• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/base/net_util.h"
6 
7 #include <unicode/regex.h>
8 #include <unicode/ucnv.h>
9 #include <unicode/uidna.h>
10 #include <unicode/ulocdata.h>
11 #include <unicode/uniset.h>
12 #include <unicode/uscript.h>
13 #include <unicode/uset.h>
14 #include <algorithm>
15 #include <iterator>
16 #include <map>
17 
18 #include "build/build_config.h"
19 
20 #if defined(OS_WIN)
21 #include <windows.h>
22 #include <winsock2.h>
23 #include <iphlpapi.h>
24 #pragma comment(lib, "iphlpapi.lib")
25 #elif defined(OS_POSIX)
26 #include <fcntl.h>
27 #ifndef ANDROID
28 #include <ifaddrs.h>
29 #endif
30 #include <netdb.h>
31 #include <net/if.h>
32 #include <netinet/in.h>
33 #if defined(__BIONIC__) && defined(ANDROID)
34 #include <netinet/in6.h>
35 #endif
36 #endif
37 
38 #include "base/base64.h"
39 #include "base/basictypes.h"
40 #include "base/file_path.h"
41 #include "base/file_util.h"
42 #include "base/i18n/file_util_icu.h"
43 #include "base/i18n/icu_string_conversions.h"
44 #include "base/i18n/time_formatting.h"
45 #include "base/json/string_escape.h"
46 #include "base/logging.h"
47 #include "base/memory/singleton.h"
48 #include "base/message_loop.h"
49 #include "base/metrics/histogram.h"
50 #include "base/path_service.h"
51 #include "base/stl_util-inl.h"
52 #include "base/string_number_conversions.h"
53 #include "base/string_piece.h"
54 #include "base/string_split.h"
55 #include "base/string_tokenizer.h"
56 #include "base/string_util.h"
57 #include "base/stringprintf.h"
58 #include "base/synchronization/lock.h"
59 #include "base/sys_string_conversions.h"
60 #include "base/time.h"
61 #include "base/utf_offset_string_conversions.h"
62 #include "base/utf_string_conversions.h"
63 #include "googleurl/src/gurl.h"
64 #include "googleurl/src/url_canon.h"
65 #include "googleurl/src/url_canon_ip.h"
66 #include "googleurl/src/url_parse.h"
67 #include "grit/net_resources.h"
68 #include "net/base/dns_util.h"
69 #include "net/base/escape.h"
70 #include "net/base/net_module.h"
71 #if defined(OS_WIN)
72 #include "net/base/winsock_init.h"
73 #endif
74 #include "unicode/datefmt.h"
75 
76 using base::Time;
77 
78 namespace net {
79 
80 namespace {
81 
82 // what we prepend to get a file URL
83 static const FilePath::CharType kFileURLPrefix[] =
84     FILE_PATH_LITERAL("file:///");
85 
86 // The general list of blocked ports. Will be blocked unless a specific
87 // protocol overrides it. (Ex: ftp can use ports 20 and 21)
88 static const int kRestrictedPorts[] = {
89   1,    // tcpmux
90   7,    // echo
91   9,    // discard
92   11,   // systat
93   13,   // daytime
94   15,   // netstat
95   17,   // qotd
96   19,   // chargen
97   20,   // ftp data
98   21,   // ftp access
99   22,   // ssh
100   23,   // telnet
101   25,   // smtp
102   37,   // time
103   42,   // name
104   43,   // nicname
105   53,   // domain
106   77,   // priv-rjs
107   79,   // finger
108   87,   // ttylink
109   95,   // supdup
110   101,  // hostriame
111   102,  // iso-tsap
112   103,  // gppitnp
113   104,  // acr-nema
114   109,  // pop2
115   110,  // pop3
116   111,  // sunrpc
117   113,  // auth
118   115,  // sftp
119   117,  // uucp-path
120   119,  // nntp
121   123,  // NTP
122   135,  // loc-srv /epmap
123   139,  // netbios
124   143,  // imap2
125   179,  // BGP
126   389,  // ldap
127   465,  // smtp+ssl
128   512,  // print / exec
129   513,  // login
130   514,  // shell
131   515,  // printer
132   526,  // tempo
133   530,  // courier
134   531,  // chat
135   532,  // netnews
136   540,  // uucp
137   556,  // remotefs
138   563,  // nntp+ssl
139   587,  // stmp?
140   601,  // ??
141   636,  // ldap+ssl
142   993,  // ldap+ssl
143   995,  // pop3+ssl
144   2049, // nfs
145   3659, // apple-sasl / PasswordServer
146   4045, // lockd
147   6000, // X11
148   6665, // Alternate IRC [Apple addition]
149   6666, // Alternate IRC [Apple addition]
150   6667, // Standard IRC [Apple addition]
151   6668, // Alternate IRC [Apple addition]
152   6669, // Alternate IRC [Apple addition]
153   0xFFFF, // Used to block all invalid port numbers (see
154           // third_party/WebKit/Source/WebCore/platform/KURLGoogle.cpp, port())
155 };
156 
157 // FTP overrides the following restricted ports.
158 static const int kAllowedFtpPorts[] = {
159   21,   // ftp data
160   22,   // ssh
161 };
162 
163 template<typename STR>
GetSpecificHeaderT(const STR & headers,const STR & name)164 STR GetSpecificHeaderT(const STR& headers, const STR& name) {
165   // We want to grab the Value from the "Key: Value" pairs in the headers,
166   // which should look like this (no leading spaces, \n-separated) (we format
167   // them this way in url_request_inet.cc):
168   //    HTTP/1.1 200 OK\n
169   //    ETag: "6d0b8-947-24f35ec0"\n
170   //    Content-Length: 2375\n
171   //    Content-Type: text/html; charset=UTF-8\n
172   //    Last-Modified: Sun, 03 Sep 2006 04:34:43 GMT\n
173   if (headers.empty())
174     return STR();
175 
176   STR match;
177   match.push_back('\n');
178   match.append(name);
179   match.push_back(':');
180 
181   typename STR::const_iterator begin =
182       search(headers.begin(), headers.end(), match.begin(), match.end(),
183              base::CaseInsensitiveCompareASCII<typename STR::value_type>());
184 
185   if (begin == headers.end())
186     return STR();
187 
188   begin += match.length();
189 
190   typename STR::const_iterator end = find(begin, headers.end(), '\n');
191 
192   STR ret;
193   TrimWhitespace(STR(begin, end), TRIM_ALL, &ret);
194   return ret;
195 }
196 
197 // Similar to Base64Decode. Decodes a Q-encoded string to a sequence
198 // of bytes. If input is invalid, return false.
QPDecode(const std::string & input,std::string * output)199 bool QPDecode(const std::string& input, std::string* output) {
200   std::string temp;
201   temp.reserve(input.size());
202   std::string::const_iterator it = input.begin();
203   while (it != input.end()) {
204     if (*it == '_') {
205       temp.push_back(' ');
206     } else if (*it == '=') {
207       if (input.end() - it < 3) {
208         return false;
209       }
210       if (IsHexDigit(static_cast<unsigned char>(*(it + 1))) &&
211           IsHexDigit(static_cast<unsigned char>(*(it + 2)))) {
212         unsigned char ch = HexDigitToInt(*(it + 1)) * 16 +
213                            HexDigitToInt(*(it + 2));
214         temp.push_back(static_cast<char>(ch));
215         ++it;
216         ++it;
217       } else {
218         return false;
219       }
220     } else if (0x20 < *it && *it < 0x7F) {
221       // In a Q-encoded word, only printable ASCII characters
222       // represent themselves. Besides, space, '=', '_' and '?' are
223       // not allowed, but they're already filtered out.
224       DCHECK(*it != 0x3D && *it != 0x5F && *it != 0x3F);
225       temp.push_back(*it);
226     } else {
227       return false;
228     }
229     ++it;
230   }
231   output->swap(temp);
232   return true;
233 }
234 
235 enum RFC2047EncodingType {Q_ENCODING, B_ENCODING};
DecodeBQEncoding(const std::string & part,RFC2047EncodingType enc_type,const std::string & charset,std::string * output)236 bool DecodeBQEncoding(const std::string& part, RFC2047EncodingType enc_type,
237                        const std::string& charset, std::string* output) {
238   std::string decoded;
239   if (enc_type == B_ENCODING) {
240     if (!base::Base64Decode(part, &decoded)) {
241       return false;
242     }
243   } else {
244     if (!QPDecode(part, &decoded)) {
245       return false;
246     }
247   }
248 
249   UErrorCode err = U_ZERO_ERROR;
250   UConverter* converter(ucnv_open(charset.c_str(), &err));
251   if (U_FAILURE(err)) {
252     return false;
253   }
254 
255   // A single byte in a legacy encoding can be expanded to 3 bytes in UTF-8.
256   // A 'two-byte character' in a legacy encoding can be expanded to 4 bytes
257   // in UTF-8. Therefore, the expansion ratio is 3 at most.
258   int length = static_cast<int>(decoded.length());
259   char* buf = WriteInto(output, length * 3);
260   length = ucnv_toAlgorithmic(UCNV_UTF8, converter, buf, length * 3,
261       decoded.data(), length, &err);
262   ucnv_close(converter);
263   if (U_FAILURE(err)) {
264     return false;
265   }
266   output->resize(length);
267   return true;
268 }
269 
DecodeWord(const std::string & encoded_word,const std::string & referrer_charset,bool * is_rfc2047,std::string * output)270 bool DecodeWord(const std::string& encoded_word,
271                 const std::string& referrer_charset,
272                 bool* is_rfc2047,
273                 std::string* output) {
274   *is_rfc2047 = false;
275   output->clear();
276   if (encoded_word.empty())
277     return true;
278 
279   if (!IsStringASCII(encoded_word)) {
280     // Try UTF-8, referrer_charset and the native OS default charset in turn.
281     if (IsStringUTF8(encoded_word)) {
282       *output = encoded_word;
283     } else {
284       std::wstring wide_output;
285       if (!referrer_charset.empty() &&
286           base::CodepageToWide(encoded_word, referrer_charset.c_str(),
287                                base::OnStringConversionError::FAIL,
288                                &wide_output)) {
289         *output = WideToUTF8(wide_output);
290       } else {
291         *output = WideToUTF8(base::SysNativeMBToWide(encoded_word));
292       }
293     }
294 
295     return true;
296   }
297 
298   // RFC 2047 : one of encoding methods supported by Firefox and relatively
299   // widely used by web servers.
300   // =?charset?<E>?<encoded string>?= where '<E>' is either 'B' or 'Q'.
301   // We don't care about the length restriction (72 bytes) because
302   // many web servers generate encoded words longer than the limit.
303   std::string tmp;
304   *is_rfc2047 = true;
305   int part_index = 0;
306   std::string charset;
307   StringTokenizer t(encoded_word, "?");
308   RFC2047EncodingType enc_type = Q_ENCODING;
309   while (*is_rfc2047 && t.GetNext()) {
310     std::string part = t.token();
311     switch (part_index) {
312       case 0:
313         if (part != "=") {
314           *is_rfc2047 = false;
315           break;
316         }
317         ++part_index;
318         break;
319       case 1:
320         // Do we need charset validity check here?
321         charset = part;
322         ++part_index;
323         break;
324       case 2:
325         if (part.size() > 1 ||
326             part.find_first_of("bBqQ") == std::string::npos) {
327           *is_rfc2047 = false;
328           break;
329         }
330         if (part[0] == 'b' || part[0] == 'B') {
331           enc_type = B_ENCODING;
332         }
333         ++part_index;
334         break;
335       case 3:
336         *is_rfc2047 = DecodeBQEncoding(part, enc_type, charset, &tmp);
337         if (!*is_rfc2047) {
338           // Last minute failure. Invalid B/Q encoding. Rather than
339           // passing it through, return now.
340           return false;
341         }
342         ++part_index;
343         break;
344       case 4:
345         if (part != "=") {
346           // Another last minute failure !
347           // Likely to be a case of two encoded-words in a row or
348           // an encoded word followed by a non-encoded word. We can be
349           // generous, but it does not help much in terms of compatibility,
350           // I believe. Return immediately.
351           *is_rfc2047 = false;
352           return false;
353         }
354         ++part_index;
355         break;
356       default:
357         *is_rfc2047 = false;
358         return false;
359     }
360   }
361 
362   if (*is_rfc2047) {
363     if (*(encoded_word.end() - 1) == '=') {
364       output->swap(tmp);
365       return true;
366     }
367     // encoded_word ending prematurelly with '?' or extra '?'
368     *is_rfc2047 = false;
369     return false;
370   }
371 
372   // We're not handling 'especial' characters quoted with '\', but
373   // it should be Ok because we're not an email client but a
374   // web browser.
375 
376   // What IE6/7 does: %-escaped UTF-8.
