481 }
1482
GetSuggestedFilename(const GURL & url,const std::string & content_disposition,const std::string & referrer_charset,const string16 & default_name)1483 string16 GetSuggestedFilename(const GURL& url,
1484 const std::string& content_disposition,
1485 const std::string& referrer_charset,
1486 const string16& default_name) {
1487 // TODO: this function to be updated to match the httpbis recommendations.
1488 // Talk to abarth for the latest news.
1489
1490 // We don't translate this fallback string, "download". If localization is
1491 // needed, the caller should provide localized fallback default_name.
1492 static const char* kFinalFallbackName = "download";
1493
1494 // about: and data: URLs don't have file names, but esp. data: URLs may
1495 // contain parts that look like ones (i.e., contain a slash).
1496 // Therefore we don't attempt to divine a file name out of them.
1497 if (url.SchemeIs("about") || url.SchemeIs("data")) {
1498 return default_name.empty() ? ASCIIToUTF16(kFinalFallbackName)
1499 : default_name;
1500 }
1501
1502 std::string filename = GetFileNameFromCD(content_disposition,
1503 referrer_charset);
1504
1505 if (!filename.empty()) {
1506 // Replace any path information the server may have sent, by changing
1507 // path separators with underscores.
1508 ReplaceSubstringsAfterOffset(&filename, 0, "/", "_");
1509 ReplaceSubstringsAfterOffset(&filename, 0, "\\", "_");
1510
1511 // Next, remove "." from the beginning and end of the file name to avoid
1512 // tricks with hidden files, "..", and "."
1513 TrimString(filename, ".", &filename);
1514 }
1515 if (filename.empty()) {
1516 if (url.is_valid()) {
1517 const std::string unescaped_url_filename = UnescapeURLComponent(
1518 url.ExtractFileName(),
1519 UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS);
1520
1521 // The URL's path should be escaped UTF-8, but may not be.
1522 std::string decoded_filename = unescaped_url_filename;
1523 if (!IsStringASCII(decoded_filename)) {
1524 bool ignore;
1525 // TODO(jshin): this is probably not robust enough. To be sure, we
1526 // need encoding detection.
1527 DecodeWord(unescaped_url_filename, referrer_charset, &ignore,
1528 &decoded_filename);
1529 }
1530
1531 filename = decoded_filename;
1532 }
1533 }
1534
1535 #if defined(OS_WIN)
1536 { // Handle CreateFile() stripping trailing dots and spaces on filenames
1537 // http://support.microsoft.com/kb/115827
1538 std::string::size_type pos = filename.find_last_not_of(" .");
1539 if (pos == std::string::npos)
1540 filename.resize(0);
1541 else
1542 filename.resize(++pos);
1543 }
1544 #endif
1545 // Trim '.' once more.
1546 TrimString(filename, ".", &filename);
1547
1548 // If there's no filename or it gets trimed to be empty, use
1549 // the URL hostname or default_name
1550 if (filename.empty()) {
1551 if (!default_name.empty()) {
1552 return default_name;
1553 } else if (url.is_valid()) {
1554 // Some schemes (e.g. file) do not have a hostname. Even though it's
1555 // not likely to reach here, let's hardcode the last fallback name.
1556 // TODO(jungshik) : Decode a 'punycoded' IDN hostname. (bug 1264451)
1557 filename = url.host().empty() ? kFinalFallbackName : url.host();
1558 } else {
1559 NOTREACHED();
1560 }
1561 }
1562
1563 #if defined(OS_WIN)
1564 string16 path = UTF8ToUTF16(filename);
1565 file_util::ReplaceIllegalCharactersInPath(&path, '-');
1566 return path;
1567 #else
1568 std::string path = filename;
1569 file_util::ReplaceIllegalCharactersInPath(&path, '-');
1570 return UTF8ToUTF16(path);
1571 #endif
1572 }
1573
IsPortAllowedByDefault(int port)1574 bool IsPortAllowedByDefault(int port) {
1575 int array_size = arraysize(kRestrictedPorts);
1576 for (int i = 0; i < array_size; i++) {
1577 if (kRestrictedPorts[i] == port) {
1578 return false;
1579 }
1580 }
1581 return true;
1582 }
1583
IsPortAllowedByFtp(int port)1584 bool IsPortAllowedByFtp(int port) {
1585 int array_size = arraysize(kAllowedFtpPorts);
1586 for (int i = 0; i < array_size; i++) {
1587 if (kAllowedFtpPorts[i] == port) {
1588 return true;
1589 }
1590 }
1591 // Port not explicitly allowed by FTP, so return the default restrictions.
