Source code

Revision control

Copy as Markdown

Other Tools

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim:set ts=4 sw=2 sts=2 et cindent: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "ipc/IPCMessageUtils.h"
#include "nsASCIIMask.h"
#include "nsStandardURL.h"
#include "nsCRT.h"
#include "nsEscape.h"
#include "nsIFile.h"
#include "nsIObjectInputStream.h"
#include "nsIObjectOutputStream.h"
#include "nsIIDNService.h"
#include "mozilla/Logging.h"
#include "nsIURLParser.h"
#include "nsPrintfCString.h"
#include "nsNetCID.h"
#include "mozilla/MemoryReporting.h"
#include "mozilla/ipc/URIUtils.h"
#include "mozilla/ScopeExit.h"
#include "mozilla/StaticPrefs_network.h"
#include "mozilla/TextUtils.h"
#include <algorithm>
#include "nsContentUtils.h"
#include "prprf.h"
#include "nsReadableUtils.h"
#include "mozilla/net/MozURL_ffi.h"
#include "mozilla/Utf8.h"
#include "nsIClassInfoImpl.h"
#include <string.h>
#include "IPv4Parser.h"
//
// setenv MOZ_LOG nsStandardURL:5
//
static mozilla::LazyLogModule gStandardURLLog("nsStandardURL");
// The Chromium code defines its own LOG macro which we don't want
#undef LOG
#define LOG(args) MOZ_LOG(gStandardURLLog, LogLevel::Debug, args)
#undef LOG_ENABLED
#define LOG_ENABLED() MOZ_LOG_TEST(gStandardURLLog, LogLevel::Debug)
using namespace mozilla::ipc;
/**
* The UTS #46 ToUnicode operation as parametrized by the WHATWG URL Standard,
* except potentially misleading labels are treated according to ToASCII
* instead. Combined with the ToASCII operation without rerunning the expensive
* part.
*
* NOTE: This function performs percent-decoding on the argument unlike
* the other `NS_DomainTo` functions!
*
* If upon successfull return `aASCII` is empty, it is the caller's
* responsibility to treat the value of `aDisplay` also as the value of
* `aASCII`. (The weird semantics avoid useless allocation / copying.)
*
* Rust callers that don't happen to be using XPCOM strings are better
* off using the `idna` crate directly. (See `idna_glue` for what policy
* closure to use.)
*/
inline nsresult NS_DomainToDisplayAndASCII(const nsACString& aDomain,
nsACString& aDisplay,
nsACString& aASCII) {
return mozilla_net_domain_to_display_and_ascii_impl(&aDomain, &aDisplay,
&aASCII);
}
namespace mozilla {
namespace net {
static NS_DEFINE_CID(kThisImplCID, NS_THIS_STANDARDURL_IMPL_CID);
// This will always be initialized and destroyed on the main thread, but
// can be safely used on other threads.
StaticRefPtr<nsIIDNService> nsStandardURL::gIDN;
// This value will only be updated on the main thread once.
static Atomic<bool, Relaxed> gInitialized{false};
const char nsStandardURL::gHostLimitDigits[] = {'/', '\\', '?', '#', 0};
//----------------------------------------------------------------------------
// nsStandardURL::nsSegmentEncoder
//----------------------------------------------------------------------------
nsStandardURL::nsSegmentEncoder::nsSegmentEncoder(const Encoding* encoding)
: mEncoding(encoding) {
if (mEncoding == UTF_8_ENCODING) {
mEncoding = nullptr;
}
}
int32_t nsStandardURL::nsSegmentEncoder::EncodeSegmentCount(
const char* aStr, const URLSegment& aSeg, int16_t aMask, nsCString& aOut,
bool& aAppended, uint32_t aExtraLen) {
// aExtraLen is characters outside the segment that will be
// added when the segment is not empty (like the @ following
// a username).
if (!aStr || aSeg.mLen <= 0) {
// Empty segment, so aExtraLen not added per above.
aAppended = false;
return 0;
}
uint32_t origLen = aOut.Length();
Span<const char> span = Span(aStr + aSeg.mPos, aSeg.mLen);
// first honor the origin charset if appropriate. as an optimization,
// only do this if the segment is non-ASCII. Further, if mEncoding is
// null, then the origin charset is UTF-8 and there is nothing to do.
