OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 package org.chromium.chrome.browser; | 5 package org.chromium.chrome.browser; |
6 | 6 |
7 import android.text.TextUtils; | 7 import android.text.TextUtils; |
8 | 8 |
9 import org.chromium.base.CollectionUtil; | 9 import org.chromium.base.CollectionUtil; |
10 | 10 |
11 import java.net.URI; | 11 import java.net.URI; |
12 import java.net.URISyntaxException; | 12 import java.net.URISyntaxException; |
13 import java.util.HashSet; | 13 import java.util.HashSet; |
14 import java.util.regex.Pattern; | |
14 | 15 |
15 /** | 16 /** |
16 * Utilities for working with URIs (and URLs). These methods may be used in secu rity-sensitive | 17 * Utilities for working with URIs (and URLs). These methods may be used in secu rity-sensitive |
17 * contexts (after all, origins are the security boundary on the web), and so th e correctness bar | 18 * contexts (after all, origins are the security boundary on the web), and so th e correctness bar |
18 * must be high. | 19 * must be high. |
19 */ | 20 */ |
20 public class UrlUtilities { | 21 public class UrlUtilities { |
21 /** | 22 /** |
22 * URI schemes that ContentView can handle. | 23 * URI schemes that ContentView can handle. |
23 */ | 24 */ |
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
200 * no subdomains, from the given URI. Returns an empty string if the URI is invalid, has no host | 201 * no subdomains, from the given URI. Returns an empty string if the URI is invalid, has no host |
201 * (e.g. a file: URI), has multiple trailing dots, is an IP address, has onl y one subcomponent | 202 * (e.g. a file: URI), has multiple trailing dots, is an IP address, has onl y one subcomponent |
202 * (i.e. no dots other than leading/trailing ones), or is itself a recognize d registry | 203 * (i.e. no dots other than leading/trailing ones), or is itself a recognize d registry |
203 * identifier. | 204 * identifier. |
204 */ | 205 */ |
205 public static String getDomainAndRegistry(String uri, boolean includePrivate Registries) { | 206 public static String getDomainAndRegistry(String uri, boolean includePrivate Registries) { |
206 if (TextUtils.isEmpty(uri)) return uri; | 207 if (TextUtils.isEmpty(uri)) return uri; |
207 return nativeGetDomainAndRegistry(uri, includePrivateRegistries); | 208 return nativeGetDomainAndRegistry(uri, includePrivateRegistries); |
208 } | 209 } |
209 | 210 |
211 /** | |
212 * @param url An Android intent:// URL to validate. | |
213 * | |
214 * @throws URISyntaxException if url is not a valid Android intent:// | |
215 * URL, as specified at | |
216 * https://developer.chrome.com/multidevice/android/intents#syntax. | |
217 */ | |
218 public static boolean validateIntentUrl(String url) { | |
219 URI parsed = null; | |
220 try { | |
221 parsed = new URI(url); | |
222 } catch (URISyntaxException e) { | |
223 return false; | |
224 } | |
225 | |
226 if (!parsed.getScheme().equals("intent")) { | |
227 return false; | |
228 } | |
229 if (!Pattern.matches("^[\\w\\.-]*$", parsed.getHost())) { | |
Yaron
2015/04/24 16:04:18
I would build a Matcher and use that since it's re
palmer
2015/04/24 18:05:22
Not exactly; note the allowed "-" (which is legal
| |
230 return false; | |
231 } | |
232 if (!parsed.getPath().isEmpty() && !parsed.getPath().equals("/")) { | |
233 return false; | |
234 } | |
235 | |
236 String[] parts = parsed.getFragment().split(";"); | |
237 if (parts.length < 3 | |
238 || parts.length > 7 | |
Jaekyun Seok (inactive)
2015/04/24 02:05:52
parts.length could be bigger than 7 because extra
palmer
2015/04/24 18:05:22
Done.
| |
239 || !parts[0].equals("Intent") | |
240 || !parts[parts.length - 1].equals("end")) { | |
241 return false; | |
242 } | |
243 | |
244 for (int i = 1; i < parts.length - 1; ++i) { | |
245 // This is OK *only* because no valid package, action, category, | |
246 // component, or scheme contains "=". | |
247 String[] pair = parts[i].split("="); | |
248 if (2 != pair.length) return false; | |
249 | |
250 if (pair[0].equals("package")) { | |
251 if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false; | |
252 } else if (pair[0].equals("action")) { | |
253 if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false; | |
254 } else if (pair[0].equals("category")) { | |
255 if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false; | |
256 } else if (pair[0].equals("component")) { | |
257 if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false; | |
258 } else if (pair[0].equals("scheme")) { | |
259 if (!Pattern.matches("^[a-zA-Z]+$", pair[1])) return false; | |
260 } else { | |
261 return false; | |
262 } | |
263 } | |
264 | |
265 return true; | |
266 } | |
267 | |
210 private static native boolean nativeSameDomainOrHost(String primaryUrl, Stri ng secondaryUrl, | 268 private static native boolean nativeSameDomainOrHost(String primaryUrl, Stri ng secondaryUrl, |
211 boolean includePrivateRegistries); | 269 boolean includePrivateRegistries); |
212 private static native String nativeGetDomainAndRegistry(String url, | 270 private static native String nativeGetDomainAndRegistry(String url, |
213 boolean includePrivateRegistries); | 271 boolean includePrivateRegistries); |
214 public static native boolean nativeIsGoogleSearchUrl(String url); | 272 public static native boolean nativeIsGoogleSearchUrl(String url); |
215 public static native boolean nativeIsGoogleHomePageUrl(String url); | 273 public static native boolean nativeIsGoogleHomePageUrl(String url); |
216 private static native String nativeFixupUrl(String url, String desiredTld); | 274 private static native String nativeFixupUrl(String url, String desiredTld); |
217 } | 275 } |
OLD | NEW |