1592 return IsPortAllowedByDefault(port);
1593 }
1594
IsPortAllowedByOverride(int port)1595 bool IsPortAllowedByOverride(int port) {
1596 if (explicitly_allowed_ports.empty())
1597 return false;
1598
1599 return explicitly_allowed_ports.count(port) > 0;
1600 }
1601
SetNonBlocking(int fd)1602 int SetNonBlocking(int fd) {
1603 #if defined(OS_WIN)
1604 unsigned long no_block = 1;
1605 return ioctlsocket(fd, FIONBIO, &no_block);
1606 #elif defined(OS_POSIX)
1607 int flags = fcntl(fd, F_GETFL, 0);
1608 if (-1 == flags)
1609 return flags;
1610 return fcntl(fd, F_SETFL, flags | O_NONBLOCK);
1611 #endif
1612 }
1613
ParseHostAndPort(std::string::const_iterator host_and_port_begin,std::string::const_iterator host_and_port_end,std::string * host,int * port)1614 bool ParseHostAndPort(std::string::const_iterator host_and_port_begin,
1615 std::string::const_iterator host_and_port_end,
1616 std::string* host,
1617 int* port) {
1618 if (host_and_port_begin >= host_and_port_end)
1619 return false;
1620
1621 // When using url_parse, we use char*.
1622 const char* auth_begin = &(*host_and_port_begin);
1623 int auth_len = host_and_port_end - host_and_port_begin;
1624
1625 url_parse::Component auth_component(0, auth_len);
1626 url_parse::Component username_component;
1627 url_parse::Component password_component;
1628 url_parse::Component hostname_component;
1629 url_parse::Component port_component;
1630
1631 url_parse::ParseAuthority(auth_begin, auth_component, &username_component,
1632 &password_component, &hostname_component, &port_component);
1633
1634 // There shouldn't be a username/password.
1635 if (username_component.is_valid() || password_component.is_valid())
1636 return false;
1637
1638 if (!hostname_component.is_nonempty())
1639 return false; // Failed parsing.
1640
1641 int parsed_port_number = -1;
1642 if (port_component.is_nonempty()) {
1643 parsed_port_number = url_parse::ParsePort(auth_begin, port_component);
1644
1645 // If parsing failed, port_number will be either PORT_INVALID or
1646 // PORT_UNSPECIFIED, both of which are negative.
1647 if (parsed_port_number < 0)
1648 return false; // Failed parsing the port number.
1649 }
1650
1651 if (port_component.len == 0)
1652 return false; // Reject inputs like "foo:"
1653
1654 // Pass results back to caller.
1655 host->assign(auth_begin + hostname_component.begin, hostname_component.len);
1656 *port = parsed_port_number;
1657
1658 return true; // Success.
1659 }
1660
ParseHostAndPort(const std::string & host_and_port,std::string * host,int * port)1661 bool ParseHostAndPort(const std::string& host_and_port,
1662 std::string* host,
1663 int* port) {
1664 return ParseHostAndPort(
1665 host_and_port.begin(), host_and_port.end(), host, port);
1666 }
1667
GetHostAndPort(const GURL & url)1668 std::string GetHostAndPort(const GURL& url) {
1669 // For IPv6 literals, GURL::host() already includes the brackets so it is
1670 // safe to just append a colon.
1671 return base::StringPrintf("%s:%d", url.host().c_str(),
1672 url.EffectiveIntPort());
1673 }
1674
GetHostAndOptionalPort(const GURL & url)1675 std::string GetHostAndOptionalPort(const GURL& url) {
1676 // For IPv6 literals, GURL::host() already includes the brackets
1677 // so it is safe to just append a colon.
1678 if (url.has_port())
1679 return base::StringPrintf("%s:%s", url.host().c_str(), url.port().c_str());
1680 return url.host();
1681 }
1682
NetAddressToString(const struct addrinfo * net_address)1683 std::string NetAddressToString(const struct addrinfo* net_address) {
1684 return NetAddressToString(net_address->ai_addr, net_address->ai_addrlen);
1685 }
1686
NetAddressToString(const struct sockaddr * net_address,socklen_t address_len)1687 std::string NetAddressToString(const struct sockaddr* net_address,
1688 socklen_t address_len) {
1689 #if defined(OS_WIN)
1690 EnsureWinsockInit();
1691 #endif
1692
1693 // This buffer is large enough to fit the biggest IPv6 string.
1694 char buffer[INET6_ADDRSTRLEN];
1695
1696 int result = getnameinfo(net_address, address_len, buffer, sizeof(buffer),
1697 NULL, 0, NI_NUMERICHOST);
1698
1699 if (result != 0) {
1700 DVLOG(1) << "getnameinfo() failed with " << result << ": "
1701 << gai_strerror(result);
1702 buffer[0] = '\0';
1703 }
1704 return std::string(buffer);
1705 }
1706
NetAddressToStringWithPort(const struct addrinfo * net_address)1707 std::string NetAddressToStringWithPort(const struct addrinfo* net_address) {
1708 return NetAddressToStringWithPort(
1709 net_address->ai_addr, net_address->ai_addrlen);
1710 }
NetAddressToStringWithPort(const struct sockaddr * net_address,socklen_t address_len)1711 std::string NetAddressToStringWithPort(const struct sockaddr* net_address,
1712 socklen_t address_len) {
1713 std::string ip_address_string = NetAddressToString(net_address, address_len);
1714 if (ip_address_string.empty())
1715 return std::string(); // Failed.
