| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // NB: Modelled after Mozilla's code (originally written by Pamela Greene, | 5 // NB: Modelled after Mozilla's code (originally written by Pamela Greene, |
| 6 // later modified by others), but almost entirely rewritten for Chrome. | 6 // later modified by others), but almost entirely rewritten for Chrome. |
| 7 // (netwerk/dns/src/nsEffectiveTLDService.cpp) | 7 // (netwerk/dns/src/nsEffectiveTLDService.cpp) |
| 8 /* ***** BEGIN LICENSE BLOCK ***** | 8 /* ***** BEGIN LICENSE BLOCK ***** |
| 9 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 9 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| 10 * | 10 * |
| (...skipping 28 matching lines...) Expand all Loading... |
| 39 * decision by deleting the provisions above and replace them with the notice | 39 * decision by deleting the provisions above and replace them with the notice |
| 40 * and other provisions required by the GPL or the LGPL. If you do not delete | 40 * and other provisions required by the GPL or the LGPL. If you do not delete |
| 41 * the provisions above, a recipient may use your version of this file under | 41 * the provisions above, a recipient may use your version of this file under |
| 42 * the terms of any one of the MPL, the GPL or the LGPL. | 42 * the terms of any one of the MPL, the GPL or the LGPL. |
| 43 * | 43 * |
| 44 * ***** END LICENSE BLOCK ***** */ | 44 * ***** END LICENSE BLOCK ***** */ |
| 45 | 45 |
| 46 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" | 46 #include "net/base/registry_controlled_domains/registry_controlled_domain.h" |
| 47 | 47 |
| 48 #include "base/logging.h" | 48 #include "base/logging.h" |
| 49 #include "base/lookup_string_in_fixed_set.h" |
| 49 #include "base/strings/string_util.h" | 50 #include "base/strings/string_util.h" |
| 50 #include "base/strings/utf_string_conversions.h" | 51 #include "base/strings/utf_string_conversions.h" |
| 51 #include "net/base/lookup_string_in_fixed_set.h" | |
| 52 #include "net/base/net_module.h" | 52 #include "net/base/net_module.h" |
| 53 #include "net/base/url_util.h" | 53 #include "net/base/url_util.h" |
| 54 #include "url/gurl.h" | 54 #include "url/gurl.h" |
| 55 #include "url/origin.h" | 55 #include "url/origin.h" |
| 56 #include "url/third_party/mozilla/url_parse.h" | 56 #include "url/third_party/mozilla/url_parse.h" |
| 57 #include "url/url_util.h" | 57 #include "url/url_util.h" |
| 58 | 58 |
| 59 namespace net { | 59 namespace net { |
| 60 namespace registry_controlled_domains { | 60 namespace registry_controlled_domains { |
| 61 | 61 |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 100 // Walk up the domain tree, most specific to least specific, | 100 // Walk up the domain tree, most specific to least specific, |
| 101 // looking for matches at each level. | 101 // looking for matches at each level. |
| 102 size_t prev_start = std::string::npos; | 102 size_t prev_start = std::string::npos; |
| 103 size_t curr_start = host_check_begin; | 103 size_t curr_start = host_check_begin; |
| 104 size_t next_dot = host.find('.', curr_start); | 104 size_t next_dot = host.find('.', curr_start); |
| 105 if (next_dot >= host_check_len) // Catches std::string::npos as well. | 105 if (next_dot >= host_check_len) // Catches std::string::npos as well. |
| 106 return 0; // This can't have a registry + domain. | 106 return 0; // This can't have a registry + domain. |
| 107 while (1) { | 107 while (1) { |
| 108 const char* domain_str = host.data() + curr_start; | 108 const char* domain_str = host.data() + curr_start; |
| 109 size_t domain_length = host_check_len - curr_start; | 109 size_t domain_length = host_check_len - curr_start; |
| 110 int type = LookupStringInFixedSet(g_graph, g_graph_length, domain_str, | 110 int type = base::LookupStringInFixedSet(g_graph, g_graph_length, domain_str, |
| 111 domain_length); | 111 domain_length); |
| 112 bool do_check = type != kDafsaNotFound && | 112 bool do_check = type != base::kDafsaNotFound && |
| 113 (!(type & kDafsaPrivateRule) || | 113 (!(type & base::kDafsaPrivateRule) || |
| 114 private_filter == INCLUDE_PRIVATE_REGISTRIES); | 114 private_filter == INCLUDE_PRIVATE_REGISTRIES); |
| 115 | 115 |
| 116 // If the apparent match is a private registry and we're not including | 116 // If the apparent match is a private registry and we're not including |
| 117 // those, it can't be an actual match. | 117 // those, it can't be an actual match. |
| 118 if (do_check) { | 118 if (do_check) { |
| 119 // Exception rules override wildcard rules when the domain is an exact | 119 // Exception rules override wildcard rules when the domain is an exact |
| 120 // match, but wildcards take precedence when there's a subdomain. | 120 // match, but wildcards take precedence when there's a subdomain. |
| 121 if (type & kDafsaWildcardRule && (prev_start != std::string::npos)) { | 121 if (type & base::kDafsaWildcardRule && |
| 122 (prev_start != std::string::npos)) { |
| 122 // If prev_start == host_check_begin, then the host is the registry | 123 // If prev_start == host_check_begin, then the host is the registry |
| 123 // itself, so return 0. | 124 // itself, so return 0. |
| 124 return (prev_start == host_check_begin) ? 0 | 125 return (prev_start == host_check_begin) ? 0 |
| 125 : (host.length() - prev_start); | 126 : (host.length() - prev_start); |
| 126 } | 127 } |
| 127 | 128 |
| 128 if (type & kDafsaExceptionRule) { | 129 if (type & base::kDafsaExceptionRule) { |
| 129 if (next_dot == std::string::npos) { | 130 if (next_dot == std::string::npos) { |
| 130 // If we get here, we had an exception rule with no dots (e.g. | 131 // If we get here, we had an exception rule with no dots (e.g. |
| 131 // "!foo"). This would only be valid if we had a corresponding | 132 // "!foo"). This would only be valid if we had a corresponding |
| 132 // wildcard rule, which would have to be "*". But we explicitly | 133 // wildcard rule, which would have to be "*". But we explicitly |
| 133 // disallow that case, so this kind of rule is invalid. | 134 // disallow that case, so this kind of rule is invalid. |
| 134 NOTREACHED() << "Invalid exception rule"; | 135 NOTREACHED() << "Invalid exception rule"; |
| 135 return 0; | 136 return 0; |
| 136 } | 137 } |
| 137 return host.length() - next_dot - 1; | 138 return host.length() - next_dot - 1; |
| 138 } | 139 } |
| (...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 441 | 442 |
| 442 void SetFindDomainGraph(const unsigned char* domains, size_t length) { | 443 void SetFindDomainGraph(const unsigned char* domains, size_t length) { |
| 443 CHECK(domains); | 444 CHECK(domains); |
| 444 CHECK_NE(length, 0u); | 445 CHECK_NE(length, 0u); |
| 445 g_graph = domains; | 446 g_graph = domains; |
| 446 g_graph_length = length; | 447 g_graph_length = length; |
| 447 } | 448 } |
| 448 | 449 |
| 449 } // namespace registry_controlled_domains | 450 } // namespace registry_controlled_domains |
| 450 } // namespace net | 451 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2784933002:
Mitigate spoofing attempt using Latin letters. (Closed)
