Chromium Code Reviews Chromium Code Reviews
Issue 2433583002:
Reduce buggy usage of the registry controlled domain service. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/google/core/browser/google_util.h" | 5 #include "components/google/core/browser/google_util.h" |
| 6 | 6 |
| 7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include <vector> | 10 #include <vector> |
| (...skipping 15 matching lines...) Expand all Loading... | |
| 26 // Only use Link Doctor on official builds. It uses an API key, too, but | 26 // Only use Link Doctor on official builds. It uses an API key, too, but |
| 27 // seems best to just disable it, for more responsive error pages and to reduce | 27 // seems best to just disable it, for more responsive error pages and to reduce |
| 28 // server load. | 28 // server load. |
| 29 #if defined(GOOGLE_CHROME_BUILD) | 29 #if defined(GOOGLE_CHROME_BUILD) |
| 30 #define LINKDOCTOR_SERVER_REQUEST_URL "https://www.googleapis.com/rpc" | 30 #define LINKDOCTOR_SERVER_REQUEST_URL "https://www.googleapis.com/rpc" |
| 31 #else | 31 #else |
| 32 #define LINKDOCTOR_SERVER_REQUEST_URL "" | 32 #define LINKDOCTOR_SERVER_REQUEST_URL "" |
| 33 #endif | 33 #endif |
| 34 | 34 |
| 35 | 35 |
| 36 namespace google_util { | |
| 37 | |
| 36 // Helpers -------------------------------------------------------------------- | 38 // Helpers -------------------------------------------------------------------- |
| 37 | 39 |
| 38 namespace { | 40 namespace { |
| 39 | 41 |
| 40 bool gUseMockLinkDoctorBaseURLForTesting = false; | 42 bool gUseMockLinkDoctorBaseURLForTesting = false; |
| 41 | 43 |
| 42 bool IsPathHomePageBase(base::StringPiece path) { | 44 bool IsPathHomePageBase(base::StringPiece path) { |
| 43 return (path == "/") || (path == "/webhp"); | 45 return (path == "/") || (path == "/webhp"); |
| 44 } | 46 } |
| 45 | 47 |
| 46 // True if |host| is "[www.]<domain_in_lower_case>.<TLD>" with a valid TLD. If | 48 // True if the given canonical |host| is "[www.]<domain_in_lower_case>.<TLD>" |
| 47 // |subdomain_permission| is ALLOW_SUBDOMAIN, we check against host | 49 // with a valid TLD. If |subdomain_permission| is ALLOW_SUBDOMAIN, we check |
| 48 // "*.<domain_in_lower_case>.<TLD>" instead. | 50 // against host "*.<domain_in_lower_case>.<TLD>" instead. |
| 49 bool IsValidHostName(base::StringPiece host, | 51 bool IsValidHostName(base::StringPiece host, |
| 50 base::StringPiece domain_in_lower_case, | 52 base::StringPiece domain_in_lower_case, |
| 51 google_util::SubdomainPermission subdomain_permission) { | 53 SubdomainPermission subdomain_permission) { |
| 52 size_t tld_length = net::registry_controlled_domains::GetRegistryLength( | 54 size_t tld_length = |
| 53 host, | 55 net::registry_controlled_domains::GetRegistryLengthForCanonicalHost( |
| 54 net::registry_controlled_domains::EXCLUDE_UNKNOWN_REGISTRIES, | 56 host, |
| 55 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES); | 57 net::registry_controlled_domains::EXCLUDE_UNKNOWN_REGISTRIES, |
| 58 net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES); | |
| 56 if ((tld_length == 0) || (tld_length == std::string::npos)) | 59 if ((tld_length == 0) || (tld_length == std::string::npos)) |
| 57 return false; | 60 return false; |
| 58 | 61 |
| 59 // Removes the tld and the preceding dot. | 62 // Removes the tld and the preceding dot. |
| 60 base::StringPiece host_minus_tld = | 63 base::StringPiece host_minus_tld = |