1716
1717 int port = GetPortFromSockaddr(net_address, address_len);
1718
1719 if (ip_address_string.find(':') != std::string::npos) {
1720 // Surround with square brackets to avoid ambiguity.
1721 return base::StringPrintf("[%s]:%d", ip_address_string.c_str(), port);
1722 }
1723
1724 return base::StringPrintf("%s:%d", ip_address_string.c_str(), port);
1725 }
1726
GetHostName()1727 std::string GetHostName() {
1728 #if defined(OS_WIN)
1729 EnsureWinsockInit();
1730 #endif
1731
1732 // Host names are limited to 255 bytes.
1733 char buffer[256];
1734 int result = gethostname(buffer, sizeof(buffer));
1735 if (result != 0) {
1736 DVLOG(1) << "gethostname() failed with " << result;
1737 buffer[0] = '\0';
1738 }
1739 return std::string(buffer);
1740 }
1741
GetIdentityFromURL(const GURL & url,string16 * username,string16 * password)1742 void GetIdentityFromURL(const GURL& url,
1743 string16* username,
1744 string16* password) {
1745 UnescapeRule::Type flags =
1746 UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS;
1747 *username = UnescapeAndDecodeUTF8URLComponent(url.username(), flags, NULL);
1748 *password = UnescapeAndDecodeUTF8URLComponent(url.password(), flags, NULL);
1749 }
1750
GetHostOrSpecFromURL(const GURL & url)1751 std::string GetHostOrSpecFromURL(const GURL& url) {
1752 return url.has_host() ? TrimEndingDot(url.host()) : url.spec();
1753 }
1754
AppendFormattedHostWithOffsets(const GURL & url,const std::wstring & languages,std::wstring * output,url_parse::Parsed * new_parsed,std::vector<size_t> * offsets_for_adjustment)1755 void AppendFormattedHostWithOffsets(
1756 const GURL& url,
1757 const std::wstring& languages,
1758 std::wstring* output,
1759 url_parse::Parsed* new_parsed,
1760 std::vector<size_t>* offsets_for_adjustment) {
1761 DCHECK(output);
1762 const url_parse::Component& host =
1763 url.parsed_for_possibly_invalid_spec().host;
1764
1765 if (host.is_nonempty()) {
1766 // Handle possible IDN in the host name.
1767 size_t host_begin = output->length();
1768 if (new_parsed)
1769 new_parsed->host.begin = static_cast<int>(host_begin);
1770 size_t old_host_len = static_cast<size_t>(host.len);
1771
1772 // Compose a list of offsets within the host area.
1773 std::vector<size_t> offsets_into_host =
1774 OffsetsIntoSection(offsets_for_adjustment, host_begin);
1775
1776 const std::string& spec = url.possibly_invalid_spec();
1777 DCHECK(host.begin >= 0 &&
1778 ((spec.length() == 0 && host.begin == 0) ||
1779 host.begin < static_cast<int>(spec.length())));
1780 output->append(IDNToUnicodeWithOffsets(&spec[host.begin], old_host_len,
1781 languages, &offsets_into_host));
1782
1783 size_t new_host_len = output->length() - host_begin;
1784 if (new_parsed)
1785 new_parsed->host.len = static_cast<int>(new_host_len);
1786
1787 // Apply offset adjustments.
1788 ApplySectionAdjustments(offsets_into_host, offsets_for_adjustment,
1789 old_host_len, new_host_len, host_begin);
1790 } else if (new_parsed) {
1791 new_parsed->host.reset();
1792 }
1793 }
1794
AppendFormattedHost(const GURL & url,const std::wstring & languages,std::wstring * output,url_parse::Parsed * new_parsed,size_t * offset_for_adjustment)1795 void AppendFormattedHost(const GURL& url,
1796 const std::wstring& languages,
1797 std::wstring* output,
1798 url_parse::Parsed* new_parsed,
1799 size_t* offset_for_adjustment) {
1800 std::vector<size_t> offsets;
1801 if (offset_for_adjustment)
1802 offsets.push_back(*offset_for_adjustment);
1803 AppendFormattedHostWithOffsets(url, languages, output, new_parsed, &offsets);
1804 if (offset_for_adjustment)
1805 *offset_for_adjustment = offsets[0];
1806 }
1807
1808 // TODO(viettrungluu): convert the wstring |FormatUrlInternal()|.