if (mEncoding) {
size_t upTo;
if (MOZ_UNLIKELY(mEncoding == ISO_2022_JP_ENCODING)) {
upTo = Encoding::ISO2022JPASCIIValidUpTo(AsBytes(span));
} else {
upTo = Encoding::ASCIIValidUpTo(AsBytes(span));
}
if (upTo != span.Length()) {
// we have to encode this segment
char bufferArr[512];
Span<char> buffer = Span(bufferArr);
auto encoder = mEncoding->NewEncoder();
nsAutoCString valid; // has to be declared in this scope
if (MOZ_UNLIKELY(!IsUtf8(span.From(upTo)))) {
MOZ_ASSERT_UNREACHABLE("Invalid UTF-8 passed to nsStandardURL.");
// It's UB to pass invalid UTF-8 to
// EncodeFromUTF8WithoutReplacement(), so let's make our input valid
// UTF-8 by replacing invalid sequences with the REPLACEMENT
// CHARACTER.
UTF_8_ENCODING->Decode(
nsDependentCSubstring(span.Elements(), span.Length()), valid);
// This assigment is OK. `span` can't be used after `valid` has
// been destroyed because the only way out of the scope that `valid`
// was declared in is via return inside the loop below. Specifically,
// the return is the only way out of the loop.
span = valid;
}
size_t totalRead = 0;
for (;;) {
auto [encoderResult, read, written] =
encoder->EncodeFromUTF8WithoutReplacement(
AsBytes(span.From(totalRead)), AsWritableBytes(buffer), true);
totalRead += read;
auto bufferWritten = buffer.To(written);
if (!NS_EscapeURLSpan(bufferWritten, aMask, aOut)) {
aOut.Append(bufferWritten);
}
if (encoderResult == kInputEmpty) {
aAppended = true;
// Difference between original and current output
// string lengths plus extra length
return aOut.Length() - origLen + aExtraLen;
}
if (encoderResult == kOutputFull) {
continue;
}
aOut.AppendLiteral("%26%23");
aOut.AppendInt(encoderResult);
aOut.AppendLiteral("%3B");
}
MOZ_RELEASE_ASSERT(
false,
"There's supposed to be no way out of the above loop except return.");
}
}
if (NS_EscapeURLSpan(span, aMask, aOut)) {
aAppended = true;
// Difference between original and current output
// string lengths plus extra length
return aOut.Length() - origLen + aExtraLen;
}
aAppended = false;
// Original segment length plus extra length
return span.Length() + aExtraLen;
}
const nsACString& nsStandardURL::nsSegmentEncoder::EncodeSegment(
const nsACString& str, int16_t mask, nsCString& result) {
const char* text;
bool encoded;
EncodeSegmentCount(str.BeginReading(text), URLSegment(0, str.Length()), mask,
result, encoded);
if (encoded) {
return result;
}
return str;
}
//----------------------------------------------------------------------------
// nsStandardURL <public>
//----------------------------------------------------------------------------
#ifdef DEBUG_DUMP_URLS_AT_SHUTDOWN
static StaticMutex gAllURLsMutex MOZ_UNANNOTATED;
static LinkedList<nsStandardURL> gAllURLs;
#endif
nsStandardURL::nsStandardURL(bool aSupportsFileURL, bool aTrackURL)
: mURLType(URLTYPE_STANDARD),
mSupportsFileURL(aSupportsFileURL),
mCheckedIfHostA(false) {
LOG(("Creating nsStandardURL @%p\n", this));
// gInitialized changes value only once (false->true) on the main thread.
// It's OK to race here because in the worst case we'll just
// dispatch a noop runnable to the main thread.
MOZ_ASSERT(gInitialized);
// default parser in case nsIStandardURL::Init is never called
mParser = net_GetStdURLParser();
#ifdef DEBUG_DUMP_URLS_AT_SHUTDOWN
if (aTrackURL) {
StaticMutexAutoLock lock(gAllURLsMutex);
gAllURLs.insertBack(this);
}
#endif
}
bool nsStandardURL::IsValid() {
auto checkSegment = [&](const nsStandardURL::URLSegment& aSeg) {
#ifdef EARLY_BETA_OR_EARLIER
// If the parity is not the same, we assume that this is caused by a memory
// error. In this case, we think this URLSegment is valid.