| 61 host.substr(0, host.length() - tld_length - 1); | 64 host.substr(0, host.length() - tld_length - 1); |
| 62 if (base::LowerCaseEqualsASCII(host_minus_tld, domain_in_lower_case)) | 65 if (base::LowerCaseEqualsASCII(host_minus_tld, domain_in_lower_case)) |
| 63 return true; | 66 return true; |
| 64 | 67 |
| 65 if (subdomain_permission == google_util::ALLOW_SUBDOMAIN) { | 68 if (subdomain_permission == ALLOW_SUBDOMAIN) { |
| 66 std::string dot_domain("."); | 69 std::string dot_domain("."); |
| 67 domain_in_lower_case.AppendToString(&dot_domain); | 70 domain_in_lower_case.AppendToString(&dot_domain); |
| 68 return base::EndsWith(host_minus_tld, dot_domain, | 71 return base::EndsWith(host_minus_tld, dot_domain, |
| 69 base::CompareCase::INSENSITIVE_ASCII); | 72 base::CompareCase::INSENSITIVE_ASCII); |
| 70 } | 73 } |
| 71 | 74 |
| 72 std::string www_domain("www."); | 75 std::string www_domain("www."); |
| 73 domain_in_lower_case.AppendToString(&www_domain); | 76 domain_in_lower_case.AppendToString(&www_domain); |
| 74 return base::LowerCaseEqualsASCII(host_minus_tld, www_domain); | 77 return base::LowerCaseEqualsASCII(host_minus_tld, www_domain); |
| 75 } | 78 } |
| 76 | 79 |
| 77 // True if |url| is a valid URL with HTTP or HTTPS scheme. If |port_permission| | 80 // True if |url| is a valid URL with HTTP or HTTPS scheme. If |port_permission| |
| 78 // is DISALLOW_NON_STANDARD_PORTS, this also requires |url| to use the standard | 81 // is DISALLOW_NON_STANDARD_PORTS, this also requires |url| to use the standard |
| 79 // port for its scheme (80 for HTTP, 443 for HTTPS). | 82 // port for its scheme (80 for HTTP, 443 for HTTPS). |
| 80 bool IsValidURL(const GURL& url, google_util::PortPermission port_permission) { | 83 bool IsValidURL(const GURL& url, PortPermission port_permission) { |
| 81 return url.is_valid() && url.SchemeIsHTTPOrHTTPS() && | 84 return url.is_valid() && url.SchemeIsHTTPOrHTTPS() && |
| 82 (url.port().empty() || | 85 (url.port().empty() || |
| 83 (port_permission == google_util::ALLOW_NON_STANDARD_PORTS)); | 86 (port_permission == ALLOW_NON_STANDARD_PORTS)); |
| 87 } | |
| 88 | |
| 89 bool IsCanonicalHostGoogleHostname(base::StringPiece canonical_host, | |
| 90 SubdomainPermission subdomain_permission) { | |
| 91 const GURL& base_url(CommandLineGoogleBaseURL()); | |
|
brettw
2016/10/19 20:16:36
This is separated out from below to avoid double-c
| |
| 92 if (base_url.is_valid() && (canonical_host == base_url.host_piece())) | |
| 93 return true; | |
| 94 | |
| 95 return IsValidHostName(canonical_host, "google", subdomain_permission); | |
| 84 } | 96 } |
| 85 | 97 |
| 86 } // namespace | 98 } // namespace |
| 87 | 99 |
| 88 | |
| 89 namespace google_util { | |
| 90 | |
| 91 // Global functions ----------------------------------------------------------- | 100 // Global functions ----------------------------------------------------------- |
| 92 | 101 |
| 93 bool HasGoogleSearchQueryParam(base::StringPiece str) { | 102 bool HasGoogleSearchQueryParam(base::StringPiece str) { |
| 94 url::Component query(0, static_cast<int>(str.length())), key, value; | 103 url::Component query(0, static_cast<int>(str.length())), key, value; |
| 95 while (url::ExtractQueryKeyValue(str.data(), &query, &key, &value)) { | 104 while (url::ExtractQueryKeyValue(str.data(), &query, &key, &value)) { |
| 96 if (value.is_nonempty()) { | 105 if (value.is_nonempty()) { |
| 97 base::StringPiece key_str = str.substr(key.begin, key.len); | 106 base::StringPiece key_str = str.substr(key.begin, key.len); |