FormatUrlWithOffsets(const GURL & url,const std::string & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)1809 string16 FormatUrlWithOffsets(const GURL& url,
1810 const std::string& languages,
1811 FormatUrlTypes format_types,
1812 UnescapeRule::Type unescape_rules,
1813 url_parse::Parsed* new_parsed,
1814 size_t* prefix_end,
1815 std::vector<size_t>* offsets_for_adjustment) {
1816 return WideToUTF16Hack(
1817 FormatUrlInternal(url, ASCIIToWide(languages), format_types,
1818 unescape_rules, new_parsed, prefix_end,
1819 offsets_for_adjustment));
1820 }
1821
FormatUrl(const GURL & url,const std::string & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,size_t * offset_for_adjustment)1822 string16 FormatUrl(const GURL& url,
1823 const std::string& languages,
1824 FormatUrlTypes format_types,
1825 UnescapeRule::Type unescape_rules,
1826 url_parse::Parsed* new_parsed,
1827 size_t* prefix_end,
1828 size_t* offset_for_adjustment) {
1829 std::vector<size_t> offsets;
1830 if (offset_for_adjustment)
1831 offsets.push_back(*offset_for_adjustment);
1832 string16 result = WideToUTF16Hack(
1833 FormatUrlInternal(url, ASCIIToWide(languages), format_types,
1834 unescape_rules, new_parsed, prefix_end, &offsets));
1835 if (offset_for_adjustment)
1836 *offset_for_adjustment = offsets[0];
1837 return result;
1838 }
1839
CanStripTrailingSlash(const GURL & url)1840 bool CanStripTrailingSlash(const GURL& url) {
1841 // Omit the path only for standard, non-file URLs with nothing but "/" after
1842 // the hostname.
1843 return url.IsStandard() && !url.SchemeIsFile() && !url.has_query() &&
1844 !url.has_ref() && url.path() == "/";
1845 }
1846
SimplifyUrlForRequest(const GURL & url)1847 GURL SimplifyUrlForRequest(const GURL& url) {
1848 DCHECK(url.is_valid());
1849 GURL::Replacements replacements;
1850 replacements.ClearUsername();
1851 replacements.ClearPassword();
1852 replacements.ClearRef();
1853 return url.ReplaceComponents(replacements);
1854 }
1855
1856 // Specifies a comma separated list of port numbers that should be accepted
1857 // despite bans. If the string is invalid no allowed ports are stored.
SetExplicitlyAllowedPorts(const std::string & allowed_ports)1858 void SetExplicitlyAllowedPorts(const std::string& allowed_ports) {
1859 if (allowed_ports.empty())
1860 return;
1861
1862 std::multiset<int> ports;
1863 size_t last = 0;
1864 size_t size = allowed_ports.size();
1865 // The comma delimiter.
1866 const std::string::value_type kComma = ',';
1867
1868 // Overflow is still possible for evil user inputs.
1869 for (size_t i = 0; i <= size; ++i) {
1870 // The string should be composed of only digits and commas.
1871 if (i != size && !IsAsciiDigit(allowed_ports[i]) &&
1872 (allowed_ports[i] != kComma))
1873 return;
1874 if (i == size || allowed_ports[i] == kComma) {
1875 if (i > last) {
1876 int port;
1877 base::StringToInt(allowed_ports.begin() + last,
1878 allowed_ports.begin() + i,
1879 &port);
1880 ports.insert(port);
1881 }
1882 last = i + 1;
1883 }
1884 }
1885 explicitly_allowed_ports = ports;
1886 }
1887
ScopedPortException(int port)1888 ScopedPortException::ScopedPortException(int port) : port_(port) {
1889 explicitly_allowed_ports.insert(port);
1890 }
1891
~ScopedPortException()1892 ScopedPortException::~ScopedPortException() {
1893 std::multiset<int>::iterator it = explicitly_allowed_ports.find(port_);
1894 if (it != explicitly_allowed_ports.end())
1895 explicitly_allowed_ports.erase(it);
1896 else
1897 NOTREACHED();
1898 }
1899
1900 enum IPv6SupportStatus {
1901 IPV6_CANNOT_CREATE_SOCKETS,
1902 IPV6_CAN_CREATE_SOCKETS,
1903 IPV6_GETIFADDRS_FAILED,
1904 IPV6_GLOBAL_ADDRESS_MISSING,
1905 IPV6_GLOBAL_ADDRESS_PRESENT,
1906 IPV6_INTERFACE_ARRAY_TOO_SHORT,
1907 IPV6_SUPPORT_MAX // Bounding values for enumeration.
1908 };
1909
IPv6SupportResults(IPv6SupportStatus result)1910 static void IPv6SupportResults(IPv6SupportStatus result) {
1911 static bool run_once = false;
1912 if (!run_once) {
1913 run_once = true;
1914 UMA_HISTOGRAM_ENUMERATION("Net.IPv6Status", result, IPV6_SUPPORT_MAX);
1915 } else {
1916 UMA_HISTOGRAM_ENUMERATION("Net.IPv6Status_retest", result,
1917 IPV6_SUPPORT_MAX);
1918 }
1919 }
1920
1921 // TODO(jar): The following is a simple estimate of IPv6 support. We may need
1922 // to do a test resolution, and a test connection, to REALLY verify support.