if ((aSeg.mPos.Parity() != aSeg.mPos.CalculateParity()) ||
(aSeg.mLen.Parity() != aSeg.mLen.CalculateParity())) {
MOZ_ASSERT(false);
return true;
}
#endif
// Bad value
if (NS_WARN_IF(aSeg.mLen < -1)) {
return false;
}
if (aSeg.mLen == -1) {
return true;
}
// Points out of string
if (NS_WARN_IF(aSeg.mPos + aSeg.mLen > mSpec.Length())) {
return false;
}
// Overflow
if (NS_WARN_IF(aSeg.mPos + aSeg.mLen < aSeg.mPos)) {
return false;
}
return true;
};
bool allSegmentsValid = checkSegment(mScheme) && checkSegment(mAuthority) &&
checkSegment(mUsername) && checkSegment(mPassword) &&
checkSegment(mHost) && checkSegment(mPath) &&
checkSegment(mFilepath) && checkSegment(mDirectory) &&
checkSegment(mBasename) && checkSegment(mExtension) &&
checkSegment(mQuery) && checkSegment(mRef);
if (!allSegmentsValid) {
return false;
}
if (mScheme.mPos != 0) {
return false;
}
return true;
}
void nsStandardURL::SanityCheck() {
if (!IsValid()) {
nsPrintfCString msg(
"mLen:%zX, mScheme (%X,%X), mAuthority (%X,%X), mUsername (%X,%X), "
"mPassword (%X,%X), mHost (%X,%X), mPath (%X,%X), mFilepath (%X,%X), "
"mDirectory (%X,%X), mBasename (%X,%X), mExtension (%X,%X), mQuery "
"(%X,%X), mRef (%X,%X)",
mSpec.Length(), (uint32_t)mScheme.mPos, (int32_t)mScheme.mLen,
(uint32_t)mAuthority.mPos, (int32_t)mAuthority.mLen,
(uint32_t)mUsername.mPos, (int32_t)mUsername.mLen,
(uint32_t)mPassword.mPos, (int32_t)mPassword.mLen, (uint32_t)mHost.mPos,
(int32_t)mHost.mLen, (uint32_t)mPath.mPos, (int32_t)mPath.mLen,
(uint32_t)mFilepath.mPos, (int32_t)mFilepath.mLen,
(uint32_t)mDirectory.mPos, (int32_t)mDirectory.mLen,
(uint32_t)mBasename.mPos, (int32_t)mBasename.mLen,
(uint32_t)mExtension.mPos, (int32_t)mExtension.mLen,
(uint32_t)mQuery.mPos, (int32_t)mQuery.mLen, (uint32_t)mRef.mPos,
(int32_t)mRef.mLen);
CrashReporter::RecordAnnotationNSCString(
CrashReporter::Annotation::URLSegments, msg);
MOZ_CRASH("nsStandardURL::SanityCheck failed");
}
}
nsStandardURL::~nsStandardURL() {
LOG(("Destroying nsStandardURL @%p\n", this));
#ifdef DEBUG_DUMP_URLS_AT_SHUTDOWN
{
StaticMutexAutoLock lock(gAllURLsMutex);
if (isInList()) {
remove();
}
}
#endif
}
#ifdef DEBUG_DUMP_URLS_AT_SHUTDOWN
struct DumpLeakedURLs {
DumpLeakedURLs() = default;
~DumpLeakedURLs();
};
DumpLeakedURLs::~DumpLeakedURLs() {
MOZ_ASSERT(NS_IsMainThread());
StaticMutexAutoLock lock(gAllURLsMutex);
if (!gAllURLs.isEmpty()) {
printf("Leaked URLs:\n");
for (auto* url : gAllURLs) {
url->PrintSpec();
}
gAllURLs.clear();
}
}
#endif
void nsStandardURL::InitGlobalObjects() {
MOZ_DIAGNOSTIC_ASSERT(NS_IsMainThread());
if (gInitialized) {
return;
}
gInitialized = true;
nsCOMPtr<nsIIDNService> serv(do_GetService(NS_IDNSERVICE_CONTRACTID));
if (serv) {
gIDN = serv;
}
MOZ_DIAGNOSTIC_ASSERT(gIDN);
// Make sure nsURLHelper::InitGlobals() gets called on the main thread
nsCOMPtr<nsIURLParser> parser = net_GetStdURLParser();
MOZ_DIAGNOSTIC_ASSERT(parser);
Unused << parser;
}
void nsStandardURL::ShutdownGlobalObjects() {
MOZ_DIAGNOSTIC_ASSERT(NS_IsMainThread());
gIDN = nullptr;
#ifdef DEBUG_DUMP_URLS_AT_SHUTDOWN
if (gInitialized) {
// This instanciates a dummy class, and will trigger the class
// destructor when libxul is unloaded. This is equivalent to atexit(),
// but gracefully handles dlclose().
