Add a validator for intent:// URLs.

chrome/android/java/src/org/chromium/chrome/browser/UrlUtilities.java

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.chrome.browser;
 
 import android.text.TextUtils;
 
 import org.chromium.base.CollectionUtil;
 
 import java.net.URI;
 import java.net.URISyntaxException;
 import java.util.HashSet;
+import java.util.regex.Pattern;
 
 /**
  * Utilities for working with URIs (and URLs). These methods may be used in security-sensitive
  * contexts (after all, origins are the security boundary on the web), and so the correctness bar
  * must be high.
  */
 public class UrlUtilities {
     /**
      * URI schemes that ContentView can handle.
      */
@@ skipping 176 matching lines @@
      * no subdomains, from the given URI. Returns an empty string if the URI is invalid, has no host
      * (e.g. a file: URI), has multiple trailing dots, is an IP address, has only one subcomponent
      * (i.e. no dots other than leading/trailing ones), or is itself a recognized registry
      * identifier.
      */
     public static String getDomainAndRegistry(String uri, boolean includePrivateRegistries) {
         if (TextUtils.isEmpty(uri)) return uri;
         return nativeGetDomainAndRegistry(uri, includePrivateRegistries);
     }
 
+    /**
+     * @param url An Android intent:// URL to validate.
+     *
+     * @throws URISyntaxException if url is not a valid Android intent://
+     * URL, as specified at
+     * https://developer.chrome.com/multidevice/android/intents#syntax.
+     */
+    public static boolean validateIntentUrl(String url) {
+        URI parsed = null;
+        try {
+            parsed = new URI(url);
+        } catch (URISyntaxException e) {
+            return false;
+        }
+
+        if (!parsed.getScheme().equals("intent")) {
+            return false;
+        }
+        if (!Pattern.matches("^[\\w\\.-]*$", parsed.getHost())) {

[Yaron, 2015/04/24 16:04:18]

I would build a Matcher and use that since it's re-used throughout the loop

[palmer, 2015/04/24 18:05:22]

Not exactly; note the allowed "-" (which is legal in DNS names but not in e.g.
Java package names, AFAIK).

That said, I do re-use the same pattern several times in the loop, so I suppose
I can pre-compile a Pattern for it.

+            return false;
+        }
+        if (!parsed.getPath().isEmpty() && !parsed.getPath().equals("/")) {
+            return false;
+        }
+
+        String[] parts = parsed.getFragment().split(";");
+        if (parts.length < 3
+                || parts.length > 7

[Jaekyun Seok (inactive), 2015/04/24 02:05:52]

parts.length could be bigger than 7 because extra fields can be added.

[palmer, 2015/04/24 18:05:22]

Done.

+                || !parts[0].equals("Intent")
+                || !parts[parts.length - 1].equals("end")) {
+            return false;
+        }
+
+        for (int i = 1; i < parts.length - 1; ++i) {
+            // This is OK *only* because no valid package, action, category,
+            // component, or scheme contains "=".
+            String[] pair = parts[i].split("=");
+            if (2 != pair.length) return false;
+
+            if (pair[0].equals("package")) {
+                if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false;
+            } else if (pair[0].equals("action")) {
+                if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false;
+            } else if (pair[0].equals("category")) {
+                if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false;
+            } else if (pair[0].equals("component")) {
+                if (!Pattern.matches("^[\\w\\.]+$", pair[1])) return false;
+            } else if (pair[0].equals("scheme")) {
+                if (!Pattern.matches("^[a-zA-Z]+$", pair[1])) return false;
+            } else {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
     private static native boolean nativeSameDomainOrHost(String primaryUrl, String secondaryUrl,
             boolean includePrivateRegistries);
     private static native String nativeGetDomainAndRegistry(String url,
             boolean includePrivateRegistries);
     public static native boolean nativeIsGoogleSearchUrl(String url);
     public static native boolean nativeIsGoogleHomePageUrl(String url);
     private static native String nativeFixupUrl(String url, String desiredTld);
 }