1923 // static
IPv6Supported()1924 bool IPv6Supported() {
1925 #ifdef ANDROID
1926 // Android does not have the ifaddrs.h header
1927 return false;
1928 #elif defined(OS_POSIX)
1929 int test_socket = socket(AF_INET6, SOCK_STREAM, 0);
1930 if (test_socket == -1) {
1931 IPv6SupportResults(IPV6_CANNOT_CREATE_SOCKETS);
1932 return false;
1933 }
1934 close(test_socket);
1935
1936 // Check to see if any interface has a IPv6 address.
1937 struct ifaddrs* interface_addr = NULL;
1938 int rv = getifaddrs(&interface_addr);
1939 if (rv != 0) {
1940 IPv6SupportResults(IPV6_GETIFADDRS_FAILED);
1941 return true; // Don't yet block IPv6.
1942 }
1943
1944 bool found_ipv6 = false;
1945 for (struct ifaddrs* interface = interface_addr;
1946 interface != NULL;
1947 interface = interface->ifa_next) {
1948 if (!(IFF_UP & interface->ifa_flags))
1949 continue;
1950 if (IFF_LOOPBACK & interface->ifa_flags)
1951 continue;
1952 struct sockaddr* addr = interface->ifa_addr;
1953 if (!addr)
1954 continue;
1955 if (addr->sa_family != AF_INET6)
1956 continue;
1957 // Safe cast since this is AF_INET6.
1958 struct sockaddr_in6* addr_in6 =
1959 reinterpret_cast<struct sockaddr_in6*>(addr);
1960 struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
1961 if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
1962 continue;
1963 found_ipv6 = true;
1964 break;
1965 }
1966 freeifaddrs(interface_addr);
1967 if (!found_ipv6) {
1968 IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
1969 return false;
1970 }
1971
1972 IPv6SupportResults(IPV6_GLOBAL_ADDRESS_PRESENT);
1973 return true;
1974 #elif defined(OS_WIN)
1975 EnsureWinsockInit();
1976 SOCKET test_socket = socket(AF_INET6, SOCK_STREAM, 0);
1977 if (test_socket == INVALID_SOCKET) {
1978 IPv6SupportResults(IPV6_CANNOT_CREATE_SOCKETS);
1979 return false;
1980 }
1981 closesocket(test_socket);
1982
1983 // Check to see if any interface has a IPv6 address.
1984 // The GetAdaptersAddresses MSDN page recommends using a size of 15000 to
1985 // avoid reallocation.
1986 ULONG adapters_size = 15000;
1987 scoped_ptr_malloc<IP_ADAPTER_ADDRESSES> adapters;
1988 ULONG error;
1989 int num_tries = 0;
1990 do {
1991 adapters.reset(
1992 reinterpret_cast<PIP_ADAPTER_ADDRESSES>(malloc(adapters_size)));
1993 // Return only unicast addresses.
1994 error = GetAdaptersAddresses(AF_UNSPEC,
1995 GAA_FLAG_SKIP_ANYCAST |
1996 GAA_FLAG_SKIP_MULTICAST |
1997 GAA_FLAG_SKIP_DNS_SERVER |
1998 GAA_FLAG_SKIP_FRIENDLY_NAME,
1999 NULL, adapters.get(), &adapters_size);
2000 num_tries++;
2001 } while (error == ERROR_BUFFER_OVERFLOW && num_tries <= 3);
2002 if (error == ERROR_NO_DATA) {
2003 IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
2004 return false;
2005 }
2006 if (error != ERROR_SUCCESS) {
2007 IPv6SupportResults(IPV6_GETIFADDRS_FAILED);
2008 return true; // Don't yet block IPv6.
2009 }
2010
2011 PIP_ADAPTER_ADDRESSES adapter;
2012 for (adapter = adapters.get(); adapter; adapter = adapter->Next) {
2013 if (adapter->OperStatus != IfOperStatusUp)
2014 continue;
2015 if (adapter->IfType == IF_TYPE_SOFTWARE_LOOPBACK)
2016 continue;
2017 PIP_ADAPTER_UNICAST_ADDRESS unicast_address;
2018 for (unicast_address = adapter->FirstUnicastAddress;
2019 unicast_address;
2020 unicast_address = unicast_address->Next) {
2021 if (unicast_address->Address.lpSockaddr->sa_family != AF_INET6)
2022 continue;
2023 // Safe cast since this is AF_INET6.