StaticMutexAutoLock lock(gAllURLsMutex);
static DumpLeakedURLs d;
}
#endif
}
//----------------------------------------------------------------------------
// nsStandardURL <private>
//----------------------------------------------------------------------------
void nsStandardURL::Clear() {
mSpec.Truncate();
mPort = -1;
mScheme.Reset();
mAuthority.Reset();
mUsername.Reset();
mPassword.Reset();
mHost.Reset();
mPath.Reset();
mFilepath.Reset();
mDirectory.Reset();
mBasename.Reset();
mExtension.Reset();
mQuery.Reset();
mRef.Reset();
InvalidateCache();
}
void nsStandardURL::InvalidateCache(bool invalidateCachedFile) {
if (invalidateCachedFile) {
mFile = nullptr;
}
}
nsIIDNService* nsStandardURL::GetIDNService() { return gIDN.get(); }
nsresult nsStandardURL::NormalizeIDN(const nsACString& aHost,
nsACString& aResult) {
mDisplayHost.Truncate();
mCheckedIfHostA = true;
nsCString displayHost; // Intentionally not nsAutoCString to avoid copy when
// assigning to field
nsresult rv = NS_DomainToDisplayAndASCII(aHost, displayHost, aResult);
if (NS_FAILED(rv)) {
return rv;
}
if (aResult.IsEmpty()) {
aResult.Assign(displayHost);
} else {
mDisplayHost = displayHost;
}
return NS_OK;
}
void nsStandardURL::CoalescePath(netCoalesceFlags coalesceFlag, char* path) {
auto resultCoalesceDirs = net_CoalesceDirs(coalesceFlag, path);
int32_t newLen = strlen(path);
if (newLen < mPath.mLen && resultCoalesceDirs) {
// Obtain indices for the last slash and the end of the basename
uint32_t lastSlash = resultCoalesceDirs->first();
uint32_t endOfBasename = resultCoalesceDirs->second();
int32_t diff = newLen - mPath.mLen;
mPath.mLen = newLen;
// The directory length includes all characters up to and
// including the last slash
mDirectory.mLen = static_cast<int32_t>(lastSlash) + 1;
// basename length includes everything after the last slash
// until hash, query, or the null char. However, if there was an extension
// we must make sure to update the length.
mBasename.mLen = static_cast<int32_t>(endOfBasename - mDirectory.mLen);
if (mExtension.mLen >= 0) {
mBasename.mLen -= 1; // Length of the . character
mBasename.mLen -= mExtension.mLen;
}
mBasename.mPos = mDirectory.mPos + mDirectory.mLen;
// Adjust the positions of extension, query, and ref as needed
// This is possible because net_CoalesceDirs does not modify their lengths
ShiftFromExtension(diff);
mFilepath.mLen += diff;
}
}
uint32_t nsStandardURL::AppendSegmentToBuf(char* buf, uint32_t i,
const char* str,
const URLSegment& segInput,
URLSegment& segOutput,
const nsCString* escapedStr,
bool useEscaped, int32_t* diff) {
MOZ_ASSERT(segInput.mLen == segOutput.mLen);
if (diff) {
*diff = 0;
}
if (segInput.mLen > 0) {
if (useEscaped) {
MOZ_ASSERT(diff);
segOutput.mLen = escapedStr->Length();
*diff = segOutput.mLen - segInput.mLen;
memcpy(buf + i, escapedStr->get(), segOutput.mLen);
} else {
memcpy(buf + i, str + segInput.mPos, segInput.mLen);
}
segOutput.mPos = i;
i += segOutput.mLen;
} else {
segOutput.mPos = i;
}
return i;
}
uint32_t nsStandardURL::AppendToBuf(char* buf, uint32_t i, const char* str,
uint32_t len) {
memcpy(buf + i, str, len);
return i + len;
}
// basic algorithm:
// 1- escape url segments (for improved GetSpec efficiency)
// 2- allocate spec buffer
// 3- write url segments
// 4- update url segment positions and lengths
nsresult nsStandardURL::BuildNormalizedSpec(const char* spec,
const Encoding* encoding) {
// Assumptions: all member URLSegments must be relative the |spec| argument
// passed to this function.
