Add verification that google URL has a valid TLD.

components/google/core/browser/google_util.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "components/google/core/browser/google_util.h"
 
 #include <stddef.h>
 
 #include <string>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/macros.h"
 #include "base/strings/string16.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_split.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "components/google/core/browser/google_switches.h"
+#include "components/google/core/browser/google_tld_list.h"
 #include "components/google/core/browser/google_url_tracker.h"
 #include "components/url_formatter/url_fixer.h"
 #include "net/base/registry_controlled_domains/registry_controlled_domain.h"
 #include "net/base/url_util.h"
 #include "url/gurl.h"
 
 // Only use Link Doctor on official builds.  It uses an API key, too, but
 // seems best to just disable it, for more responsive error pages and to reduce
 // server load.
 #if defined(GOOGLE_CHROME_BUILD)
 #define LINKDOCTOR_SERVER_REQUEST_URL "https://www.googleapis.com/rpc"
 #else
 #define LINKDOCTOR_SERVER_REQUEST_URL ""
 #endif
 
 namespace google_util {
 
 // Helpers --------------------------------------------------------------------
 
 namespace {
 
 bool gUseMockLinkDoctorBaseURLForTesting = false;
 
 bool IsPathHomePageBase(base::StringPiece path) {
   return (path == "/") || (path == "/webhp");
 }
 
 // True if the given canonical |host| is "[www.]<domain_in_lower_case>.<TLD>"
 // with a valid TLD. If |subdomain_permission| is ALLOW_SUBDOMAIN, we check
-// against host "*.<domain_in_lower_case>.<TLD>" instead.
+// against host "*.<domain_in_lower_case>.<TLD>" instead. Will return the TLD
+// string in |tld|, if specified and the |host| can be parsed.
 bool IsValidHostName(base::StringPiece host,
                      base::StringPiece domain_in_lower_case,
-                     SubdomainPermission subdomain_permission) {
+                     SubdomainPermission subdomain_permission,
+                     base::StringPiece* tld) {
   // Fast path to avoid searching the registry set.
   if (host.find(domain_in_lower_case) == base::StringPiece::npos)
     return false;
+
   size_t tld_length =
       net::registry_controlled_domains::GetCanonicalHostRegistryLength(
           host, net::registry_controlled_domains::EXCLUDE_UNKNOWN_REGISTRIES,
           net::registry_controlled_domains::EXCLUDE_PRIVATE_REGISTRIES);
   if ((tld_length == 0) || (tld_length == std::string::npos))
     return false;
 
   // Removes the tld and the preceding dot.
   base::StringPiece host_minus_tld =
       host.substr(0, host.length() - tld_length - 1);
+
+  if (tld)
+    *tld = host.substr(host.length() - tld_length);
+
   if (base::LowerCaseEqualsASCII(host_minus_tld, domain_in_lower_case))
     return true;
 
   if (subdomain_permission == ALLOW_SUBDOMAIN) {
     std::string dot_domain(".");
     domain_in_lower_case.AppendToString(&dot_domain);
     return base::EndsWith(host_minus_tld, dot_domain,
                           base::CompareCase::INSENSITIVE_ASCII);
   }
 
   std::string www_domain("www.");
   domain_in_lower_case.AppendToString(&www_domain);
   return base::LowerCaseEqualsASCII(host_minus_tld, www_domain);
 }
 
 // True if |url| is a valid URL with HTTP or HTTPS scheme. If |port_permission|
 // is DISALLOW_NON_STANDARD_PORTS, this also requires |url| to use the standard
 // port for its scheme (80 for HTTP, 443 for HTTPS).
 bool IsValidURL(const GURL& url, PortPermission port_permission) {
   return url.is_valid() && url.SchemeIsHTTPOrHTTPS() &&
          (url.port().empty() || (port_permission == ALLOW_NON_STANDARD_PORTS));
 }
 
 bool IsCanonicalHostGoogleHostname(base::StringPiece canonical_host,
                                    SubdomainPermission subdomain_permission) {
   const GURL& base_url(CommandLineGoogleBaseURL());
   if (base_url.is_valid() && (canonical_host == base_url.host_piece()))
     return true;
 
-  return IsValidHostName(canonical_host, "google", subdomain_permission);
+  base::StringPiece tld;
+  if (!IsValidHostName(canonical_host, "google", subdomain_permission, &tld))
+    return false;
+
+  CR_DEFINE_STATIC_LOCAL(std::set<std::string>, google_tlds,
+                         ({GOOGLE_TLD_LIST}));
+

[Peter Kasting, 2016/12/16 01:35:58]

Nit: Blank line here now probably unnecessary?  I dunno

[Maria, 2017/01/04 17:58:52]

Done.

+  return base::ContainsKey(google_tlds, tld.as_string());
 }
 
 }  // namespace
 
 // Global functions -----------------------------------------------------------
 
 bool HasGoogleSearchQueryParam(base::StringPiece str) {
   url::Component query(0, static_cast<int>(str.length())), key, value;
   while (url::ExtractQueryKeyValue(str.data(), &query, &key, &value)) {
     if (value.is_nonempty()) {
@@ skipping 120 matching lines @@
   // Check for query parameter in URL parameter and hash fragment, depending on
   // the path type.
   return HasGoogleSearchQueryParam(url.ref_piece()) ||
       (!is_home_page_base && HasGoogleSearchQueryParam(url.query_piece()));
 }
 
 bool IsYoutubeDomainUrl(const GURL& url,
                         SubdomainPermission subdomain_permission,
                         PortPermission port_permission) {
   return IsValidURL(url, port_permission) &&
-      IsValidHostName(url.host_piece(), "youtube", subdomain_permission);
+      IsValidHostName(url.host_piece(), "youtube", subdomain_permission,
+                      nullptr);
 }
 
 }  // namespace google_util