2024 struct sockaddr_in6* addr_in6 = reinterpret_cast<struct sockaddr_in6*>(
2025 unicast_address->Address.lpSockaddr);
2026 struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
2027 if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
2028 continue;
2029 IPv6SupportResults(IPV6_GLOBAL_ADDRESS_PRESENT);
2030 return true;
2031 }
2032 }
2033
2034 IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
2035 return false;
2036 #else
2037 NOTIMPLEMENTED();
2038 return true;
2039 #endif // defined(various platforms)
2040 }
2041
HaveOnlyLoopbackAddresses()2042 bool HaveOnlyLoopbackAddresses() {
2043 #if defined(ANDROID)
2044 // Android has no <ifaddrs.h>
2045 return false;
2046 #elif defined(OS_POSIX)
2047 struct ifaddrs* interface_addr = NULL;
2048 int rv = getifaddrs(&interface_addr);
2049 if (rv != 0) {
2050 DVLOG(1) << "getifaddrs() failed with errno = " << errno;
2051 return false;
2052 }
2053
2054 bool result = true;
2055 for (struct ifaddrs* interface = interface_addr;
2056 interface != NULL;
2057 interface = interface->ifa_next) {
2058 if (!(IFF_UP & interface->ifa_flags))
2059 continue;
2060 if (IFF_LOOPBACK & interface->ifa_flags)
2061 continue;
2062 const struct sockaddr* addr = interface->ifa_addr;
2063 if (!addr)
2064 continue;
2065 if (addr->sa_family == AF_INET6) {
2066 // Safe cast since this is AF_INET6.
2067 const struct sockaddr_in6* addr_in6 =
2068 reinterpret_cast<const struct sockaddr_in6*>(addr);
2069 const struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
2070 if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
2071 continue;
2072 }
2073 if (addr->sa_family != AF_INET6 && addr->sa_family != AF_INET)
2074 continue;
2075
2076 result = false;
2077 break;
2078 }
2079 freeifaddrs(interface_addr);
2080 return result;
2081 #elif defined(OS_WIN)
2082 // TODO(wtc): implement with the GetAdaptersAddresses function.
2083 NOTIMPLEMENTED();
2084 return false;
2085 #else
2086 NOTIMPLEMENTED();
2087 return false;
2088 #endif // defined(various platforms)
2089 }
2090
ParseIPLiteralToNumber(const std::string & ip_literal,IPAddressNumber * ip_number)2091 bool ParseIPLiteralToNumber(const std::string& ip_literal,
2092 IPAddressNumber* ip_number) {
2093 // |ip_literal| could be either a IPv4 or an IPv6 literal. If it contains
2094 // a colon however, it must be an IPv6 address.
2095 if (ip_literal.find(':') != std::string::npos) {
2096 // GURL expects IPv6 hostnames to be surrounded with brackets.
2097 std::string host_brackets = "[" + ip_literal + "]";
2098 url_parse::Component host_comp(0, host_brackets.size());
2099
2100 // Try parsing the hostname as an IPv6 literal.
2101 ip_number->resize(16); // 128 bits.
2102 return url_canon::IPv6AddressToNumber(host_brackets.data(),
2103 host_comp,
2104 &(*ip_number)[0]);
2105 }
2106
2107 // Otherwise the string is an IPv4 address.
2108 ip_number->resize(4); // 32 bits.
2109 url_parse::Component host_comp(0, ip_literal.size());
2110 int num_components;
2111 url_canon::CanonHostInfo::Family family = url_canon::IPv4AddressToNumber(
2112 ip_literal.data(), host_comp, &(*ip_number)[0], &num_components);
2113 return family == url_canon::CanonHostInfo::IPV4;
2114 }
2115
ConvertIPv4NumberToIPv6Number(const IPAddressNumber & ipv4_number)2116 IPAddressNumber ConvertIPv4NumberToIPv6Number(
2117 const IPAddressNumber& ipv4_number) {
2118 DCHECK(ipv4_number.size() == 4);
2119
2120 // IPv4-mapped addresses are formed by:
2121 // <80 bits of zeros> + <16 bits of ones> + <32-bit IPv4 address>.
2122 IPAddressNumber ipv6_number;
2123 ipv6_number.reserve(16);
2124 ipv6_number.insert(ipv6_number.end(), 10, 0);
2125 ipv6_number.push_back(0xFF);
2126 ipv6_number.push_back(0xFF);
2127 ipv6_number.insert(ipv6_number.end(), ipv4_number.begin(), ipv4_number.end());
2128 return ipv6_number;
2129 }
2130
ParseCIDRBlock(const std::string & cidr_literal,IPAddressNumber * ip_number,size_t * prefix_length_in_bits)2131 bool ParseCIDRBlock(const std::string& cidr_literal,
2132 IPAddressNumber* ip_number,
2133 size_t* prefix_length_in_bits) {
2134 // We expect CIDR notation to match one of these two templates:
2135 // <IPv4-literal> "/" <number of bits>
2136 // <IPv6-literal> "/" <number of bits>
2137
2138 std::vector<std::string> parts;
2139 base::SplitString(cidr_literal, '/', &parts);
2140 if (parts.size() != 2)
2141 return false;
2142
2143 // Parse the IP address.
