components/url_formatter/idn_spoof_checker.h - Issue 2784933002: Mitigate spoofing attempt using Latin letters.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/url_formatter/idn_spoof_checker.h

Issue 2784933002: Mitigate spoofing attempt using Latin letters. (Closed)

Patch Set: use checked_cast and make win64 happy Created 3 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: components/url_formatter/idn_spoof_checker.h

diff --git a/components/url_formatter/idn_spoof_checker.h b/components/url_formatter/idn_spoof_checker.h

index 41eafc637b1ce2847df644f26768fbbfa687b20a..36d7c7896935462ccd1a8502ebebe0f2f85c66d3 100644

--- a/components/url_formatter/idn_spoof_checker.h

+++ b/components/url_formatter/idn_spoof_checker.h

@@ -17,6 +17,7 @@

// 'icu' does not work. Use U_ICU_NAMESPACE.

namespace U_ICU_NAMESPACE {

+class Transliterator;

class UnicodeString;

} // namespace U_ICU_NAMESPACE

@@ -40,9 +41,20 @@ class IDNSpoofChecker {

// See the function body for details on the specific safety checks performed.

bool SafeToDisplayAsUnicode(base::StringPiece16 label, bool is_tld_ascii);

+ // Returns true if |hostname| or the last few components of |hostname| looks

+ // similar to one of top domains listed in top_domains/alexa_domains.list. Two

+ // checks are done:

+ // 1. Calculate the skeleton of |hostname| based on the Unicode confusable

+ // character list and look it up in the pre-calculated skeleton list of

+ // top domains.

+ // 2. Look up the diacritic-free version of |hostname| in the list of

+ // top domains. Note that non-IDN hostnames will not get here.

+ bool SimilarToTopDomains(base::StringPiece16 hostname);

private:

// Sets allowed characters in IDN labels and turns on USPOOF_CHAR_LIMIT.

void SetAllowedUnicodeSet(UErrorCode* status);

// Returns true if all the Cyrillic letters in |label| belong to a set of

// Cyrillic letters that look like ASCII Latin letters.

bool IsMadeOfLatinAlikeCyrillic(const icu::UnicodeString& label);

@@ -51,8 +63,11 @@ class IDNSpoofChecker {

icu::UnicodeSet deviation_characters_;

icu::UnicodeSet non_ascii_latin_letters_;

icu::UnicodeSet kana_letters_exceptions_;

+ icu::UnicodeSet combining_diacritics_exceptions_;

icu::UnicodeSet cyrillic_letters_;

icu::UnicodeSet cyrillic_letters_latin_alike_;

+ icu::UnicodeSet lgc_letters_n_ascii_;

+ std::unique_ptr<icu::Transliterator> transliterator_;

IDNSpoofChecker(const IDNSpoofChecker&) = delete;

void operator=(const IDNSpoofChecker&) = delete;

« no previous file with comments | « components/url_formatter/BUILD.gn ('k') | components/url_formatter/idn_spoof_checker.cc » ('j') | no next file with comments »