377   tmp = UnescapeURLComponent(encoded_word, UnescapeRule::SPACES);
378   if (IsStringUTF8(tmp)) {
379     output->swap(tmp);
380     return true;
381     // We can try either the OS default charset or 'origin charset' here,
382     // As far as I can tell, IE does not support it. However, I've seen
383     // web servers emit %-escaped string in a legacy encoding (usually
384     // origin charset).
385     // TODO(jungshik) : Test IE further and consider adding a fallback here.
386   }
387   return false;
388 }
389 
DecodeParamValue(const std::string & input,const std::string & referrer_charset,std::string * output)390 bool DecodeParamValue(const std::string& input,
391                       const std::string& referrer_charset,
392                       std::string* output) {
393   std::string tmp;
394   // Tokenize with whitespace characters.
395   StringTokenizer t(input, " \t\n\r");
396   t.set_options(StringTokenizer::RETURN_DELIMS);
397   bool is_previous_token_rfc2047 = true;
398   while (t.GetNext()) {
399     if (t.token_is_delim()) {
400       // If the previous non-delimeter token is not RFC2047-encoded,
401       // put in a space in its place. Otheriwse, skip over it.
402       if (!is_previous_token_rfc2047) {
403         tmp.push_back(' ');
404       }
405       continue;
406     }
407     // We don't support a single multibyte character split into
408     // adjacent encoded words. Some broken mail clients emit headers
409     // with that problem, but most web servers usually encode a filename
410     // in a single encoded-word. Firefox/Thunderbird do not support
411     // it, either.
412     std::string decoded;
413     if (!DecodeWord(t.token(), referrer_charset, &is_previous_token_rfc2047,
414                     &decoded))
415       return false;
416     tmp.append(decoded);
417   }
418   output->swap(tmp);
419   return true;
420 }
421 
422 // TODO(mpcomplete): This is a quick and dirty implementation for now.  I'm
423 // sure this doesn't properly handle all (most?) cases.
424 template<typename STR>
GetHeaderParamValueT(const STR & header,const STR & param_name,QuoteRule::Type quote_rule)425 STR GetHeaderParamValueT(const STR& header, const STR& param_name,
426                          QuoteRule::Type quote_rule) {
427   // This assumes args are formatted exactly like "bla; arg1=value; arg2=value".
428   typename STR::const_iterator param_begin =
429       search(header.begin(), header.end(), param_name.begin(), param_name.end(),
430              base::CaseInsensitiveCompareASCII<typename STR::value_type>());
431 
432   if (param_begin == header.end())
433     return STR();
434   param_begin += param_name.length();
435 
436   STR whitespace;
437   whitespace.push_back(' ');
438   whitespace.push_back('\t');
439   const typename STR::size_type equals_offset =
440       header.find_first_not_of(whitespace, param_begin - header.begin());
441   if (equals_offset == STR::npos || header.at(equals_offset) != '=')
442     return STR();
443 
444   param_begin = header.begin() + equals_offset + 1;
445   if (param_begin == header.end())
446     return STR();
447 
448   typename STR::const_iterator param_end;
449   if (*param_begin == '"' && quote_rule == QuoteRule::REMOVE_OUTER_QUOTES) {
450     ++param_begin;  // skip past the quote.
451     param_end = find(param_begin, header.end(), '"');
452     // If the closing quote is missing, we will treat the rest of the
453     // string as the parameter.  We can't set |param_end| to the
454     // location of the separator (';'), since the separator is
455     // technically quoted. See: http://crbug.com/58840
456   } else {
457     param_end = find(param_begin+1, header.end(), ';');
458   }
459 
460   return STR(param_begin, param_end);
461 }
462 
463 // Does some simple normalization of scripts so we can allow certain scripts
464 // to exist together.
465 // TODO(brettw) bug 880223: we should allow some other languages to be
466 // oombined such as Chinese and Latin. We will probably need a more
467 // complicated system of language pairs to have more fine-grained control.
NormalizeScript(UScriptCode code)468 UScriptCode NormalizeScript(UScriptCode code) {
469   switch (code) {
470     case USCRIPT_KATAKANA:
471     case USCRIPT_HIRAGANA:
472     case USCRIPT_KATAKANA_OR_HIRAGANA:
473     case USCRIPT_HANGUL:  // This one is arguable.
474       return USCRIPT_HAN;
475     default:
476       return code;
477   }
478 }
479 
IsIDNComponentInSingleScript(const char16 * str,int str_len)480 bool IsIDNComponentInSingleScript(const char16* str, int str_len) {
481   UScriptCode first_script = USCRIPT_INVALID_CODE;
482   bool is_first = true;
483 
484   int i = 0;
485   while (i < str_len) {
486     unsigned code_point;
487     U16_NEXT(str, i, str_len, code_point);
488 
489     UErrorCode err = U_ZERO_ERROR;
490     UScriptCode cur_script = uscript_getScript(code_point, &err);
491     if (err != U_ZERO_ERROR)
492       return false;  // Report mixed on error.
493     cur_script = NormalizeScript(cur_script);
494 
495     // TODO(brettw) We may have to check for USCRIPT_INHERENT as well.
496     if (is_first && cur_script != USCRIPT_COMMON) {
497       first_script = cur_script;
498       is_first = false;
499     } else {
500       if (cur_script != USCRIPT_COMMON && cur_script != first_script)
501         return false;
502     }
503   }
504   return true;
505 }
506 
507 // Check if the script of a language can be 'safely' mixed with
508 // Latin letters in the ASCII range.
IsCompatibleWithASCIILetters(const std::string & lang)509 bool IsCompatibleWithASCIILetters(const std::string& lang) {
510   // For now, just list Chinese, Japanese and Korean (positive list).
511   // An alternative is negative-listing (languages using Greek and
512   // Cyrillic letters), but it can be more dangerous.
513   return !lang.substr(0, 2).compare("zh") ||
514          !lang.substr(0, 2).compare("ja") ||
515          !lang.substr(0, 2).compare("ko");
516 }
517 
518 typedef std::map<std::string, icu::UnicodeSet*> LangToExemplarSetMap;
519 
520 class LangToExemplarSet {
521  public:
GetInstance()522   static LangToExemplarSet* GetInstance() {
523     return Singleton<LangToExemplarSet>::get();
524   }
525 
526  private:
527   LangToExemplarSetMap map;
LangToExemplarSet()528   LangToExemplarSet() { }
~LangToExemplarSet()529   ~LangToExemplarSet() {
530     STLDeleteContainerPairSecondPointers(map.begin(), map.end());
531   }
532 
533   friend class Singleton<LangToExemplarSet>;
534   friend struct DefaultSingletonTraits<LangToExemplarSet>;
535   friend bool GetExemplarSetForLang(const std::string&, icu::UnicodeSet**);
536   friend void SetExemplarSetForLang(const std::string&, icu::UnicodeSet*);
537 
538   DISALLOW_COPY_AND_ASSIGN(LangToExemplarSet);
539 };
540 
GetExemplarSetForLang(const std::string & lang,icu::UnicodeSet ** lang_set)541 bool GetExemplarSetForLang(const std::string& lang,
542                            icu::UnicodeSet** lang_set) {
543   const LangToExemplarSetMap& map = LangToExemplarSet::GetInstance()->map;
544   LangToExemplarSetMap::const_iterator pos = map.find(lang);
545   if (pos != map.end()) {
546     *lang_set = pos->second;
547     return true;
548   }
549   return false;
550 }
551 
SetExemplarSetForLang(const std::string & lang,icu::UnicodeSet * lang_set)552 void SetExemplarSetForLang(const std::string& lang,
553                            icu::UnicodeSet* lang_set) {
554   LangToExemplarSetMap& map = LangToExemplarSet::GetInstance()->map;
555   map.insert(std::make_pair(lang, lang_set));
556 }
557 
558 static base::Lock lang_set_lock;
559 
560 // Returns true if all the characters in component_characters are used by
561 // the language |lang|.
IsComponentCoveredByLang(const icu::UnicodeSet & component_characters,const std::string & lang)562 bool IsComponentCoveredByLang(const icu::UnicodeSet& component_characters,
563                               const std::string& lang) {
564   static const icu::UnicodeSet kASCIILetters(0x61, 0x7a);  // [a-z]
565   icu::UnicodeSet* lang_set;
566   // We're called from both the UI thread and the history thread.
567   {
568     base::AutoLock lock(lang_set_lock);
569     if (!GetExemplarSetForLang(lang, &lang_set)) {
570       UErrorCode status = U_ZERO_ERROR;
571       ULocaleData* uld = ulocdata_open(lang.c_str(), &status);
572       // TODO(jungshik) Turn this check on when the ICU data file is
573       // rebuilt with the minimal subset of locale data for languages
574       // to which Chrome is not localized but which we offer in the list
575       // of languages selectable for Accept-Languages. With the rebuilt ICU
576       // data, ulocdata_open never should fall back to the default locale.
577       // (issue 2078)
578       // DCHECK(U_SUCCESS(status) && status != U_USING_DEFAULT_WARNING);
579       if (U_SUCCESS(status) && status != U_USING_DEFAULT_WARNING) {
580         lang_set = reinterpret_cast<icu::UnicodeSet *>(
581             ulocdata_getExemplarSet(uld, NULL, 0,
582                                     ULOCDATA_ES_STANDARD, &status));
583         // If |lang| is compatible with ASCII Latin letters, add them.
584         if (IsCompatibleWithASCIILetters(lang))
585           lang_set->addAll(kASCIILetters);
586       } else {
587         lang_set = new icu::UnicodeSet(1, 0);
588       }
589       lang_set->freeze();
590       SetExemplarSetForLang(lang, lang_set);
591       ulocdata_close(uld);
592     }
593   }
594   return !lang_set->isEmpty() && lang_set->containsAll(component_characters);
595 }
596 
597 // Returns true if the given Unicode host component is safe to display to the
598 // user.
IsIDNComponentSafe(const char16 * str,int str_len,const std::wstring & languages)599 bool IsIDNComponentSafe(const char16* str,
600                         int str_len,
601                         const std::wstring& languages) {
602   // Most common cases (non-IDN) do not reach here so that we don't
603   // need a fast return path.
604   // TODO(jungshik) : Check if there's any character inappropriate
605   // (although allowed) for domain names.
606   // See http://www.unicode.org/reports/tr39/#IDN_Security_Profiles and
607   // http://www.unicode.org/reports/tr39/data/xidmodifications.txt
608   // For now, we borrow the list from Mozilla and tweaked it slightly.
609   // (e.g. Characters like U+00A0, U+3000, U+3002 are omitted because
610   //  they're gonna be canonicalized to U+0020 and full stop before
611   //  reaching here.)
612   // The original list is available at
613   // http://kb.mozillazine.org/Network.IDN.blacklist_chars and
614   // at http://mxr.mozilla.org/seamonkey/source/modules/libpref/src/init/all.js#703
615 
616   UErrorCode status = U_ZERO_ERROR;
617 #ifdef U_WCHAR_IS_UTF16
618   icu::UnicodeSet dangerous_characters(icu::UnicodeString(
619       L"[[\\ \u00bc\u00bd\u01c3\u0337\u0338"
620       L"\u05c3\u05f4\u06d4\u0702\u115f\u1160][\u2000-\u200b]"
621       L"[\u2024\u2027\u2028\u2029\u2039\u203a\u2044\u205f]"
622       L"[\u2154-\u2156][\u2159-\u215b][\u215f\u2215\u23ae"
623       L"\u29f6\u29f8\u2afb\u2afd][\u2ff0-\u2ffb][\u3014"
624       L"\u3015\u3033\u3164\u321d\u321e\u33ae\u33af\u33c6\u33df\ufe14"
625       L"\ufe15\ufe3f\ufe5d\ufe5e\ufeff\uff0e\uff06\uff61\uffa0\ufff9]"
626       L"[\ufffa-\ufffd]]"), status);
627   DCHECK(U_SUCCESS(status));
628   icu::RegexMatcher dangerous_patterns(icu::UnicodeString(
629       // Lone katakana no, so, or n
630       L"[^\\p{Katakana}][\u30ce\u30f3\u30bd][^\\p{Katakana}]"
631       // Repeating Japanese accent characters
632       L"|[\u3099\u309a\u309b\u309c][\u3099\u309a\u309b\u309c]"),
633       0, status);
634 #else
635   icu::UnicodeSet dangerous_characters(icu::UnicodeString(
636       "[[\\u0020\\u00bc\\u00bd\\u01c3\\u0337\\u0338"
637       "\\u05c3\\u05f4\\u06d4\\u0702\\u115f\\u1160][\\u2000-\\u200b]"
638       "[\\u2024\\u2027\\u2028\\u2029\\u2039\\u203a\\u2044\\u205f]"
639       "[\\u2154-\\u2156][\\u2159-\\u215b][\\u215f\\u2215\\u23ae"
640       "\\u29f6\\u29f8\\u2afb\\u2afd][\\u2ff0-\\u2ffb][\\u3014"
641       "\\u3015\\u3033\\u3164\\u321d\\u321e\\u33ae\\u33af\\u33c6\\u33df\\ufe14"
642       "\\ufe15\\ufe3f\\ufe5d\\ufe5e\\ufeff\\uff0e\\uff06\\uff61\\uffa0\\ufff9]"
643       "[\\ufffa-\\ufffd]]", -1, US_INV), status);
644   DCHECK(U_SUCCESS(status));
645   icu::RegexMatcher dangerous_patterns(icu::UnicodeString(
646       // Lone katakana no, so, or n
647       "[^\\p{Katakana}][\\u30ce\\u30f3\u30bd][^\\p{Katakana}]"
648       // Repeating Japanese accent characters
649       "|[\\u3099\\u309a\\u309b\\u309c][\\u3099\\u309a\\u309b\\u309c]"),
650       0, status);
651 #endif
652   DCHECK(U_SUCCESS(status));
653   icu::UnicodeSet component_characters;
654   icu::UnicodeString component_string(str, str_len);
655   component_characters.addAll(component_string);
656   if (dangerous_characters.containsSome(component_characters))
657     return false;
658 
659   DCHECK(U_SUCCESS(status));
660   dangerous_patterns.reset(component_string);
661   if (dangerous_patterns.find())
662     return false;
663 
664   // If the language list is empty, the result is completely determined
665   // by whether a component is a single script or not. This will block
666   // even "safe" script mixing cases like <Chinese, Latin-ASCII> that are
667   // allowed with |languages| (while it blocks Chinese + Latin letters with
668   // an accent as should be the case), but we want to err on the safe side
669   // when |languages| is empty.