2144 if (!ParseIPLiteralToNumber(parts[0], ip_number))
2145 return false;
2146
2147 // Parse the prefix length.
2148 int number_of_bits = -1;
2149 if (!base::StringToInt(parts[1], &number_of_bits))
2150 return false;
2151
2152 // Make sure the prefix length is in a valid range.
2153 if (number_of_bits < 0 ||
2154 number_of_bits > static_cast<int>(ip_number->size() * 8))
2155 return false;
2156
2157 *prefix_length_in_bits = static_cast<size_t>(number_of_bits);
2158 return true;
2159 }
2160
IPNumberMatchesPrefix(const IPAddressNumber & ip_number,const IPAddressNumber & ip_prefix,size_t prefix_length_in_bits)2161 bool IPNumberMatchesPrefix(const IPAddressNumber& ip_number,
2162 const IPAddressNumber& ip_prefix,
2163 size_t prefix_length_in_bits) {
2164 // Both the input IP address and the prefix IP address should be
2165 // either IPv4 or IPv6.
2166 DCHECK(ip_number.size() == 4 || ip_number.size() == 16);
2167 DCHECK(ip_prefix.size() == 4 || ip_prefix.size() == 16);
2168
2169 DCHECK_LE(prefix_length_in_bits, ip_prefix.size() * 8);
2170
2171 // In case we have an IPv6 / IPv4 mismatch, convert the IPv4 addresses to
2172 // IPv6 addresses in order to do the comparison.
2173 if (ip_number.size() != ip_prefix.size()) {
2174 if (ip_number.size() == 4) {
2175 return IPNumberMatchesPrefix(ConvertIPv4NumberToIPv6Number(ip_number),
2176 ip_prefix, prefix_length_in_bits);
2177 }
2178 return IPNumberMatchesPrefix(ip_number,
2179 ConvertIPv4NumberToIPv6Number(ip_prefix),
2180 96 + prefix_length_in_bits);
2181 }
2182
2183 // Otherwise we are comparing two IPv4 addresses, or two IPv6 addresses.
2184 // Compare all the bytes that fall entirely within the prefix.
2185 int num_entire_bytes_in_prefix = prefix_length_in_bits / 8;
2186 for (int i = 0; i < num_entire_bytes_in_prefix; ++i) {
2187 if (ip_number[i] != ip_prefix[i])
2188 return false;
2189 }
2190
2191 // In case the prefix was not a multiple of 8, there will be 1 byte
2192 // which is only partially masked.
2193 int remaining_bits = prefix_length_in_bits % 8;
2194 if (remaining_bits != 0) {
2195 unsigned char mask = 0xFF << (8 - remaining_bits);
2196 int i = num_entire_bytes_in_prefix;
2197 if ((ip_number[i] & mask) != (ip_prefix[i] & mask))
2198 return false;
2199 }
2200
2201 return true;
2202 }
2203
CreateCopyOfAddrinfo(const struct addrinfo * info,bool recursive)2204 struct addrinfo* CreateCopyOfAddrinfo(const struct addrinfo* info,
2205 bool recursive) {
2206 DCHECK(info);
2207 struct addrinfo* copy = new addrinfo;
2208
2209 // Copy all the fields (some of these are pointers, we will fix that next).
2210 memcpy(copy, info, sizeof(addrinfo));
2211
2212 // ai_canonname is a NULL-terminated string.
2213 if (info->ai_canonname) {
2214 copy->ai_canonname = do_strdup(info->ai_canonname);
2215 }
2216
2217 // ai_addr is a buffer of length ai_addrlen.
2218 if (info->ai_addr) {
2219 copy->ai_addr = reinterpret_cast<sockaddr *>(new char[info->ai_addrlen]);
2220 memcpy(copy->ai_addr, info->ai_addr, info->ai_addrlen);
2221 }
2222
2223 // Recursive copy.
2224 if (recursive && info->ai_next)
2225 copy->ai_next = CreateCopyOfAddrinfo(info->ai_next, recursive);
2226 else
2227 copy->ai_next = NULL;
2228
2229 return copy;
2230 }
2231
FreeCopyOfAddrinfo(struct addrinfo * info)2232 void FreeCopyOfAddrinfo(struct addrinfo* info) {
2233 DCHECK(info);
2234 if (info->ai_canonname)
2235 free(info->ai_canonname); // Allocated by strdup.
