Resolve RFC 6761 localhost names to loopback

net/base/net_util.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/base/net_util.h"
 
 #include <errno.h>
 #include <string.h>
 
 #include <algorithm>
@@ skipping 27 matching lines @@
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_piece.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/strings/utf_string_conversions.h"
 #include "base/sys_byteorder.h"
 #include "base/values.h"
+#include "net/base/address_list.h"
 #include "net/base/dns_util.h"
 #include "net/base/ip_address_number.h"
 #include "net/base/net_module.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
 #include "net/grit/net_resources.h"
 #include "net/http/http_content_disposition.h"
 #include "url/gurl.h"
 #include "url/third_party/mozilla/url_parse.h"
 #include "url/url_canon.h"
 #include "url/url_canon_ip.h"
@@ skipping 81 matching lines @@
           // third_party/WebKit/Source/platform/weborigin/KURL.cpp,
           // KURL::port())
 };
 
 // FTP overrides the following restricted ports.
 static const int kAllowedFtpPorts[] = {
   21,   // ftp data
   22,   // ssh
 };
 
+std::string NormalizeHostname(const std::string& host) {
+  std::string result = base::StringToLowerASCII(host);
+  if (!result.empty() && *result.rbegin() == '.')
+    result.resize(result.size() - 1);
+  return result;
+}
+
+bool IsNormalizedLocalhostTLD(const std::string& host) {

[Deprecated (see juliatuttle), 2015/06/16 14:53:39]

Do we want to also catch hostnames like "foo.localhost6"?

[estark, 2015/06/16 15:40:15]

Hmm, I'm not sure. My preference is to stick as close as possible to names that
are in the RFC, even though we already have some that aren't (e.g.
.localdomain).

+  return EndsWith(host, ".localhost", true);
+}
+
+// |host| should be normalized.
+bool IsLocalHostname(const std::string& host) {
+  return host == "localhost" || host == "localhost.localdomain" ||
+         IsNormalizedLocalhostTLD(host);
+}
+
+// |host| should be normalized.
+bool IsLocal6Hostname(const std::string& host) {
+  return host == "localhost6" || host == "localhost6.localdomain6";
+}
+
 }  // namespace
 
 static base::LazyInstance<std::multiset<int> >::Leaky
     g_explicitly_allowed_ports = LAZY_INSTANCE_INITIALIZER;
 
 size_t GetCountOfExplicitlyAllowedPorts() {
   return g_explicitly_allowed_ports.Get().size();
 }
 
 std::string GetSpecificHeader(const std::string& headers,
@@ skipping 564 matching lines @@
   }
 }
 
 int GetPortFromSockaddr(const struct sockaddr* address, socklen_t address_len) {
   const uint16_t* port_field = GetPortFieldFromSockaddr(address, address_len);
   if (!port_field)
     return -1;
   return base::NetToHost16(*port_field);
 }
 
+bool ResolveLocalHostname(const std::string& host,
+                          uint16_t port,
+                          AddressList* address_list) {
+  static const unsigned char kLocalhostIPv4[] = {127, 0, 0, 1};
+  static const unsigned char kLocalhostIPv6[] = {
+      0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1};
+
+  std::string normalized_host = NormalizeHostname(host);
+
+  address_list->clear();
+
+  bool is_local6 = IsLocal6Hostname(normalized_host);
+  if (!is_local6 && !IsLocalHostname(normalized_host))
+    return false;
+
+  address_list->push_back(
+      IPEndPoint(IPAddressNumber(kLocalhostIPv6,
+                                 kLocalhostIPv6 + arraysize(kLocalhostIPv6)),
+                 port));
+  if (!is_local6) {
+    address_list->push_back(
+        IPEndPoint(IPAddressNumber(kLocalhostIPv4,
+                                   kLocalhostIPv4 + arraysize(kLocalhostIPv4)),
+                   port));
+  }
+
+  return true;
+}
+
 bool IsLocalhost(const std::string& host) {
-  if (host == "localhost" || host == "localhost.localdomain" ||
-      host == "localhost6" || host == "localhost6.localdomain6" ||
-      IsLocalhostTLD(host))
+  std::string normalized_host = NormalizeHostname(host);
+  if (IsLocalHostname(normalized_host) || IsLocal6Hostname(normalized_host))
     return true;
 
   IPAddressNumber ip_number;
   if (ParseIPLiteralToNumber(host, &ip_number)) {
     size_t size = ip_number.size();
     switch (size) {
       case kIPv4AddressSize: {
         IPAddressNumber localhost_prefix;
         localhost_prefix.push_back(127);
         for (int i = 0; i < 3; ++i) {
@@ skipping 10 matching lines @@
 
       default:
         NOTREACHED();
     }
   }
 
   return false;
 }
 
 bool IsLocalhostTLD(const std::string& host) {
-  const char kLocalhostTLD[] = ".localhost";
-  const size_t kLocalhostTLDLength = arraysize(kLocalhostTLD) - 1;
-
-  if (host.empty())
-    return false;
-
-  size_t host_len = host.size();
-  if (*host.rbegin() == '.')
-    --host_len;
-  if (host_len < kLocalhostTLDLength)
-    return false;
-
-  const char* host_suffix = host.data() + host_len - kLocalhostTLDLength;
-  return base::strncasecmp(host_suffix, kLocalhostTLD, kLocalhostTLDLength) ==
-         0;
+  return IsNormalizedLocalhostTLD(NormalizeHostname(host));
 }
 
 bool HasGoogleHost(const GURL& url) {
   static const char* kGoogleHostSuffixes[] = {
       ".google.com",
       ".youtube.com",
       ".gmail.com",
       ".doubleclick.net",
       ".gstatic.com",
       ".googlevideo.com",
       ".googleusercontent.com",
       ".googlesyndication.com",
       ".google-analytics.com",
       ".googleadservices.com",
       ".googleapis.com",
       ".ytimg.com",
   };
   const std::string& host = url.host();
   for (const char* suffix : kGoogleHostSuffixes) {
     if (EndsWith(host, suffix, false))
       return true;
   }
   return false;
 }
 
 }  // namespace net