670   if (languages.empty())
671     return IsIDNComponentInSingleScript(str, str_len);
672 
673   // |common_characters| is made up of  ASCII numbers, hyphen, plus and
674   // underscore that are used across scripts and allowed in domain names.
675   // (sync'd with characters allowed in url_canon_host with square
676   // brackets excluded.) See kHostCharLookup[] array in url_canon_host.cc.
677   icu::UnicodeSet common_characters(UNICODE_STRING_SIMPLE("[[0-9]\\-_+\\ ]"),
678                                     status);
679   DCHECK(U_SUCCESS(status));
680   // Subtract common characters because they're always allowed so that
681   // we just have to check if a language-specific set contains
682   // the remainder.
683   component_characters.removeAll(common_characters);
684 
685   std::string languages_list(WideToASCII(languages));
686   StringTokenizer t(languages_list, ",");
687   while (t.GetNext()) {
688     if (IsComponentCoveredByLang(component_characters, t.token()))
689       return true;
690   }
691   return false;
692 }
693 
694 // Converts one component of a host (between dots) to IDN if safe. The result
695 // will be APPENDED to the given output string and will be the same as the input
696 // if it is not IDN or the IDN is unsafe to display.  Returns whether any
697 // conversion was performed.
IDNToUnicodeOneComponent(const char16 * comp,size_t comp_len,const std::wstring & languages,string16 * out)698 bool IDNToUnicodeOneComponent(const char16* comp,
699                               size_t comp_len,
700                               const std::wstring& languages,
701                               string16* out) {
702   DCHECK(out);
703   if (comp_len == 0)
704     return false;
705 
706   // Only transform if the input can be an IDN component.
707   static const char16 kIdnPrefix[] = {'x', 'n', '-', '-'};
708   if ((comp_len > arraysize(kIdnPrefix)) &&
709       !memcmp(comp, kIdnPrefix, arraysize(kIdnPrefix) * sizeof(char16))) {
710     // Repeatedly expand the output string until it's big enough.  It looks like
711     // ICU will return the required size of the buffer, but that's not
712     // documented, so we'll just grow by 2x. This should be rare and is not on a
713     // critical path.
714     size_t original_length = out->length();
715     for (int extra_space = 64; ; extra_space *= 2) {
716       UErrorCode status = U_ZERO_ERROR;
717       out->resize(out->length() + extra_space);
718       int output_chars = uidna_IDNToUnicode(comp,
719           static_cast<int32_t>(comp_len), &(*out)[original_length], extra_space,
720           UIDNA_DEFAULT, NULL, &status);
721       if (status == U_ZERO_ERROR) {
722         // Converted successfully.
723         out->resize(original_length + output_chars);
724         if (IsIDNComponentSafe(out->data() + original_length, output_chars,
725                                languages))
726           return true;
727       }
728 
729       if (status != U_BUFFER_OVERFLOW_ERROR)
730         break;
731     }
732     // Failed, revert back to original string.
733     out->resize(original_length);
734   }
735 
736   // We get here with no IDN or on error, in which case we just append the
737   // literal input.
738   out->append(comp, comp_len);
739   return false;
740 }
741 
742 struct SubtractFromOffset {
SubtractFromOffsetnet::__anon1daa98020111::SubtractFromOffset743   explicit SubtractFromOffset(size_t amount)
744     : amount(amount) {}
operator ()net::__anon1daa98020111::SubtractFromOffset745   void operator()(size_t& offset) {
746     if (offset != std::wstring::npos) {
747       if (offset >= amount)
748         offset -= amount;
749       else
750         offset = std::wstring::npos;
751     }
752   }
753 
754   size_t amount;
755 };
756 
757 struct AddToOffset {
AddToOffsetnet::__anon1daa98020111::AddToOffset758   explicit AddToOffset(size_t amount)
759     : amount(amount) {}
operator ()net::__anon1daa98020111::AddToOffset760   void operator()(size_t& offset) {
761     if (offset != std::wstring::npos)
762       offset += amount;
763   }
764 
765   size_t amount;
766 };
767 
OffsetsIntoSection(std::vector<size_t> * offsets_for_adjustment,size_t section_begin)768 std::vector<size_t> OffsetsIntoSection(
769     std::vector<size_t>* offsets_for_adjustment,
770     size_t section_begin) {
771   std::vector<size_t> offsets_into_section;
772   if (offsets_for_adjustment) {
773     std::transform(offsets_for_adjustment->begin(),
774                    offsets_for_adjustment->end(),
775                    std::back_inserter(offsets_into_section),
776                    ClampComponentOffset(section_begin));
777     std::for_each(offsets_into_section.begin(), offsets_into_section.end(),
778                   SubtractFromOffset(section_begin));
779   }
780   return offsets_into_section;
781 }
782 
ApplySectionAdjustments(const std::vector<size_t> & offsets_into_section,std::vector<size_t> * offsets_for_adjustment,size_t old_section_len,size_t new_section_len,size_t section_begin)783 void ApplySectionAdjustments(const std::vector<size_t>& offsets_into_section,
784                              std::vector<size_t>* offsets_for_adjustment,
785                              size_t old_section_len,
786                              size_t new_section_len,
787                              size_t section_begin) {
788   if (offsets_for_adjustment) {
789     DCHECK_EQ(offsets_for_adjustment->size(), offsets_into_section.size());
790     std::vector<size_t>::const_iterator host_offsets_iter =
791         offsets_into_section.begin();
792     for (std::vector<size_t>::iterator offsets_iter =
793             offsets_for_adjustment->begin();
794          offsets_iter != offsets_for_adjustment->end();
795          ++offsets_iter, ++host_offsets_iter) {
796       size_t offset = *offsets_iter;
797       if (offset == std::wstring::npos || offset < section_begin) {
798         // The offset is before the host section so leave it as is.
799         continue;
800       }
801       if (offset >= section_begin + old_section_len) {
802         // The offset is after the host section so adjust by host length delta.
803         offset += new_section_len - old_section_len;
804       } else if (*host_offsets_iter != std::wstring::npos) {
805         // The offset is within the host and valid so adjust by the host
806         // reformatting offsets results.
807         offset = section_begin + *host_offsets_iter;
808       } else {
809         // The offset is invalid.
810         offset = std::wstring::npos;
811       }
812       *offsets_iter = offset;
813     }
814   }
815 }
816 
817 // If |component| is valid, its begin is incremented by |delta|.
AdjustComponent(int delta,url_parse::Component * component)818 void AdjustComponent(int delta, url_parse::Component* component) {
819   if (!component->is_valid())
820     return;
821 
822   DCHECK(delta >= 0 || component->begin >= -delta);
823   component->begin += delta;
824 }
825 
826 // Adjusts all the components of |parsed| by |delta|, except for the scheme.
AdjustComponents(int delta,url_parse::Parsed * parsed)827 void AdjustComponents(int delta, url_parse::Parsed* parsed) {
828   AdjustComponent(delta, &(parsed->username));
829   AdjustComponent(delta, &(parsed->password));
830   AdjustComponent(delta, &(parsed->host));
831   AdjustComponent(delta, &(parsed->port));
832   AdjustComponent(delta, &(parsed->path));
833   AdjustComponent(delta, &(parsed->query));
834   AdjustComponent(delta, &(parsed->ref));
835 }
836 
837 std::wstring FormatUrlInternal(const GURL& url,
838                                const std::wstring& languages,
839                                FormatUrlTypes format_types,
840                                UnescapeRule::Type unescape_rules,
841                                url_parse::Parsed* new_parsed,
842                                size_t* prefix_end,
843                                std::vector<size_t>* offsets_for_adjustment);
844 
845 // Helper for FormatUrl()/FormatUrlInternal().
FormatViewSourceUrl(const GURL & url,const std::wstring & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)846 std::wstring FormatViewSourceUrl(const GURL& url,
847                                  const std::wstring& languages,
848                                  FormatUrlTypes format_types,
849                                  UnescapeRule::Type unescape_rules,
850                                  url_parse::Parsed* new_parsed,
851                                  size_t* prefix_end,
852                                  std::vector<size_t>* offsets_for_adjustment) {
853   DCHECK(new_parsed);
854   DCHECK(offsets_for_adjustment);
855   const wchar_t* const kWideViewSource = L"view-source:";
856   const size_t kViewSourceLengthPlus1 = 12;
857   std::vector<size_t> saved_offsets(*offsets_for_adjustment);
858 
859   GURL real_url(url.possibly_invalid_spec().substr(kViewSourceLengthPlus1));
860   // Clamp the offsets to the source area.
861   std::for_each(offsets_for_adjustment->begin(),
862                 offsets_for_adjustment->end(),
863                 SubtractFromOffset(kViewSourceLengthPlus1));
864   std::wstring result = FormatUrlInternal(real_url, languages, format_types,
865       unescape_rules, new_parsed, prefix_end, offsets_for_adjustment);
866   result.insert(0, kWideViewSource);
867 
868   // Adjust position values.
869   if (new_parsed->scheme.is_nonempty()) {
870     // Assume "view-source:real-scheme" as a scheme.
871     new_parsed->scheme.len += kViewSourceLengthPlus1;
872   } else {
873     new_parsed->scheme.begin = 0;
874     new_parsed->scheme.len = kViewSourceLengthPlus1 - 1;
875   }
876   AdjustComponents(kViewSourceLengthPlus1, new_parsed);
877   if (prefix_end)
878     *prefix_end += kViewSourceLengthPlus1;
879   std::for_each(offsets_for_adjustment->begin(),
880                 offsets_for_adjustment->end(),
881                 AddToOffset(kViewSourceLengthPlus1));
882   // Restore all offsets which were not affected by FormatUrlInternal.
883   DCHECK_EQ(saved_offsets.size(), offsets_for_adjustment->size());
884   for (size_t i = 0; i < saved_offsets.size(); ++i) {
885     if (saved_offsets[i] < kViewSourceLengthPlus1)
886       (*offsets_for_adjustment)[i] = saved_offsets[i];
887   }
888   return result;
889 }
890 
891 // Appends the substring |in_component| inside of the URL |spec| to |output|,
892 // and the resulting range will be filled into |out_component|. |unescape_rules|
893 // defines how to clean the URL for human readability.  |offsets_for_adjustment|
894 // is an array of offsets into |output| each of which will be adjusted based on
895 // how it maps to the component being converted; if it is less than
896 // output->length(), it will be untouched, and if it is greater than
897 // output->length() + in_component.len it will be adjusted by the difference in
898 // lengths between the input and output components.  Otherwise it points into
899 // the component being converted, and is adjusted to point to the same logical
900 // place in |output|. |offsets_for_adjustment| may not be NULL.
AppendFormattedComponent(const std::string & spec,const url_parse::Component & in_component,UnescapeRule::Type unescape_rules,std::wstring * output,url_parse::Component * out_component,std::vector<size_t> * offsets_for_adjustment)901 void AppendFormattedComponent(const std::string& spec,
902                               const url_parse::Component& in_component,
903                               UnescapeRule::Type unescape_rules,
904                               std::wstring* output,
905                               url_parse::Component* out_component,
906                               std::vector<size_t>* offsets_for_adjustment) {
907   DCHECK(output);
908   DCHECK(offsets_for_adjustment);
909   if (in_component.is_nonempty()) {
910     size_t component_begin = output->length();
911     out_component->begin = static_cast<int>(component_begin);
912 
913     // Compose a list of offsets within the component area.
