Chromium Code Reviews Chromium Code Reviews
Issue 8839003:
WebSocket Pepper API: validate redundant protocols in Connect() (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "webkit/plugins/ppapi/ppb_websocket_impl.h" | 5 #include "webkit/plugins/ppapi/ppb_websocket_impl.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/values.h" | |
| 11 #include "googleurl/src/gurl.h" | 12 #include "googleurl/src/gurl.h" |
| 12 #include "net/base/net_util.h" | 13 #include "net/base/net_util.h" |
| 13 #include "ppapi/c/pp_completion_callback.h" | 14 #include "ppapi/c/pp_completion_callback.h" |
| 14 #include "ppapi/c/pp_errors.h" | 15 #include "ppapi/c/pp_errors.h" |
| 15 #include "ppapi/c/pp_var.h" | 16 #include "ppapi/c/pp_var.h" |
| 16 #include "ppapi/c/ppb_var.h" | 17 #include "ppapi/c/ppb_var.h" |
| 17 #include "ppapi/shared_impl/var.h" | 18 #include "ppapi/shared_impl/var.h" |
| 18 #include "ppapi/shared_impl/var_tracker.h" | 19 #include "ppapi/shared_impl/var_tracker.h" |
| 19 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebData.h" | 20 #include "third_party/WebKit/Source/WebKit/chromium/public/platform/WebData.h" |
| 20 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h" | 21 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDocument.h" |
| (...skipping 118 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 139 return PP_ERROR_BADARGUMENT; | 140 return PP_ERROR_BADARGUMENT; |
| 140 if (!gurl.SchemeIs("ws") && !gurl.SchemeIs("wss")) | 141 if (!gurl.SchemeIs("ws") && !gurl.SchemeIs("wss")) |
| 141 return PP_ERROR_BADARGUMENT; | 142 return PP_ERROR_BADARGUMENT; |
| 142 if (gurl.has_ref()) | 143 if (gurl.has_ref()) |
| 143 return PP_ERROR_BADARGUMENT; | 144 return PP_ERROR_BADARGUMENT; |
| 144 if (!net::IsPortAllowedByDefault(gurl.IntPort())) | 145 if (!net::IsPortAllowedByDefault(gurl.IntPort())) |
| 145 return PP_ERROR_BADARGUMENT; | 146 return PP_ERROR_BADARGUMENT; |
| 146 WebURL web_url(gurl); | 147 WebURL web_url(gurl); |
| 147 | 148 |
| 148 // Validate protocols and convert it to WebString. | 149 // Validate protocols and convert it to WebString. |
| 149 // TODO(toyoshim): Detect duplicated protocols as error. | |
| 150 std::string protocol_string; | 150 std::string protocol_string; |
| 151 base::DictionaryValue protocol_set; | |
|
dmichael (off chromium)
2011/12/07 20:21:13
Why not just use std::set? This seems like overkil
Takashi Toyoshima
2011/12/08 05:12:46
Oh, that's right.