| 98 if (key_str == "q" || key_str == "as_q") | 107 if (key_str == "q" || key_str == "as_q") |
| 99 return true; | 108 return true; |
| 100 } | 109 } |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 173 | 182 |
| 174 bool StartsWithCommandLineGoogleBaseURL(const GURL& url) { | 183 bool StartsWithCommandLineGoogleBaseURL(const GURL& url) { |
| 175 const GURL& base_url(CommandLineGoogleBaseURL()); | 184 const GURL& base_url(CommandLineGoogleBaseURL()); |
| 176 return base_url.is_valid() && | 185 return base_url.is_valid() && |
| 177 base::StartsWith(url.possibly_invalid_spec(), base_url.spec(), | 186 base::StartsWith(url.possibly_invalid_spec(), base_url.spec(), |
| 178 base::CompareCase::SENSITIVE); | 187 base::CompareCase::SENSITIVE); |
| 179 } | 188 } |
| 180 | 189 |
| 181 bool IsGoogleHostname(base::StringPiece host, | 190 bool IsGoogleHostname(base::StringPiece host, |
| 182 SubdomainPermission subdomain_permission) { | 191 SubdomainPermission subdomain_permission) { |
| 183 const GURL& base_url(CommandLineGoogleBaseURL()); | 192 url::CanonHostInfo host_info; |
| 184 if (base_url.is_valid() && (host == base_url.host_piece())) | 193 return IsCanonicalHostGoogleHostname(net::CanonicalizeHost(host, &host_info), |
| 185 return true; | 194 subdomain_permission); |
| 186 | |
| 187 return IsValidHostName(host, "google", subdomain_permission); | |
| 188 } | 195 } |
| 189 | 196 |
| 190 bool IsGoogleDomainUrl(const GURL& url, | 197 bool IsGoogleDomainUrl(const GURL& url, |
| 191 SubdomainPermission subdomain_permission, | 198 SubdomainPermission subdomain_permission, |
| 192 PortPermission port_permission) { | 199 PortPermission port_permission) { |
| 193 return IsValidURL(url, port_permission) && | 200 return IsValidURL(url, port_permission) && |
| 194 IsGoogleHostname(url.host(), subdomain_permission); | 201 IsCanonicalHostGoogleHostname(url.host_piece(), subdomain_permission); |
| 195 } | 202 } |
| 196 | 203 |
| 197 bool IsGoogleHomePageUrl(const GURL& url) { | 204 bool IsGoogleHomePageUrl(const GURL& url) { |
| 198 // First check to see if this has a Google domain. | 205 // First check to see if this has a Google domain. |
| 199 if (!IsGoogleDomainUrl(url, DISALLOW_SUBDOMAIN, DISALLOW_NON_STANDARD_PORTS)) | 206 if (!IsGoogleDomainUrl(url, DISALLOW_SUBDOMAIN, DISALLOW_NON_STANDARD_PORTS)) |
| 200 return false; | 207 return false; |
| 201 | 208 |
| 202 // Make sure the path is a known home page path. | 209 // Make sure the path is a known home page path. |
| 203 base::StringPiece path(url.path_piece()); | 210 base::StringPiece path(url.path_piece()); |
| 204 return IsPathHomePageBase(path) || | 211 return IsPathHomePageBase(path) || |
| (...skipping 18 matching lines...) Expand all Loading... | |
| 223 } | 230 } |
| 224 | 231 |
| 225 bool IsYoutubeDomainUrl(const GURL& url, | 232 bool IsYoutubeDomainUrl(const GURL& url, |
| 226 SubdomainPermission subdomain_permission, | 233 SubdomainPermission subdomain_permission, |
| 227 PortPermission port_permission) { | 234 PortPermission port_permission) { |
| 228 return IsValidURL(url, port_permission) && | 235 return IsValidURL(url, port_permission) && |
| 229 IsValidHostName(url.host_piece(), "youtube", subdomain_permission); | 236 IsValidHostName(url.host_piece(), "youtube", subdomain_permission); |
| 230 } | 237 } |
| 231 | 238 |
| 232 } // namespace google_util | 239 } // namespace google_util |
| OLD | NEW |