914     std::vector<size_t> offsets_into_component =
915         OffsetsIntoSection(offsets_for_adjustment, component_begin);
916 
917     if (unescape_rules == UnescapeRule::NONE) {
918       output->append(UTF8ToWideAndAdjustOffsets(
919           spec.substr(in_component.begin, in_component.len),
920           &offsets_into_component));
921     } else {
922       output->append(UTF16ToWideHack(
923           UnescapeAndDecodeUTF8URLComponentWithOffsets(
924               spec.substr(in_component.begin, in_component.len), unescape_rules,
925               &offsets_into_component)));
926     }
927     size_t new_component_len = output->length() - component_begin;
928     out_component->len = static_cast<int>(new_component_len);
929 
930     // Apply offset adjustments.
931     size_t old_component_len = static_cast<size_t>(in_component.len);
932     ApplySectionAdjustments(offsets_into_component, offsets_for_adjustment,
933         old_component_len, new_component_len, component_begin);
934   } else {
935     out_component->reset();
936   }
937 }
938 
939 // TODO(viettrungluu): This is really the old-fashioned version, made internal.
940 // I need to really convert |FormatUrl()|.
FormatUrlInternal(const GURL & url,const std::wstring & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)941 std::wstring FormatUrlInternal(const GURL& url,
942                                const std::wstring& languages,
943                                FormatUrlTypes format_types,
944                                UnescapeRule::Type unescape_rules,
945                                url_parse::Parsed* new_parsed,
946                                size_t* prefix_end,
947                                std::vector<size_t>* offsets_for_adjustment) {
948   url_parse::Parsed parsed_temp;
949   if (!new_parsed)
950     new_parsed = &parsed_temp;
951   else
952     *new_parsed = url_parse::Parsed();
953 
954   std::vector<size_t> offsets_temp;
955   if (!offsets_for_adjustment)
956     offsets_for_adjustment = &offsets_temp;
957 
958   std::wstring url_string;
959 
960   // Check for empty URLs or 0 available text width.
961   if (url.is_empty()) {
962     if (prefix_end)
963       *prefix_end = 0;
964     std::for_each(offsets_for_adjustment->begin(),
965                   offsets_for_adjustment->end(),
966                   LimitOffset<std::wstring>(0));
967     return url_string;
968   }
969 
970   // Special handling for view-source:.  Don't use chrome::kViewSourceScheme
971   // because this library shouldn't depend on chrome.
972   const char* const kViewSource = "view-source";
973   // Reject "view-source:view-source:..." to avoid deep recursion.
974   const char* const kViewSourceTwice = "view-source:view-source:";
975   if (url.SchemeIs(kViewSource) &&
976       !StartsWithASCII(url.possibly_invalid_spec(), kViewSourceTwice, false)) {
977     return FormatViewSourceUrl(url, languages, format_types,
978         unescape_rules, new_parsed, prefix_end, offsets_for_adjustment);
979   }
980 
981   // We handle both valid and invalid URLs (this will give us the spec
982   // regardless of validity).
983   const std::string& spec = url.possibly_invalid_spec();
984   const url_parse::Parsed& parsed = url.parsed_for_possibly_invalid_spec();
985   size_t spec_length = spec.length();
986   std::for_each(offsets_for_adjustment->begin(),
987                 offsets_for_adjustment->end(),
988                 LimitOffset<std::wstring>(spec_length));
989 
990   // Copy everything before the username (the scheme and the separators.)
991   // These are ASCII.
992   url_string.insert(url_string.end(), spec.begin(),
993       spec.begin() + parsed.CountCharactersBefore(url_parse::Parsed::USERNAME,
994                                                   true));
995 
996   const wchar_t kHTTP[] = L"http://";
997   const char kFTP[] = "ftp.";
998   // URLFixerUpper::FixupURL() treats "ftp.foo.com" as ftp://ftp.foo.com.  This
999   // means that if we trim "http://" off a URL whose host starts with "ftp." and
1000   // the user inputs this into any field subject to fixup (which is basically
1001   // all input fields), the meaning would be changed.  (In fact, often the
1002   // formatted URL is directly pre-filled into an input field.)  For this reason
1003   // we avoid stripping "http://" in this case.
1004   bool omit_http =
1005       (format_types & kFormatUrlOmitHTTP) && (url_string == kHTTP) &&
1006       (url.host().compare(0, arraysize(kFTP) - 1, kFTP) != 0);
1007 
1008   new_parsed->scheme = parsed.scheme;
1009 
1010   if ((format_types & kFormatUrlOmitUsernamePassword) != 0) {
1011     // Remove the username and password fields. We don't want to display those
1012     // to the user since they can be used for attacks,
1013     // e.g. "http://google.com:search@evil.ru/"
1014     new_parsed->username.reset();
1015     new_parsed->password.reset();
1016     // Update the offsets based on removed username and/or password.
1017     if (!offsets_for_adjustment->empty() &&
1018         (parsed.username.is_nonempty() || parsed.password.is_nonempty())) {
1019       AdjustOffset::Adjustments adjustments;
1020       if (parsed.username.is_nonempty() && parsed.password.is_nonempty()) {
1021         // The seeming off-by-one and off-by-two in these first two lines are to
1022         // account for the ':' after the username and '@' after the password.
1023         adjustments.push_back(AdjustOffset::Adjustment(
1024             static_cast<size_t>(parsed.username.begin),
1025             static_cast<size_t>(parsed.username.len + parsed.password.len +
1026                 2), 0));
1027       } else {
1028         const url_parse::Component* nonempty_component =
1029             parsed.username.is_nonempty() ? &parsed.username : &parsed.password;
1030         // The seeming off-by-one in below is to account for the '@' after the
1031         // username/password.
1032         adjustments.push_back(AdjustOffset::Adjustment(
1033             static_cast<size_t>(nonempty_component->begin),
1034             static_cast<size_t>(nonempty_component->len + 1), 0));
1035       }
1036 
1037       // Make offset adjustment.
1038       std::for_each(offsets_for_adjustment->begin(),
1039                     offsets_for_adjustment->end(),
1040                     AdjustOffset(adjustments));
1041     }
1042   } else {
1043     AppendFormattedComponent(spec, parsed.username, unescape_rules, &url_string,
1044                              &new_parsed->username, offsets_for_adjustment);
1045     if (parsed.password.is_valid())
1046       url_string.push_back(':');
1047     AppendFormattedComponent(spec, parsed.password, unescape_rules, &url_string,
1048                              &new_parsed->password, offsets_for_adjustment);
1049     if (parsed.username.is_valid() || parsed.password.is_valid())
1050       url_string.push_back('@');
1051   }
1052   if (prefix_end)
1053     *prefix_end = static_cast<size_t>(url_string.length());
1054 
1055   AppendFormattedHostWithOffsets(url, languages, &url_string, new_parsed,
1056                                  offsets_for_adjustment);
1057 
1058   // Port.
1059   if (parsed.port.is_nonempty()) {
1060     url_string.push_back(':');
1061     new_parsed->port.begin = url_string.length();
1062     url_string.insert(url_string.end(),
1063                       spec.begin() + parsed.port.begin,
1064                       spec.begin() + parsed.port.end());
1065     new_parsed->port.len = url_string.length() - new_parsed->port.begin;
1066   } else {
1067     new_parsed->port.reset();
1068   }
1069 
1070   // Path and query both get the same general unescape & convert treatment.
1071   if (!(format_types & kFormatUrlOmitTrailingSlashOnBareHostname) ||
1072       !CanStripTrailingSlash(url)) {
1073     AppendFormattedComponent(spec, parsed.path, unescape_rules, &url_string,
1074                              &new_parsed->path, offsets_for_adjustment);
1075   }
1076   if (parsed.query.is_valid())
1077     url_string.push_back('?');
1078   AppendFormattedComponent(spec, parsed.query, unescape_rules, &url_string,
1079                            &new_parsed->query, offsets_for_adjustment);
1080 
1081   // Reference is stored in valid, unescaped UTF-8, so we can just convert.
1082   if (parsed.ref.is_valid()) {
1083     url_string.push_back('#');
1084     size_t ref_begin = url_string.length();
1085     new_parsed->ref.begin = static_cast<int>(ref_begin);
1086 
1087     // Compose a list of offsets within the section.
1088     std::vector<size_t> offsets_into_ref =
1089         OffsetsIntoSection(offsets_for_adjustment, ref_begin);
1090 
1091     if (parsed.ref.len > 0) {
1092       url_string.append(UTF8ToWideAndAdjustOffsets(spec.substr(parsed.ref.begin,
1093                                                                parsed.ref.len),
1094                                                    &offsets_into_ref));
1095     }
1096     size_t old_ref_len = static_cast<size_t>(parsed.ref.len);
1097     size_t new_ref_len = url_string.length() - new_parsed->ref.begin;
1098     new_parsed->ref.len = static_cast<int>(new_ref_len);
1099 
1100     // Apply offset adjustments.
1101     ApplySectionAdjustments(offsets_into_ref, offsets_for_adjustment,
1102         old_ref_len, new_ref_len, ref_begin);
1103   }
1104 
1105   // If we need to strip out http do it after the fact. This way we don't need
1106   // to worry about how offset_for_adjustment is interpreted.
1107   const size_t kHTTPSize = arraysize(kHTTP) - 1;
1108   if (omit_http && !url_string.compare(0, kHTTPSize, kHTTP)) {
1109     url_string = url_string.substr(kHTTPSize);
1110     AdjustOffset::Adjustments adjustments;
1111     adjustments.push_back(AdjustOffset::Adjustment(0, kHTTPSize, 0));
1112     std::for_each(offsets_for_adjustment->begin(),
1113                   offsets_for_adjustment->end(),
1114                   AdjustOffset(adjustments));
1115     if (prefix_end)
1116       *prefix_end -= kHTTPSize;
1117 
1118     // Adjust new_parsed.
1119     DCHECK(new_parsed->scheme.is_valid());
1120     int delta = -(new_parsed->scheme.len + 3);  // +3 for ://.
1121     new_parsed->scheme.reset();
1122     AdjustComponents(delta, new_parsed);
1123   }
1124 
1125   return url_string;
1126 }
1127 
do_strdup(const char * src)1128 char* do_strdup(const char* src) {
1129 #if defined(OS_WIN)
1130   return _strdup(src);
1131 #else
1132   return strdup(src);
1133 #endif
1134 }
1135 
1136 }  // namespace
1137 
1138 const FormatUrlType kFormatUrlOmitNothing                     = 0;
1139 const FormatUrlType kFormatUrlOmitUsernamePassword            = 1 << 0;
1140 const FormatUrlType kFormatUrlOmitHTTP                        = 1 << 1;
1141 const FormatUrlType kFormatUrlOmitTrailingSlashOnBareHostname = 1 << 2;
1142 const FormatUrlType kFormatUrlOmitAll = kFormatUrlOmitUsernamePassword |
1143     kFormatUrlOmitHTTP | kFormatUrlOmitTrailingSlashOnBareHostname;
1144 
1145 // TODO(viettrungluu): We don't want non-POD globals; change this.
1146 std::multiset<int> explicitly_allowed_ports;
1147 
FilePathToFileURL(const FilePath & path)1148 GURL FilePathToFileURL(const FilePath& path) {
1149   // Produce a URL like "file:///C:/foo" for a regular file, or
1150   // "file://///server/path" for UNC. The URL canonicalizer will fix up the
1151   // latter case to be the canonical UNC form: "file://server/path"
1152   FilePath::StringType url_string(kFileURLPrefix);
1153   url_string.append(path.value());
1154 
1155   // Now do replacement of some characters. Since we assume the input is a
1156   // literal filename, anything the URL parser might consider special should
1157   // be escaped here.
