Chromium Code Reviews Chromium Code Reviews
Issue 2411733002:
Check the format of an applicationServerKey when used to register a push subscription. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "modules/push_messaging/PushSubscriptionOptions.h" | 5 #include "modules/push_messaging/PushSubscriptionOptions.h" |
| 6 | 6 |
| 7 #include "bindings/core/v8/ExceptionState.h" | 7 #include "bindings/core/v8/ExceptionState.h" |
| 8 #include "core/dom/DOMArrayBuffer.h" | 8 #include "core/dom/DOMArrayBuffer.h" |
| 9 #include "core/dom/ExceptionCode.h" | 9 #include "core/dom/ExceptionCode.h" |
| 10 #include "modules/push_messaging/PushSubscriptionOptionsInit.h" | 10 #include "modules/push_messaging/PushSubscriptionOptionsInit.h" |
| 11 #include "public/platform/WebString.h" | 11 #include "public/platform/WebString.h" |
| 12 #include "public/platform/modules/push_messaging/WebPushSubscriptionOptions.h" | 12 #include "public/platform/modules/push_messaging/WebPushSubscriptionOptions.h" |
| 13 #include "third_party/WebKit/Source/wtf/ASCIICType.h" | |
| 13 #include "wtf/Assertions.h" | 14 #include "wtf/Assertions.h" |
| 14 #include "wtf/text/WTFString.h" | 15 #include "wtf/text/WTFString.h" |
| 15 | 16 |
| 16 namespace blink { | 17 namespace blink { |
| 17 namespace { | 18 namespace { |
| 18 | 19 |
| 19 const int kMaxApplicationServerKeyLength = 255; | 20 const int kMaxApplicationServerKeyLength = 255; |
| 20 | 21 |
| 22 bool IsNotDigit(char c) { | |
| 23 return !WTF::isASCIIDigit(c); | |
| 24 } | |
| 25 | |
| 21 String bufferSourceToString( | 26 String bufferSourceToString( |
| 22 const ArrayBufferOrArrayBufferView& applicationServerKey, | 27 const ArrayBufferOrArrayBufferView& applicationServerKey, |
| 23 ExceptionState& exceptionState) { | 28 ExceptionState& exceptionState) { |
| 24 // Check the validity of the sender info. It must be a 65-byte uncompressed | |
| 25 // key, which has the byte 0x04 as the first byte as a marker. | |
| 26 unsigned char* input; | 29 unsigned char* input; |
| 27 int length; | 30 int length; |
| 31 // Convert the input array into a string of bytes. | |
| 28 if (applicationServerKey.isArrayBuffer()) { | 32 if (applicationServerKey.isArrayBuffer()) { |
| 29 input = static_cast<unsigned char*>( | 33 input = static_cast<unsigned char*>( |
| 30 applicationServerKey.getAsArrayBuffer()->data()); | 34 applicationServerKey.getAsArrayBuffer()->data()); |
| 31 length = applicationServerKey.getAsArrayBuffer()->byteLength(); | 35 length = applicationServerKey.getAsArrayBuffer()->byteLength(); |
| 32 } else if (applicationServerKey.isArrayBufferView()) { | 36 } else if (applicationServerKey.isArrayBufferView()) { |
| 33 input = static_cast<unsigned char*>( | 37 input = static_cast<unsigned char*>( |
| 34 applicationServerKey.getAsArrayBufferView()->buffer()->data()); | 38 applicationServerKey.getAsArrayBufferView()->buffer()->data()); |
| 35 length = | 39 length = |
| 36 applicationServerKey.getAsArrayBufferView()->buffer()->byteLength(); | 40 applicationServerKey.getAsArrayBufferView()->buffer()->byteLength(); |
| 37 } else { | 41 } else { |
| 38 NOTREACHED(); | 42 NOTREACHED(); |
| 39 return String(); | 43 return String(); |
| 40 } | 44 } |
| 41 | 45 |
| 42 // If the key is valid, just treat it as a string of bytes and pass it to | 46 // Check the validity of the sender info. It must either be a 65-byte |
| 43 // the push service. | 47 // uncompressed key, which has the byte 0x04 as the first byte as a marker or |
| 44 if (length <= kMaxApplicationServerKeyLength) | 48 // a numeric sender ID. |
| 45 return WebString::fromLatin1(input, length); | 49 WebString inputWebString = WebString::fromLatin1(input, length); |
|
Peter Beverloo
2016/10/11 15:10:41
Could we validate the input before converting it t
harkness
2016/10/14 13:53:55
Done.
| |
| 50 if (length == 65 && input && *input == 0x04) { | |
| 51 // This could be a valid applicationServerKey. Just pass the bytes through. | |
| 52 return inputWebString; | |
| 53 } | |
| 54 | |
| 55 if (length > 0 && length <= kMaxApplicationServerKeyLength) { | |
| 56 // Check that the provided string is numeric. | |
| 57 std::string inputStr = inputWebString.utf8(); | |
| 58 if (std::find_if(inputStr.begin(), inputStr.end(), IsNotDigit) == | |
| 59 inputStr.end()) { | |
| 60 return inputWebString; | |
| 61 } | |
| 62 } | |
| 46 | 63 |
| 47 exceptionState.throwDOMException( | 64 exceptionState.throwDOMException( |
| 48 InvalidAccessError, "The provided applicationServerKey is not valid."); | 65 InvalidAccessError, "The provided applicationServerKey is not valid."); |
| 49 return String(); | 66 return String(); |
| 50 } | 67 } |
| 51 | 68 |
| 52 } // namespace | 69 } // namespace |
| 53 | 70 |
| 54 // static | 71 // static |
| 55 WebPushSubscriptionOptions PushSubscriptionOptions::toWeb( | 72 WebPushSubscriptionOptions PushSubscriptionOptions::toWeb( |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 68 : m_userVisibleOnly(options.userVisibleOnly), | 85 : m_userVisibleOnly(options.userVisibleOnly), |
| 69 m_applicationServerKey( | 86 m_applicationServerKey( |
| 70 DOMArrayBuffer::create(options.applicationServerKey.latin1().data(), | 87 DOMArrayBuffer::create(options.applicationServerKey.latin1().data(), |
| 71 options.applicationServerKey.length())) {} | 88 options.applicationServerKey.length())) {} |
| 72 | 89 |
| 73 DEFINE_TRACE(PushSubscriptionOptions) { | 90 DEFINE_TRACE(PushSubscriptionOptions) { |
| 74 visitor->trace(m_applicationServerKey); | 91 visitor->trace(m_applicationServerKey); |
| 75 } | 92 } |
| 76 | 93 |
| 77 } // namespace blink | 94 } // namespace blink |
| OLD | NEW |