I misunderstood about std::set<s
| |
| 151 for (uint32_t i = 0; i < protocol_count; i++) { | 152 for (uint32_t i = 0; i < protocol_count; i++) { |
| 152 // TODO(toyoshim): Similar function exist in WebKit::WebSocket. | 153 // TODO(toyoshim): Similar function exist in WebKit::WebSocket. |
| 153 // We must rearrange them into WebKit::WebChannel and share its protocol | 154 // We must rearrange them into WebKit::WebChannel and share its protocol |
| 154 // related implementation via WebKit API. | 155 // related implementation via WebKit API. |
| 155 scoped_refptr<StringVar> string_var; | 156 scoped_refptr<StringVar> string_var; |
| 156 string_var = StringVar::FromPPVar(protocols[i]); | 157 string_var = StringVar::FromPPVar(protocols[i]); |
| 158 | |
| 159 // Check duplicated protocol entries. | |
| 160 if (protocol_set.HasKey(string_var->value())) | |
| 161 return PP_ERROR_BADARGUMENT; | |
| 162 protocol_set.SetBoolean(string_var->value(), true); | |
| 163 | |
| 164 // Check invalid and empty entries. | |
| 157 if (!string_var || !string_var->value().length()) | 165 if (!string_var || !string_var->value().length()) |
| 158 return PP_ERROR_BADARGUMENT; | 166 return PP_ERROR_BADARGUMENT; |
| 167 | |
| 168 // Check containing characters. | |
| 159 for (std::string::const_iterator it = string_var->value().begin(); | 169 for (std::string::const_iterator it = string_var->value().begin(); |
| 160 it != string_var->value().end(); | 170 it != string_var->value().end(); |
| 161 ++it) { | 171 ++it) { |
| 162 uint8_t character = static_cast<uint8_t>(*it); | 172 uint8_t character = static_cast<uint8_t>(*it); |
| 163 // WebSocket specification says "(Subprotocol string must consist of) | 173 // WebSocket specification says "(Subprotocol string must consist of) |
| 164 // characters in the range U+0021 to U+007E not including separator | 174 // characters in the range U+0021 to U+007E not including separator |
| 165 // characters as defined in [RFC2616]." | 175 // characters as defined in [RFC2616]." |
| 166 const uint8_t minimumProtocolCharacter = '!'; // U+0021. | 176 const uint8_t minimumProtocolCharacter = '!'; // U+0021. |
| 167 const uint8_t maximumProtocolCharacter = '~'; // U+007E. | 177 const uint8_t maximumProtocolCharacter = '~'; // U+007E. |
| 168 if (character < minimumProtocolCharacter || | 178 if (character < minimumProtocolCharacter || |
| 169 character > maximumProtocolCharacter || | 179 character > maximumProtocolCharacter || |
| 170 character == '"' || character == '(' || character == ')' || | 180 character == '"' || character == '(' || character == ')' || |
| 171 character == ',' || character == '/' || | 181 character == ',' || character == '/' || |
| 172 (character >= ':' && character <= '@') || // U+003A - U+0040 | 182 (character >= ':' && character <= '@') || // U+003A - U+0040 |
| 173 (character >= '[' && character <= ']') || // U+005B - u+005D | 183 (character >= '[' && character <= ']') || // U+005B - u+005D |
| 174 character == '{' || character == '}') | 184 character == '{' || character == '}') |
| 175 return PP_ERROR_BADARGUMENT; | 185 return PP_ERROR_BADARGUMENT; |
| 176 } | 186 } |
| 187 // Join protocols with the comma separator. | |
| 177 if (i != 0) | 188 if (i != 0) |
| 178 protocol_string.append(","); | 189 protocol_string.append(","); |
| 179 protocol_string.append(string_var->value()); | 190 protocol_string.append(string_var->value()); |
| 180 } | 191 } |
| 181 WebString web_protocols = WebString::fromUTF8(protocol_string); | 192 WebString web_protocols = WebString::fromUTF8(protocol_string); |
| 182 | 193 |
| 183 // Validate |callback| (Doesn't support blocking callback) | 194 // Validate |callback| (Doesn't support blocking callback) |
| 184 if (!callback.func) | 195 if (!callback.func) |
| 185 return PP_ERROR_BLOCKS_MAIN_THREAD; | 196 return PP_ERROR_BLOCKS_MAIN_THREAD; |
| 186 | 197 |
| (...skipping 305 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 492 | 503 |
| 493 *receive_callback_var_ = received_messages_.front(); | 504 *receive_callback_var_ = received_messages_.front(); |
| 494 received_messages_.pop(); | 505 received_messages_.pop(); |
| 495 receive_callback_var_ = NULL; | 506 receive_callback_var_ = NULL; |
| 496 wait_for_receive_ = false; | 507 wait_for_receive_ = false; |
| 497 return PP_OK; | 508 return PP_OK; |
| 498 } | 509 } |
| 499 | 510 |
| 500 } // namespace ppapi | 511 } // namespace ppapi |
| 501 } // namespace webkit | 512 } // namespace webkit |
| OLD | NEW |