1158 
1159   // must be the first substitution since others will introduce percents as the
1160   // escape character
1161   ReplaceSubstringsAfterOffset(&url_string, 0,
1162       FILE_PATH_LITERAL("%"), FILE_PATH_LITERAL("%25"));
1163 
1164   // semicolon is supposed to be some kind of separator according to RFC 2396
1165   ReplaceSubstringsAfterOffset(&url_string, 0,
1166       FILE_PATH_LITERAL(";"), FILE_PATH_LITERAL("%3B"));
1167 
1168   ReplaceSubstringsAfterOffset(&url_string, 0,
1169       FILE_PATH_LITERAL("#"), FILE_PATH_LITERAL("%23"));
1170 
1171 #if defined(OS_POSIX)
1172   ReplaceSubstringsAfterOffset(&url_string, 0,
1173       FILE_PATH_LITERAL("\\"), FILE_PATH_LITERAL("%5C"));
1174 #endif
1175 
1176   return GURL(url_string);
1177 }
1178 
GetSpecificHeader(const std::wstring & headers,const std::wstring & name)1179 std::wstring GetSpecificHeader(const std::wstring& headers,
1180                                const std::wstring& name) {
1181   return GetSpecificHeaderT(headers, name);
1182 }
1183 
GetSpecificHeader(const std::string & headers,const std::string & name)1184 std::string GetSpecificHeader(const std::string& headers,
1185                                const std::string& name) {
1186   return GetSpecificHeaderT(headers, name);
1187 }
1188 
DecodeCharset(const std::string & input,std::string * decoded_charset,std::string * value)1189 bool DecodeCharset(const std::string& input,
1190                    std::string* decoded_charset,
1191                    std::string* value) {
1192   StringTokenizer t(input, "'");
1193   t.set_options(StringTokenizer::RETURN_DELIMS);
1194   std::string temp_charset;
1195   std::string temp_value;
1196   int numDelimsSeen = 0;
1197   while (t.GetNext()) {
1198     if (t.token_is_delim()) {
1199       ++numDelimsSeen;
1200       continue;
1201     } else {
1202       switch (numDelimsSeen) {
1203         case 0:
1204           temp_charset = t.token();
1205           break;
1206         case 1:
1207           // Language is ignored.
1208           break;
1209         case 2:
1210           temp_value = t.token();
1211           break;
1212         default:
1213           return false;
1214       }
1215     }
1216   }
1217   if (numDelimsSeen != 2)
1218     return false;
1219   if (temp_charset.empty() || temp_value.empty())
1220     return false;
1221   decoded_charset->swap(temp_charset);
1222   value->swap(temp_value);
1223   return true;
1224 }
1225 
GetFileNameFromCD(const std::string & header,const std::string & referrer_charset)1226 std::string GetFileNameFromCD(const std::string& header,
1227                               const std::string& referrer_charset) {
1228   std::string decoded;
1229   std::string param_value = GetHeaderParamValue(header, "filename*",
1230                                                 QuoteRule::KEEP_OUTER_QUOTES);
1231   if (!param_value.empty()) {
1232     if (param_value.find('"') == std::string::npos) {
1233       std::string charset;
1234       std::string value;
1235       if (DecodeCharset(param_value, &charset, &value)) {
1236         // RFC 5987 value should be ASCII-only.
1237         if (!IsStringASCII(value))
1238           return std::string();
1239         std::string tmp = UnescapeURLComponent(
1240             value,
1241             UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS);
1242         if (base::ConvertToUtf8AndNormalize(tmp, charset, &decoded))
1243           return decoded;
1244       }
1245     }
1246   }
1247   param_value = GetHeaderParamValue(header, "filename",
1248                                     QuoteRule::REMOVE_OUTER_QUOTES);
1249   if (param_value.empty()) {
1250     // Some servers use 'name' parameter.
1251     param_value = GetHeaderParamValue(header, "name",
1252                                       QuoteRule::REMOVE_OUTER_QUOTES);
1253   }
1254   if (param_value.empty())
1255     return std::string();
1256   if (DecodeParamValue(param_value, referrer_charset, &decoded))
1257     return decoded;
1258   return std::string();
1259 }
1260 
GetHeaderParamValue(const std::wstring & field,const std::wstring & param_name,QuoteRule::Type quote_rule)1261 std::wstring GetHeaderParamValue(const std::wstring& field,
1262                                  const std::wstring& param_name,
1263                                  QuoteRule::Type quote_rule) {
1264   return GetHeaderParamValueT(field, param_name, quote_rule);
1265 }
1266 
GetHeaderParamValue(const std::string & field,const std::string & param_name,QuoteRule::Type quote_rule)1267 std::string GetHeaderParamValue(const std::string& field,
1268                                 const std::string& param_name,
1269                                 QuoteRule::Type quote_rule) {
1270   return GetHeaderParamValueT(field, param_name, quote_rule);
1271 }
1272 
1273 // TODO(brettw) bug 734373: check the scripts for each host component and
1274 // don't un-IDN-ize if there is more than one. Alternatively, only IDN for
1275 // scripts that the user has installed. For now, just put the entire
1276 // path through IDN. Maybe this feature can be implemented in ICU itself?
1277 //
1278 // We may want to skip this step in the case of file URLs to allow unicode
1279 // UNC hostnames regardless of encodings.
IDNToUnicodeWithOffsets(const char * host,size_t host_len,const std::wstring & languages,std::vector<size_t> * offsets_for_adjustment)1280 std::wstring IDNToUnicodeWithOffsets(
1281     const char* host,
1282     size_t host_len,
1283     const std::wstring& languages,
1284     std::vector<size_t>* offsets_for_adjustment) {
1285   // Convert the ASCII input to a wide string for ICU.
1286   string16 input16;
1287   input16.reserve(host_len);
1288   input16.insert(input16.end(), host, host + host_len);
1289 
1290   // Do each component of the host separately, since we enforce script matching
1291   // on a per-component basis.
1292   AdjustOffset::Adjustments adjustments;
1293   string16 out16;
1294   for (size_t component_start = 0, component_end;
1295        component_start < input16.length();
1296        component_start = component_end + 1) {
1297     // Find the end of the component.
1298     component_end = input16.find('.', component_start);
1299     if (component_end == string16::npos)
1300       component_end = input16.length();  // For getting the last component.
1301     size_t component_length = component_end - component_start;
1302     size_t new_component_start = out16.length();
1303     bool converted_idn = false;
1304     if (component_end > component_start) {
1305       // Add the substring that we just found.
1306       converted_idn = IDNToUnicodeOneComponent(input16.data() + component_start,
1307           component_length, languages, &out16);
1308     }
1309     size_t new_component_length = out16.length() - new_component_start;
1310 
1311     if (converted_idn && offsets_for_adjustment) {
1312       adjustments.push_back(AdjustOffset::Adjustment(
1313           component_start, component_length, new_component_length));
1314     }
1315 
1316     // Need to add the dot we just found (if we found one).
1317     if (component_end < input16.length())
1318       out16.push_back('.');
1319   }
1320 
1321   // Make offset adjustment.
1322   if (offsets_for_adjustment && !adjustments.empty()) {
1323     std::for_each(offsets_for_adjustment->begin(),
1324                   offsets_for_adjustment->end(),
1325                   AdjustOffset(adjustments));
1326   }
1327 
1328   return UTF16ToWideAndAdjustOffsets(out16, offsets_for_adjustment);
1329 }
1330 
IDNToUnicode(const char * host,size_t host_len,const std::wstring & languages,size_t * offset_for_adjustment)1331 std::wstring IDNToUnicode(const char* host,
1332                           size_t host_len,
1333                           const std::wstring& languages,
1334                           size_t* offset_for_adjustment) {
1335   std::vector<size_t> offsets;
1336   if (offset_for_adjustment)
1337     offsets.push_back(*offset_for_adjustment);
1338   std::wstring result =
1339       IDNToUnicodeWithOffsets(host, host_len, languages, &offsets);
1340   if (offset_for_adjustment)
1341     *offset_for_adjustment = offsets[0];
1342   return result;
1343 }
1344 
CanonicalizeHost(const std::string & host,url_canon::CanonHostInfo * host_info)1345 std::string CanonicalizeHost(const std::string& host,
1346                              url_canon::CanonHostInfo* host_info) {
1347   // Try to canonicalize the host.
1348   const url_parse::Component raw_host_component(
1349       0, static_cast<int>(host.length()));
1350   std::string canon_host;
1351   url_canon::StdStringCanonOutput canon_host_output(&canon_host);
1352   url_canon::CanonicalizeHostVerbose(host.c_str(), raw_host_component,
1353                                      &canon_host_output, host_info);
1354 
1355   if (host_info->out_host.is_nonempty() &&
1356       host_info->family != url_canon::CanonHostInfo::BROKEN) {
1357     // Success!  Assert that there's no extra garbage.
1358     canon_host_output.Complete();
1359     DCHECK_EQ(host_info->out_host.len, static_cast<int>(canon_host.length()));
1360   } else {
1361     // Empty host, or canonicalization failed.  We'll return empty.
1362     canon_host.clear();
1363   }
1364 
1365   return canon_host;
1366 }
1367 
CanonicalizeHost(const std::wstring & host,url_canon::CanonHostInfo * host_info)1368 std::string CanonicalizeHost(const std::wstring& host,
1369                              url_canon::CanonHostInfo* host_info) {
1370   std::string converted_host;
1371   WideToUTF8(host.c_str(), host.length(), &converted_host);
1372   return CanonicalizeHost(converted_host, host_info);
1373 }
1374 
GetDirectoryListingHeader(const string16 & title)1375 std::string GetDirectoryListingHeader(const string16& title) {
1376   static const base::StringPiece header(
1377       NetModule::GetResource(IDR_DIR_HEADER_HTML));
1378   // This can be null in unit tests.
1379   DLOG_IF(WARNING, header.empty()) <<
1380       "Missing resource: directory listing header";
1381 
1382   std::string result;
1383   if (!header.empty())
1384     result.assign(header.data(), header.size());
1385 
1386   result.append("<script>start(");
1387   base::JsonDoubleQuote(title, true, &result);
1388   result.append(");</script>\n");
1389 
1390   return result;
1391 }
1392 
IsHostCharAlpha(char c)1393 inline bool IsHostCharAlpha(char c) {
1394   // We can just check lowercase because uppercase characters have already been
1395   // normalized.
1396   return (c >= 'a') && (c <= 'z');
1397 }
1398 
IsHostCharDigit(char c)1399 inline bool IsHostCharDigit(char c) {
1400   return (c >= '0') && (c <= '9');
1401 }
1402 
IsCanonicalizedHostCompliant(const std::string & host,const std::string & desired_tld)1403 bool IsCanonicalizedHostCompliant(const std::string& host,
1404                                   const std::string& desired_tld) {
1405   if (host.empty())
1406     return false;
1407 
1408   bool in_component = false;
1409   bool most_recent_component_started_alpha = false;
1410   bool last_char_was_hyphen_or_underscore = false;
1411 
1412   for (std::string::const_iterator i(host.begin()); i != host.end(); ++i) {
1413     const char c = *i;
1414     if (!in_component) {
1415       most_recent_component_started_alpha = IsHostCharAlpha(c);
1416       if (!most_recent_component_started_alpha && !IsHostCharDigit(c))
1417         return false;
1418       in_component = true;
1419     } else {
1420       if (c == '.') {
1421         if (last_char_was_hyphen_or_underscore)
1422           return false;
1423         in_component = false;
1424       } else if (IsHostCharAlpha(c) || IsHostCharDigit(c)) {
1425         last_char_was_hyphen_or_underscore = false;
1426       } else if ((c == '-') || (c == '_')) {
1427         last_char_was_hyphen_or_underscore = true;
1428       } else {
1429         return false;
1430       }
1431     }
1432   }
1433 
1434   return most_recent_component_started_alpha ||
1435       (!desired_tld.empty() && IsHostCharAlpha(desired_tld[0]));
1436 }
1437 
GetDirectoryListingEntry(const string16 & name,const std::string & raw_bytes,bool is_dir,int64 size,Time modified)1438 std::string GetDirectoryListingEntry(const string16& name,
1439                                      const std::string& raw_bytes,
1440                                      bool is_dir,
1441                                      int64 size,
1442                                      Time modified) {
1443   std::string result;
1444   result.append("<script>addRow(");
1445   base::JsonDoubleQuote(name, true, &result);
1446   result.append(",");
1447   if (raw_bytes.empty()) {
1448     base::JsonDoubleQuote(EscapePath(UTF16ToUTF8(name)),
1449                                    true, &result);
1450   } else {
1451     base::JsonDoubleQuote(EscapePath(raw_bytes), true, &result);
1452   }
1453   if (is_dir) {
1454     result.append(",1,");
1455   } else {
1456     result.append(",0,");
1457   }
1458 
1459   base::JsonDoubleQuote(
1460       FormatBytes(size, GetByteDisplayUnits(size), true),
1461       true,
1462       &result);
1463 
1464   result.append(",");
1465 
1466   string16 modified_str;
1467   // |modified| can be NULL in FTP listings.
1468   if (!modified.is_null()) {
1469     modified_str = base::TimeFormatShortDateAndTime(modified);
1470   }
1471   base::JsonDoubleQuote(modified_str, true, &result);
1472 
1473   result.append(");</script>\n");
1474 
1475   return result;
1476 }
1477 
StripWWW(const string16 & text)1478 string16 StripWWW(const string16& text) {
1479   const string16 www(ASCIIToUTF16("www."));
1480   return StartsWith(text, www, true) ? text.substr(www.length()) : text;
1481 }
1482 
GetSuggestedFilename(const GURL & url,const std::string & content_disposition,const std::string & referrer_charset,const string16 & default_name)1483 string16 GetSuggestedFilename(const GURL& url,
1484                               const std::string& content_disposition,
1485                               const std::string& referrer_charset,
1486                               const string16& default_name) {
1487   // TODO: this function to be updated to match the httpbis recommendations.