2236
2237 if (info->ai_addr)
2238 delete [] reinterpret_cast<char*>(info->ai_addr);
2239
2240 struct addrinfo* next = info->ai_next;
2241
2242 delete info;
2243
2244 // Recursive free.
2245 if (next)
2246 FreeCopyOfAddrinfo(next);
2247 }
2248
2249 // Returns the port field of the sockaddr in |info|.
GetPortFieldFromAddrinfo(struct addrinfo * info)2250 uint16* GetPortFieldFromAddrinfo(struct addrinfo* info) {
2251 const struct addrinfo* const_info = info;
2252 const uint16* port_field = GetPortFieldFromAddrinfo(const_info);
2253 return const_cast<uint16*>(port_field);
2254 }
2255
GetPortFieldFromAddrinfo(const struct addrinfo * info)2256 const uint16* GetPortFieldFromAddrinfo(const struct addrinfo* info) {
2257 DCHECK(info);
2258 const struct sockaddr* address = info->ai_addr;
2259 DCHECK(address);
2260 DCHECK_EQ(info->ai_family, address->sa_family);
2261 return GetPortFieldFromSockaddr(address, info->ai_addrlen);
2262 }
2263
GetPortFromAddrinfo(const struct addrinfo * info)2264 int GetPortFromAddrinfo(const struct addrinfo* info) {
2265 const uint16* port_field = GetPortFieldFromAddrinfo(info);
2266 if (!port_field)
2267 return -1;
2268 return ntohs(*port_field);
2269 }
2270
GetPortFieldFromSockaddr(const struct sockaddr * address,socklen_t address_len)2271 const uint16* GetPortFieldFromSockaddr(const struct sockaddr* address,
2272 socklen_t address_len) {
2273 if (address->sa_family == AF_INET) {
2274 DCHECK_LE(sizeof(sockaddr_in), static_cast<size_t>(address_len));
2275 const struct sockaddr_in* sockaddr =
2276 reinterpret_cast<const struct sockaddr_in*>(address);
2277 return &sockaddr->sin_port;
2278 } else if (address->sa_family == AF_INET6) {
2279 DCHECK_LE(sizeof(sockaddr_in6), static_cast<size_t>(address_len));
2280 const struct sockaddr_in6* sockaddr =
2281 reinterpret_cast<const struct sockaddr_in6*>(address);
2282 return &sockaddr->sin6_port;
2283 } else {
2284 NOTREACHED();
2285 return NULL;
2286 }
2287 }
2288
GetPortFromSockaddr(const struct sockaddr * address,socklen_t address_len)2289 int GetPortFromSockaddr(const struct sockaddr* address, socklen_t address_len) {
2290 const uint16* port_field = GetPortFieldFromSockaddr(address, address_len);
2291 if (!port_field)
2292 return -1;
2293 return ntohs(*port_field);
2294 }
2295
IsLocalhost(const std::string & host)2296 bool IsLocalhost(const std::string& host) {
2297 if (host == "localhost" ||
2298 host == "localhost.localdomain" ||
2299 host == "localhost6" ||
2300 host == "localhost6.localdomain6")
2301 return true;
2302
2303 IPAddressNumber ip_number;
2304 if (ParseIPLiteralToNumber(host, &ip_number)) {
2305 size_t size = ip_number.size();
2306 switch (size) {
2307 case kIPv4AddressSize: {
2308 IPAddressNumber localhost_prefix;
2309 localhost_prefix.push_back(127);
2310 for (int i = 0; i < 3; ++i) {
2311 localhost_prefix.push_back(0);
2312 }
2313 return IPNumberMatchesPrefix(ip_number, localhost_prefix, 8);
2314 }
2315
2316 case kIPv6AddressSize: {
2317 struct in6_addr sin6_addr;
2318 memcpy(&sin6_addr, &ip_number[0], kIPv6AddressSize);
2319 return !!IN6_IS_ADDR_LOOPBACK(&sin6_addr);
2320 }
2321
2322 default:
2323 NOTREACHED();
2324 }
2325 }
2326
2327 return false;
2328 }
2329
NetworkInterface()2330 NetworkInterface::NetworkInterface() {
2331 }
2332
NetworkInterface(const std::string & name,const IPAddressNumber & address)2333 NetworkInterface::NetworkInterface(const std::string& name,
2334 const IPAddressNumber& address)
2335 : name(name), address(address) {
2336 }
2337
~NetworkInterface()2338 NetworkInterface::~NetworkInterface() {
2339 }
2340
ClampComponentOffset(size_t component_start)2341 ClampComponentOffset::ClampComponentOffset(size_t component_start)
2342 : component_start(component_start) {}
2343
operator ()(size_t offset)2344 size_t ClampComponentOffset::operator()(size_t offset) {
2345 return (offset >= component_start) ?
2346 offset : std::wstring::npos;
2347 }
2348
2349 } // namespace net
2350