1488   // Talk to abarth for the latest news.
1489 
1490   // We don't translate this fallback string, "download". If localization is
1491   // needed, the caller should provide localized fallback default_name.
1492   static const char* kFinalFallbackName = "download";
1493 
1494   // about: and data: URLs don't have file names, but esp. data: URLs may
1495   // contain parts that look like ones (i.e., contain a slash).
1496   // Therefore we don't attempt to divine a file name out of them.
1497   if (url.SchemeIs("about") || url.SchemeIs("data")) {
1498     return default_name.empty() ? ASCIIToUTF16(kFinalFallbackName)
1499                                 : default_name;
1500   }
1501 
1502   std::string filename = GetFileNameFromCD(content_disposition,
1503                                            referrer_charset);
1504 
1505   if (!filename.empty()) {
1506     // Replace any path information the server may have sent, by changing
1507     // path separators with underscores.
1508     ReplaceSubstringsAfterOffset(&filename, 0, "/", "_");
1509     ReplaceSubstringsAfterOffset(&filename, 0, "\\", "_");
1510 
1511     // Next, remove "." from the beginning and end of the file name to avoid
1512     // tricks with hidden files, "..", and "."
1513     TrimString(filename, ".", &filename);
1514   }
1515   if (filename.empty()) {
1516     if (url.is_valid()) {
1517       const std::string unescaped_url_filename = UnescapeURLComponent(
1518           url.ExtractFileName(),
1519           UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS);
1520 
1521       // The URL's path should be escaped UTF-8, but may not be.
1522       std::string decoded_filename = unescaped_url_filename;
1523       if (!IsStringASCII(decoded_filename)) {
1524         bool ignore;
1525         // TODO(jshin): this is probably not robust enough. To be sure, we
1526         // need encoding detection.
1527         DecodeWord(unescaped_url_filename, referrer_charset, &ignore,
1528                    &decoded_filename);
1529       }
1530 
1531       filename = decoded_filename;
1532     }
1533   }
1534 
1535 #if defined(OS_WIN)
1536   { // Handle CreateFile() stripping trailing dots and spaces on filenames
1537     // http://support.microsoft.com/kb/115827
1538     std::string::size_type pos = filename.find_last_not_of(" .");
1539     if (pos == std::string::npos)
1540       filename.resize(0);
1541     else
1542       filename.resize(++pos);
1543   }
1544 #endif
1545   // Trim '.' once more.
1546   TrimString(filename, ".", &filename);
1547 
1548   // If there's no filename or it gets trimed to be empty, use
1549   // the URL hostname or default_name
1550   if (filename.empty()) {
1551     if (!default_name.empty()) {
1552       return default_name;
1553     } else if (url.is_valid()) {
1554       // Some schemes (e.g. file) do not have a hostname. Even though it's
1555       // not likely to reach here, let's hardcode the last fallback name.
1556       // TODO(jungshik) : Decode a 'punycoded' IDN hostname. (bug 1264451)
1557       filename = url.host().empty() ? kFinalFallbackName : url.host();
1558     } else {
1559       NOTREACHED();
1560     }
1561   }
1562 
1563 #if defined(OS_WIN)
1564   string16 path = UTF8ToUTF16(filename);
1565   file_util::ReplaceIllegalCharactersInPath(&path, '-');
1566   return path;
1567 #else
1568   std::string path = filename;
1569   file_util::ReplaceIllegalCharactersInPath(&path, '-');
1570   return UTF8ToUTF16(path);
1571 #endif
1572 }
1573 
IsPortAllowedByDefault(int port)1574 bool IsPortAllowedByDefault(int port) {
1575   int array_size = arraysize(kRestrictedPorts);
1576   for (int i = 0; i < array_size; i++) {
1577     if (kRestrictedPorts[i] == port) {
1578       return false;
1579     }
1580   }
1581   return true;
1582 }
1583 
IsPortAllowedByFtp(int port)1584 bool IsPortAllowedByFtp(int port) {
1585   int array_size = arraysize(kAllowedFtpPorts);
1586   for (int i = 0; i < array_size; i++) {
1587     if (kAllowedFtpPorts[i] == port) {
1588         return true;
1589     }
1590   }
1591   // Port not explicitly allowed by FTP, so return the default restrictions.
1592   return IsPortAllowedByDefault(port);
1593 }
1594 
IsPortAllowedByOverride(int port)1595 bool IsPortAllowedByOverride(int port) {
1596   if (explicitly_allowed_ports.empty())
1597     return false;
1598 
1599   return explicitly_allowed_ports.count(port) > 0;
1600 }
1601 
SetNonBlocking(int fd)1602 int SetNonBlocking(int fd) {
1603 #if defined(OS_WIN)
1604   unsigned long no_block = 1;
1605   return ioctlsocket(fd, FIONBIO, &no_block);
1606 #elif defined(OS_POSIX)
1607   int flags = fcntl(fd, F_GETFL, 0);
1608   if (-1 == flags)
1609     return flags;
1610   return fcntl(fd, F_SETFL, flags | O_NONBLOCK);
1611 #endif
1612 }
1613 
ParseHostAndPort(std::string::const_iterator host_and_port_begin,std::string::const_iterator host_and_port_end,std::string * host,int * port)1614 bool ParseHostAndPort(std::string::const_iterator host_and_port_begin,
1615                       std::string::const_iterator host_and_port_end,
1616                       std::string* host,
1617                       int* port) {
1618   if (host_and_port_begin >= host_and_port_end)
1619     return false;
1620 
1621   // When using url_parse, we use char*.
1622   const char* auth_begin = &(*host_and_port_begin);
1623   int auth_len = host_and_port_end - host_and_port_begin;
1624 
1625   url_parse::Component auth_component(0, auth_len);
1626   url_parse::Component username_component;
1627   url_parse::Component password_component;
1628   url_parse::Component hostname_component;
1629   url_parse::Component port_component;
1630 
1631   url_parse::ParseAuthority(auth_begin, auth_component, &username_component,
1632       &password_component, &hostname_component, &port_component);
1633 
1634   // There shouldn't be a username/password.
1635   if (username_component.is_valid() || password_component.is_valid())
1636     return false;
1637 
1638   if (!hostname_component.is_nonempty())
1639     return false;  // Failed parsing.
1640 
1641   int parsed_port_number = -1;
1642   if (port_component.is_nonempty()) {
1643     parsed_port_number = url_parse::ParsePort(auth_begin, port_component);
1644 
1645     // If parsing failed, port_number will be either PORT_INVALID or
1646     // PORT_UNSPECIFIED, both of which are negative.
1647     if (parsed_port_number < 0)
1648       return false;  // Failed parsing the port number.
1649   }
1650 
1651   if (port_component.len == 0)
1652     return false;  // Reject inputs like "foo:"
1653 
1654   // Pass results back to caller.
1655   host->assign(auth_begin + hostname_component.begin, hostname_component.len);
1656   *port = parsed_port_number;
1657 
1658   return true;  // Success.
1659 }
1660 
ParseHostAndPort(const std::string & host_and_port,std::string * host,int * port)1661 bool ParseHostAndPort(const std::string& host_and_port,
1662                       std::string* host,
1663                       int* port) {
1664   return ParseHostAndPort(
1665       host_and_port.begin(), host_and_port.end(), host, port);
1666 }
1667 
GetHostAndPort(const GURL & url)1668 std::string GetHostAndPort(const GURL& url) {
1669   // For IPv6 literals, GURL::host() already includes the brackets so it is
1670   // safe to just append a colon.
1671   return base::StringPrintf("%s:%d", url.host().c_str(),
1672                             url.EffectiveIntPort());
1673 }
1674 
GetHostAndOptionalPort(const GURL & url)1675 std::string GetHostAndOptionalPort(const GURL& url) {
1676   // For IPv6 literals, GURL::host() already includes the brackets
1677   // so it is safe to just append a colon.
1678   if (url.has_port())
1679     return base::StringPrintf("%s:%s", url.host().c_str(), url.port().c_str());
1680   return url.host();
1681 }
1682 
NetAddressToString(const struct addrinfo * net_address)1683 std::string NetAddressToString(const struct addrinfo* net_address) {
1684   return NetAddressToString(net_address->ai_addr, net_address->ai_addrlen);
1685 }
1686 
NetAddressToString(const struct sockaddr * net_address,socklen_t address_len)1687 std::string NetAddressToString(const struct sockaddr* net_address,
1688                                socklen_t address_len) {
1689 #if defined(OS_WIN)
1690   EnsureWinsockInit();
1691 #endif
1692 
1693   // This buffer is large enough to fit the biggest IPv6 string.
1694   char buffer[INET6_ADDRSTRLEN];
1695 
1696   int result = getnameinfo(net_address, address_len, buffer, sizeof(buffer),
1697                            NULL, 0, NI_NUMERICHOST);
1698 
1699   if (result != 0) {
1700     DVLOG(1) << "getnameinfo() failed with " << result << ": "
1701              << gai_strerror(result);
1702     buffer[0] = '\0';
1703   }
1704   return std::string(buffer);
1705 }
1706 
NetAddressToStringWithPort(const struct addrinfo * net_address)1707 std::string NetAddressToStringWithPort(const struct addrinfo* net_address) {
1708   return NetAddressToStringWithPort(
1709       net_address->ai_addr, net_address->ai_addrlen);
1710 }
NetAddressToStringWithPort(const struct sockaddr * net_address,socklen_t address_len)1711 std::string NetAddressToStringWithPort(const struct sockaddr* net_address,
1712                                        socklen_t address_len) {
1713   std::string ip_address_string = NetAddressToString(net_address, address_len);
1714   if (ip_address_string.empty())
1715     return std::string();  // Failed.
1716 
1717   int port = GetPortFromSockaddr(net_address, address_len);
1718 
1719   if (ip_address_string.find(':') != std::string::npos) {
1720     // Surround with square brackets to avoid ambiguity.
1721     return base::StringPrintf("[%s]:%d", ip_address_string.c_str(), port);
1722   }
1723 
1724   return base::StringPrintf("%s:%d", ip_address_string.c_str(), port);
1725 }
1726 
GetHostName()1727 std::string GetHostName() {
1728 #if defined(OS_WIN)
1729   EnsureWinsockInit();
1730 #endif
1731 
1732   // Host names are limited to 255 bytes.
1733   char buffer[256];
1734   int result = gethostname(buffer, sizeof(buffer));
1735   if (result != 0) {
1736     DVLOG(1) << "gethostname() failed with " << result;
1737     buffer[0] = '\0';
1738   }
1739   return std::string(buffer);
1740 }
1741 
GetIdentityFromURL(const GURL & url,string16 * username,string16 * password)1742 void GetIdentityFromURL(const GURL& url,
1743                         string16* username,
1744                         string16* password) {
1745   UnescapeRule::Type flags =
1746       UnescapeRule::SPACES | UnescapeRule::URL_SPECIAL_CHARS;
1747   *username = UnescapeAndDecodeUTF8URLComponent(url.username(), flags, NULL);
1748   *password = UnescapeAndDecodeUTF8URLComponent(url.password(), flags, NULL);
1749 }
1750 
GetHostOrSpecFromURL(const GURL & url)1751 std::string GetHostOrSpecFromURL(const GURL& url) {
1752   return url.has_host() ? TrimEndingDot(url.host()) : url.spec();
1753 }
1754 
AppendFormattedHostWithOffsets(const GURL & url,const std::wstring & languages,std::wstring * output,url_parse::Parsed * new_parsed,std::vector<size_t> * offsets_for_adjustment)1755 void AppendFormattedHostWithOffsets(
1756     const GURL& url,
1757     const std::wstring& languages,
1758     std::wstring* output,
1759     url_parse::Parsed* new_parsed,
1760     std::vector<size_t>* offsets_for_adjustment) {
1761   DCHECK(output);
1762   const url_parse::Component& host =
1763       url.parsed_for_possibly_invalid_spec().host;
1764 
1765   if (host.is_nonempty()) {
1766     // Handle possible IDN in the host name.
1767     size_t host_begin = output->length();
1768     if (new_parsed)
1769       new_parsed->host.begin = static_cast<int>(host_begin);
1770     size_t old_host_len = static_cast<size_t>(host.len);
1771 
1772     // Compose a list of offsets within the host area.
1773     std::vector<size_t> offsets_into_host =
1774         OffsetsIntoSection(offsets_for_adjustment, host_begin);
1775 
1776     const std::string& spec = url.possibly_invalid_spec();
1777     DCHECK(host.begin >= 0 &&
1778            ((spec.length() == 0 && host.begin == 0) ||
1779             host.begin < static_cast<int>(spec.length())));
1780     output->append(IDNToUnicodeWithOffsets(&spec[host.begin], old_host_len,
1781                                             languages, &offsets_into_host));
1782 
1783     size_t new_host_len = output->length() - host_begin;
1784     if (new_parsed)
1785       new_parsed->host.len = static_cast<int>(new_host_len);
1786 
1787     // Apply offset adjustments.
1788     ApplySectionAdjustments(offsets_into_host, offsets_for_adjustment,
1789         old_host_len, new_host_len, host_begin);
1790   } else if (new_parsed) {
1791     new_parsed->host.reset();
1792   }
1793 }
1794 
AppendFormattedHost(const GURL & url,const std::wstring & languages,std::wstring * output,url_parse::Parsed * new_parsed,size_t * offset_for_adjustment)1795 void AppendFormattedHost(const GURL& url,
1796                          const std::wstring& languages,
1797                          std::wstring* output,
1798                          url_parse::Parsed* new_parsed,
1799                          size_t* offset_for_adjustment) {
1800   std::vector<size_t> offsets;
1801   if (offset_for_adjustment)
1802     offsets.push_back(*offset_for_adjustment);
1803   AppendFormattedHostWithOffsets(url, languages, output, new_parsed, &offsets);
1804   if (offset_for_adjustment)
1805     *offset_for_adjustment = offsets[0];
1806 }
1807 
1808 // TODO(viettrungluu): convert the wstring |FormatUrlInternal()|.
FormatUrlWithOffsets(const GURL & url,const std::string & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,std::vector<size_t> * offsets_for_adjustment)1809 string16 FormatUrlWithOffsets(const GURL& url,
1810                               const std::string& languages,
1811                               FormatUrlTypes format_types,
1812                               UnescapeRule::Type unescape_rules,
1813                               url_parse::Parsed* new_parsed,
1814                               size_t* prefix_end,
1815                               std::vector<size_t>* offsets_for_adjustment) {
1816   return WideToUTF16Hack(
1817       FormatUrlInternal(url, ASCIIToWide(languages), format_types,
1818                         unescape_rules, new_parsed, prefix_end,
1819                         offsets_for_adjustment));
1820 }
1821 
FormatUrl(const GURL & url,const std::string & languages,FormatUrlTypes format_types,UnescapeRule::Type unescape_rules,url_parse::Parsed * new_parsed,size_t * prefix_end,size_t * offset_for_adjustment)1822 string16 FormatUrl(const GURL& url,
1823                    const std::string& languages,
1824                    FormatUrlTypes format_types,
1825                    UnescapeRule::Type unescape_rules,
1826                    url_parse::Parsed* new_parsed,
1827                    size_t* prefix_end,
1828                    size_t* offset_for_adjustment) {
1829   std::vector<size_t> offsets;
1830   if (offset_for_adjustment)
1831     offsets.push_back(*offset_for_adjustment);
1832   string16 result = WideToUTF16Hack(
1833       FormatUrlInternal(url, ASCIIToWide(languages), format_types,
1834                         unescape_rules, new_parsed, prefix_end, &offsets));
1835   if (offset_for_adjustment)
1836     *offset_for_adjustment = offsets[0];
1837   return result;
1838 }
1839 
CanStripTrailingSlash(const GURL & url)1840 bool CanStripTrailingSlash(const GURL& url) {
1841   // Omit the path only for standard, non-file URLs with nothing but "/" after
1842   // the hostname.
1843   return url.IsStandard() && !url.SchemeIsFile() && !url.has_query() &&
1844       !url.has_ref() && url.path() == "/";
1845 }
1846 
SimplifyUrlForRequest(const GURL & url)1847 GURL SimplifyUrlForRequest(const GURL& url) {
1848   DCHECK(url.is_valid());
1849   GURL::Replacements replacements;
1850   replacements.ClearUsername();
1851   replacements.ClearPassword();
1852   replacements.ClearRef();
1853   return url.ReplaceComponents(replacements);
1854 }
1855 
1856 // Specifies a comma separated list of port numbers that should be accepted
1857 // despite bans. If the string is invalid no allowed ports are stored.
SetExplicitlyAllowedPorts(const std::string & allowed_ports)1858 void SetExplicitlyAllowedPorts(const std::string& allowed_ports) {
1859   if (allowed_ports.empty())
1860     return;
1861 
1862   std::multiset<int> ports;
1863   size_t last = 0;
1864   size_t size = allowed_ports.size();
1865   // The comma delimiter.
1866   const std::string::value_type kComma = ',';
1867 
1868   // Overflow is still possible for evil user inputs.
1869   for (size_t i = 0; i <= size; ++i) {
1870     // The string should be composed of only digits and commas.
1871     if (i != size && !IsAsciiDigit(allowed_ports[i]) &&
1872         (allowed_ports[i] != kComma))
1873       return;
1874     if (i == size || allowed_ports[i] == kComma) {
1875       if (i > last) {
1876         int port;
1877         base::StringToInt(allowed_ports.begin() + last,
1878                           allowed_ports.begin() + i,
1879                           &port);
1880         ports.insert(port);
1881       }
1882       last = i + 1;
1883     }
1884   }
1885   explicitly_allowed_ports = ports;
1886 }
1887 
ScopedPortException(int port)1888 ScopedPortException::ScopedPortException(int port) : port_(port) {
1889   explicitly_allowed_ports.insert(port);
1890 }
1891 
~ScopedPortException()1892 ScopedPortException::~ScopedPortException() {
1893   std::multiset<int>::iterator it = explicitly_allowed_ports.find(port_);
1894   if (it != explicitly_allowed_ports.end())
1895     explicitly_allowed_ports.erase(it);
1896   else
1897     NOTREACHED();
1898 }
1899 
1900 enum IPv6SupportStatus {
1901   IPV6_CANNOT_CREATE_SOCKETS,
1902   IPV6_CAN_CREATE_SOCKETS,
1903   IPV6_GETIFADDRS_FAILED,
1904   IPV6_GLOBAL_ADDRESS_MISSING,
1905   IPV6_GLOBAL_ADDRESS_PRESENT,
1906   IPV6_INTERFACE_ARRAY_TOO_SHORT,
1907   IPV6_SUPPORT_MAX  // Bounding values for enumeration.
1908 };
1909 
IPv6SupportResults(IPv6SupportStatus result)1910 static void IPv6SupportResults(IPv6SupportStatus result) {
1911   static bool run_once = false;
1912   if (!run_once) {
1913     run_once = true;
1914     UMA_HISTOGRAM_ENUMERATION("Net.IPv6Status", result, IPV6_SUPPORT_MAX);
1915   } else {
1916     UMA_HISTOGRAM_ENUMERATION("Net.IPv6Status_retest", result,
1917                               IPV6_SUPPORT_MAX);
1918   }
1919 }
1920 
1921 // TODO(jar): The following is a simple estimate of IPv6 support.  We may need
1922 // to do a test resolution, and a test connection, to REALLY verify support.
1923 // static
IPv6Supported()1924 bool IPv6Supported() {
1925 #ifdef ANDROID
1926   // Android does not have the ifaddrs.h header
1927   return false;
1928 #elif defined(OS_POSIX)
1929   int test_socket = socket(AF_INET6, SOCK_STREAM, 0);
1930   if (test_socket == -1) {
1931     IPv6SupportResults(IPV6_CANNOT_CREATE_SOCKETS);
1932     return false;
1933   }
1934   close(test_socket);
1935 
1936   // Check to see if any interface has a IPv6 address.
1937   struct ifaddrs* interface_addr = NULL;
1938   int rv = getifaddrs(&interface_addr);
1939   if (rv != 0) {
1940      IPv6SupportResults(IPV6_GETIFADDRS_FAILED);
1941      return true;  // Don't yet block IPv6.
1942   }
1943 
1944   bool found_ipv6 = false;
1945   for (struct ifaddrs* interface = interface_addr;
1946        interface != NULL;
1947        interface = interface->ifa_next) {
1948     if (!(IFF_UP & interface->ifa_flags))
1949       continue;
1950     if (IFF_LOOPBACK & interface->ifa_flags)
1951       continue;
1952     struct sockaddr* addr = interface->ifa_addr;
1953     if (!addr)
1954       continue;
1955     if (addr->sa_family != AF_INET6)
1956       continue;
1957     // Safe cast since this is AF_INET6.
1958     struct sockaddr_in6* addr_in6 =
1959         reinterpret_cast<struct sockaddr_in6*>(addr);
1960     struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
1961     if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
1962       continue;
1963     found_ipv6 = true;
1964     break;
1965   }
1966   freeifaddrs(interface_addr);
1967   if (!found_ipv6) {
1968     IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
1969     return false;
1970   }
1971 
1972   IPv6SupportResults(IPV6_GLOBAL_ADDRESS_PRESENT);
1973   return true;
1974 #elif defined(OS_WIN)
1975   EnsureWinsockInit();
1976   SOCKET test_socket = socket(AF_INET6, SOCK_STREAM, 0);
1977   if (test_socket == INVALID_SOCKET) {
1978     IPv6SupportResults(IPV6_CANNOT_CREATE_SOCKETS);
1979     return false;
1980   }
1981   closesocket(test_socket);
1982 
1983   // Check to see if any interface has a IPv6 address.
1984   // The GetAdaptersAddresses MSDN page recommends using a size of 15000 to
1985   // avoid reallocation.
1986   ULONG adapters_size = 15000;
1987   scoped_ptr_malloc<IP_ADAPTER_ADDRESSES> adapters;
1988   ULONG error;
1989   int num_tries = 0;
1990   do {
1991     adapters.reset(
1992         reinterpret_cast<PIP_ADAPTER_ADDRESSES>(malloc(adapters_size)));
1993     // Return only unicast addresses.
1994     error = GetAdaptersAddresses(AF_UNSPEC,
1995                                  GAA_FLAG_SKIP_ANYCAST |
1996                                  GAA_FLAG_SKIP_MULTICAST |
1997                                  GAA_FLAG_SKIP_DNS_SERVER |
1998                                  GAA_FLAG_SKIP_FRIENDLY_NAME,
1999                                  NULL, adapters.get(), &adapters_size);
2000     num_tries++;
2001   } while (error == ERROR_BUFFER_OVERFLOW && num_tries <= 3);
2002   if (error == ERROR_NO_DATA) {
2003     IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
2004     return false;
2005   }
2006   if (error != ERROR_SUCCESS) {
2007     IPv6SupportResults(IPV6_GETIFADDRS_FAILED);
2008     return true;  // Don't yet block IPv6.
2009   }
2010 
2011   PIP_ADAPTER_ADDRESSES adapter;
2012   for (adapter = adapters.get(); adapter; adapter = adapter->Next) {
2013     if (adapter->OperStatus != IfOperStatusUp)
2014       continue;
2015     if (adapter->IfType == IF_TYPE_SOFTWARE_LOOPBACK)
2016       continue;
2017     PIP_ADAPTER_UNICAST_ADDRESS unicast_address;
2018     for (unicast_address = adapter->FirstUnicastAddress;
2019          unicast_address;
2020          unicast_address = unicast_address->Next) {
2021       if (unicast_address->Address.lpSockaddr->sa_family != AF_INET6)
2022         continue;
2023       // Safe cast since this is AF_INET6.
2024       struct sockaddr_in6* addr_in6 = reinterpret_cast<struct sockaddr_in6*>(
2025           unicast_address->Address.lpSockaddr);
2026       struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
2027       if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
2028         continue;
2029       IPv6SupportResults(IPV6_GLOBAL_ADDRESS_PRESENT);
2030       return true;
2031     }
2032   }
2033 
2034   IPv6SupportResults(IPV6_GLOBAL_ADDRESS_MISSING);
2035   return false;
2036 #else
2037   NOTIMPLEMENTED();
2038   return true;
2039 #endif  // defined(various platforms)
2040 }
2041 
HaveOnlyLoopbackAddresses()2042 bool HaveOnlyLoopbackAddresses() {
2043 #if defined(ANDROID)
2044   // Android has no <ifaddrs.h>
2045   return false;
2046 #elif defined(OS_POSIX)
2047   struct ifaddrs* interface_addr = NULL;
2048   int rv = getifaddrs(&interface_addr);
2049   if (rv != 0) {
2050     DVLOG(1) << "getifaddrs() failed with errno = " << errno;
2051     return false;
2052   }
2053 
2054   bool result = true;
2055   for (struct ifaddrs* interface = interface_addr;
2056        interface != NULL;
2057        interface = interface->ifa_next) {
2058     if (!(IFF_UP & interface->ifa_flags))
2059       continue;
2060     if (IFF_LOOPBACK & interface->ifa_flags)
2061       continue;
2062     const struct sockaddr* addr = interface->ifa_addr;
2063     if (!addr)
2064       continue;
2065     if (addr->sa_family == AF_INET6) {
2066       // Safe cast since this is AF_INET6.
2067       const struct sockaddr_in6* addr_in6 =
2068           reinterpret_cast<const struct sockaddr_in6*>(addr);
2069       const struct in6_addr* sin6_addr = &addr_in6->sin6_addr;
2070       if (IN6_IS_ADDR_LOOPBACK(sin6_addr) || IN6_IS_ADDR_LINKLOCAL(sin6_addr))
2071         continue;
2072     }
2073     if (addr->sa_family != AF_INET6 && addr->sa_family != AF_INET)
2074       continue;
2075 
2076     result = false;
2077     break;
2078   }
2079   freeifaddrs(interface_addr);
2080   return result;
2081 #elif defined(OS_WIN)
2082   // TODO(wtc): implement with the GetAdaptersAddresses function.
2083   NOTIMPLEMENTED();
2084   return false;
2085 #else
2086   NOTIMPLEMENTED();
2087   return false;
2088 #endif  // defined(various platforms)
2089 }
2090 
ParseIPLiteralToNumber(const std::string & ip_literal,IPAddressNumber * ip_number)2091 bool ParseIPLiteralToNumber(const std::string& ip_literal,
2092                             IPAddressNumber* ip_number) {
2093   // |ip_literal| could be either a IPv4 or an IPv6 literal. If it contains
2094   // a colon however, it must be an IPv6 address.
2095   if (ip_literal.find(':') != std::string::npos) {
2096     // GURL expects IPv6 hostnames to be surrounded with brackets.
2097     std::string host_brackets = "[" + ip_literal + "]";
2098     url_parse::Component host_comp(0, host_brackets.size());
2099 
2100     // Try parsing the hostname as an IPv6 literal.
2101     ip_number->resize(16);  // 128 bits.
2102     return url_canon::IPv6AddressToNumber(host_brackets.data(),
2103                                           host_comp,
2104                                           &(*ip_number)[0]);
2105   }
2106 
2107   // Otherwise the string is an IPv4 address.
2108   ip_number->resize(4);  // 32 bits.
2109   url_parse::Component host_comp(0, ip_literal.size());
2110   int num_components;
2111   url_canon::CanonHostInfo::Family family = url_canon::IPv4AddressToNumber(
2112       ip_literal.data(), host_comp, &(*ip_number)[0], &num_components);
2113   return family == url_canon::CanonHostInfo::IPV4;
2114 }
2115 
ConvertIPv4NumberToIPv6Number(const IPAddressNumber & ipv4_number)2116 IPAddressNumber ConvertIPv4NumberToIPv6Number(
2117     const IPAddressNumber& ipv4_number) {
2118   DCHECK(ipv4_number.size() == 4);
2119 
2120   // IPv4-mapped addresses are formed by:
2121   // <80 bits of zeros>  + <16 bits of ones> + <32-bit IPv4 address>.
2122   IPAddressNumber ipv6_number;
2123   ipv6_number.reserve(16);
2124   ipv6_number.insert(ipv6_number.end(), 10, 0);
2125   ipv6_number.push_back(0xFF);
2126   ipv6_number.push_back(0xFF);
2127   ipv6_number.insert(ipv6_number.end(), ipv4_number.begin(), ipv4_number.end());
2128   return ipv6_number;
2129 }
2130 
ParseCIDRBlock(const std::string & cidr_literal,IPAddressNumber * ip_number,size_t * prefix_length_in_bits)2131 bool ParseCIDRBlock(const std::string& cidr_literal,
2132                     IPAddressNumber* ip_number,
2133                     size_t* prefix_length_in_bits) {
2134   // We expect CIDR notation to match one of these two templates:
2135   //   <IPv4-literal> "/" <number of bits>
2136   //   <IPv6-literal> "/" <number of bits>
2137 
2138   std::vector<std::string> parts;
2139   base::SplitString(cidr_literal, '/', &parts);
2140   if (parts.size() != 2)
2141     return false;
2142 
2143   // Parse the IP address.
2144   if (!ParseIPLiteralToNumber(parts[0], ip_number))
2145     return false;
2146 
2147   // Parse the prefix length.
2148   int number_of_bits = -1;
2149   if (!base::StringToInt(parts[1], &number_of_bits))
2150     return false;
2151 
2152   // Make sure the prefix length is in a valid range.
2153   if (number_of_bits < 0 ||
2154       number_of_bits > static_cast<int>(ip_number->size() * 8))
2155     return false;
2156 
2157   *prefix_length_in_bits = static_cast<size_t>(number_of_bits);
2158   return true;
2159 }
2160 
IPNumberMatchesPrefix(const IPAddressNumber & ip_number,const IPAddressNumber & ip_prefix,size_t prefix_length_in_bits)2161 bool IPNumberMatchesPrefix(const IPAddressNumber& ip_number,
2162                            const IPAddressNumber& ip_prefix,
2163                            size_t prefix_length_in_bits) {
2164   // Both the input IP address and the prefix IP address should be
2165   // either IPv4 or IPv6.
2166   DCHECK(ip_number.size() == 4 || ip_number.size() == 16);
2167   DCHECK(ip_prefix.size() == 4 || ip_prefix.size() == 16);
2168 
2169   DCHECK_LE(prefix_length_in_bits, ip_prefix.size() * 8);
2170 
2171   // In case we have an IPv6 / IPv4 mismatch, convert the IPv4 addresses to
2172   // IPv6 addresses in order to do the comparison.
2173   if (ip_number.size() != ip_prefix.size()) {
2174     if (ip_number.size() == 4) {
2175       return IPNumberMatchesPrefix(ConvertIPv4NumberToIPv6Number(ip_number),
2176                                    ip_prefix, prefix_length_in_bits);
2177     }
2178     return IPNumberMatchesPrefix(ip_number,
2179                                  ConvertIPv4NumberToIPv6Number(ip_prefix),
2180                                  96 + prefix_length_in_bits);
2181   }
2182 
2183   // Otherwise we are comparing two IPv4 addresses, or two IPv6 addresses.
2184   // Compare all the bytes that fall entirely within the prefix.
2185   int num_entire_bytes_in_prefix = prefix_length_in_bits / 8;
2186   for (int i = 0; i < num_entire_bytes_in_prefix; ++i) {
2187     if (ip_number[i] != ip_prefix[i])
2188       return false;
2189   }
2190 
2191   // In case the prefix was not a multiple of 8, there will be 1 byte
2192   // which is only partially masked.
2193   int remaining_bits = prefix_length_in_bits % 8;
2194   if (remaining_bits != 0) {
2195     unsigned char mask = 0xFF << (8 - remaining_bits);
2196     int i = num_entire_bytes_in_prefix;
2197     if ((ip_number[i] & mask) != (ip_prefix[i] & mask))
2198       return false;
2199   }
2200 
2201   return true;
2202 }
2203 
CreateCopyOfAddrinfo(const struct addrinfo * info,bool recursive)2204 struct addrinfo* CreateCopyOfAddrinfo(const struct addrinfo* info,
2205                                       bool recursive) {
2206   DCHECK(info);
2207   struct addrinfo* copy = new addrinfo;
2208 
2209   // Copy all the fields (some of these are pointers, we will fix that next).
2210   memcpy(copy, info, sizeof(addrinfo));
2211 
2212   // ai_canonname is a NULL-terminated string.
2213   if (info->ai_canonname) {
2214     copy->ai_canonname = do_strdup(info->ai_canonname);
2215   }
2216 
2217   // ai_addr is a buffer of length ai_addrlen.
2218   if (info->ai_addr) {
2219     copy->ai_addr = reinterpret_cast<sockaddr *>(new char[info->ai_addrlen]);
2220     memcpy(copy->ai_addr, info->ai_addr, info->ai_addrlen);
2221   }
2222 
2223   // Recursive copy.
2224   if (recursive && info->ai_next)
2225     copy->ai_next = CreateCopyOfAddrinfo(info->ai_next, recursive);
2226   else
2227     copy->ai_next = NULL;
2228 
2229   return copy;
2230 }
2231 
FreeCopyOfAddrinfo(struct addrinfo * info)2232 void FreeCopyOfAddrinfo(struct addrinfo* info) {
2233   DCHECK(info);
2234   if (info->ai_canonname)
2235     free(info->ai_canonname);  // Allocated by strdup.
2236 
2237   if (info->ai_addr)
2238     delete [] reinterpret_cast<char*>(info->ai_addr);
2239 
2240   struct addrinfo* next = info->ai_next;
2241 
2242   delete info;
2243 
2244   // Recursive free.
2245   if (next)
2246     FreeCopyOfAddrinfo(next);
2247 }
2248 
2249 // Returns the port field of the sockaddr in |info|.
GetPortFieldFromAddrinfo(struct addrinfo * info)2250 uint16* GetPortFieldFromAddrinfo(struct addrinfo* info) {
2251   const struct addrinfo* const_info = info;
2252   const uint16* port_field = GetPortFieldFromAddrinfo(const_info);
2253   return const_cast<uint16*>(port_field);
2254 }
2255 
GetPortFieldFromAddrinfo(const struct addrinfo * info)2256 const uint16* GetPortFieldFromAddrinfo(const struct addrinfo* info) {
2257   DCHECK(info);
2258   const struct sockaddr* address = info->ai_addr;
2259   DCHECK(address);
2260   DCHECK_EQ(info->ai_family, address->sa_family);
2261   return GetPortFieldFromSockaddr(address, info->ai_addrlen);
2262 }
2263 
GetPortFromAddrinfo(const struct addrinfo * info)2264 int GetPortFromAddrinfo(const struct addrinfo* info) {
2265   const uint16* port_field = GetPortFieldFromAddrinfo(info);
2266   if (!port_field)
2267     return -1;
2268   return ntohs(*port_field);
2269 }
2270 
GetPortFieldFromSockaddr(const struct sockaddr * address,socklen_t address_len)2271 const uint16* GetPortFieldFromSockaddr(const struct sockaddr* address,
2272                                        socklen_t address_len) {
2273   if (address->sa_family == AF_INET) {
2274     DCHECK_LE(sizeof(sockaddr_in), static_cast<size_t>(address_len));
2275     const struct sockaddr_in* sockaddr =
2276         reinterpret_cast<const struct sockaddr_in*>(address);
2277     return &sockaddr->sin_port;
2278   } else if (address->sa_family == AF_INET6) {
2279     DCHECK_LE(sizeof(sockaddr_in6), static_cast<size_t>(address_len));
2280     const struct sockaddr_in6* sockaddr =
2281         reinterpret_cast<const struct sockaddr_in6*>(address);
2282     return &sockaddr->sin6_port;
2283   } else {
2284     NOTREACHED();
2285     return NULL;
2286   }
2287 }
2288 
GetPortFromSockaddr(const struct sockaddr * address,socklen_t address_len)2289 int GetPortFromSockaddr(const struct sockaddr* address, socklen_t address_len) {
2290   const uint16* port_field = GetPortFieldFromSockaddr(address, address_len);
2291   if (!port_field)
2292     return -1;
2293   return ntohs(*port_field);
2294 }
2295 
IsLocalhost(const std::string & host)2296 bool IsLocalhost(const std::string& host) {
2297   if (host == "localhost" ||
2298       host == "localhost.localdomain" ||
2299       host == "localhost6" ||
2300       host == "localhost6.localdomain6")
2301     return true;
2302 
2303   IPAddressNumber ip_number;
2304   if (ParseIPLiteralToNumber(host, &ip_number)) {
2305     size_t size = ip_number.size();
2306     switch (size) {
2307       case kIPv4AddressSize: {
2308         IPAddressNumber localhost_prefix;
2309         localhost_prefix.push_back(127);
2310         for (int i = 0; i < 3; ++i) {
2311           localhost_prefix.push_back(0);
2312         }
2313         return IPNumberMatchesPrefix(ip_number, localhost_prefix, 8);
2314       }
2315 
2316       case kIPv6AddressSize: {
2317         struct in6_addr sin6_addr;
2318         memcpy(&sin6_addr, &ip_number[0], kIPv6AddressSize);
2319         return !!IN6_IS_ADDR_LOOPBACK(&sin6_addr);
2320       }
2321 
2322       default:
2323         NOTREACHED();
2324     }
2325   }
2326 
2327   return false;
2328 }
2329 
NetworkInterface()2330 NetworkInterface::NetworkInterface() {
2331 }
2332 
NetworkInterface(const std::string & name,const IPAddressNumber & address)2333 NetworkInterface::NetworkInterface(const std::string& name,
2334                                    const IPAddressNumber& address)
2335     : name(name), address(address) {
2336 }
2337 
~NetworkInterface()2338 NetworkInterface::~NetworkInterface() {
2339 }
2340 
ClampComponentOffset(size_t component_start)2341 ClampComponentOffset::ClampComponentOffset(size_t component_start)
2342   : component_start(component_start) {}
2343 
operator ()(size_t offset)2344 size_t ClampComponentOffset::operator()(size_t offset) {
2345   return (offset >= component_start) ?
2346       offset : std::wstring::npos;
2347 }
2348 
2349 }  // namespace net
2350