// buffers for holding escaped url segments (these will remain empty unless
// escaping is required).
nsAutoCString encUsername, encPassword, encHost, encDirectory, encBasename,
encExtension, encQuery, encRef;
bool useEncUsername, useEncPassword, useEncHost = false, useEncDirectory,
useEncBasename, useEncExtension,
useEncQuery, useEncRef;
nsAutoCString portbuf;
//
// escape each URL segment, if necessary, and calculate approximate normalized
// spec length.
//
// [scheme://][username[:password]@]host[:port]/path[?query_string][#ref]
uint32_t approxLen = 0;
// the scheme is already ASCII
if (mScheme.mLen > 0) {
approxLen +=
mScheme.mLen + 3; // includes room for "://", which we insert always
}
// encode URL segments; convert UTF-8 to origin charset and possibly escape.
// results written to encXXX variables only if |spec| is not already in the
// appropriate encoding.
{
nsSegmentEncoder encoder;
nsSegmentEncoder queryEncoder(encoding);
// Username@
approxLen += encoder.EncodeSegmentCount(spec, mUsername, esc_Username,
encUsername, useEncUsername, 0);
approxLen += 1; // reserve length for @
// :password - we insert the ':' even if there's no actual password if
// "user:@" was in the spec
if (mPassword.mLen > 0) {
approxLen += 1 + encoder.EncodeSegmentCount(spec, mPassword, esc_Password,
encPassword, useEncPassword);
}
// mHost is handled differently below due to encoding differences
MOZ_ASSERT(mPort >= -1, "Invalid negative mPort");
if (mPort != -1 && mPort != mDefaultPort) {
// :port
portbuf.AppendInt(mPort);
approxLen += portbuf.Length() + 1;
}
approxLen +=
1; // reserve space for possible leading '/' - may not be needed
// Should just use mPath? These are pessimistic, and thus waste space
approxLen += encoder.EncodeSegmentCount(spec, mDirectory, esc_Directory,
encDirectory, useEncDirectory, 1);
approxLen += encoder.EncodeSegmentCount(spec, mBasename, esc_FileBaseName,
encBasename, useEncBasename);
approxLen += encoder.EncodeSegmentCount(spec, mExtension, esc_FileExtension,
encExtension, useEncExtension, 1);
// These next ones *always* add their leading character even if length is 0
// Handles items like "http://#"
// ?query
if (mQuery.mLen >= 0) {
approxLen += 1 + queryEncoder.EncodeSegmentCount(spec, mQuery, esc_Query,
encQuery, useEncQuery);
}
// #ref
if (mRef.mLen >= 0) {
approxLen += 1 + encoder.EncodeSegmentCount(spec, mRef, esc_Ref, encRef,
useEncRef);
}
}
// do not escape the hostname, if IPv6 address literal, mHost will
// already point to a [ ] delimited IPv6 address literal.
// However, perform Unicode normalization on it, as IDN does.
// Note that we don't disallow URLs without a host - file:, etc
if (mHost.mLen > 0) {
nsDependentCSubstring tempHost(spec + mHost.mPos, mHost.mLen);
nsresult rv;
bool allowIp = !SegmentIs(spec, mScheme, "resource") &&
!SegmentIs(spec, mScheme, "chrome");
if (tempHost.First() == '[' && allowIp) {
mCheckedIfHostA = true;
rv = (nsresult)rusturl_parse_ipv6addr(&tempHost, &encHost);
if (NS_FAILED(rv)) {
return rv;
}
} else {
rv = NormalizeIDN(tempHost, encHost);
if (NS_FAILED(rv)) {
return rv;
}
if (IPv4Parser::EndsInANumber(encHost) && allowIp) {
nsAutoCString ipString;
rv = IPv4Parser::NormalizeIPv4(encHost, ipString);
if (NS_FAILED(rv)) {
return rv;
}
encHost = ipString;
}
}
// NormalizeIDN always copies, if the call was successful.
useEncHost = true;
approxLen += encHost.Length();
} else {
// empty host means empty mDisplayHost
mDisplayHost.Truncate();
mCheckedIfHostA = true;
}
// We must take a copy of every single segment because they are pointing to
// the |spec| while we are changing their value, in case we must use
// encoded strings.
URLSegment username(mUsername);
URLSegment password(mPassword);
URLSegment host(mHost);
URLSegment path(mPath);
URLSegment directory(mDirectory);
URLSegment basename(mBasename);
URLSegment extension(mExtension);
URLSegment query(mQuery);
URLSegment ref(mRef);
// The encoded string could be longer than the original input, so we need
// to check the final URI isn't longer than the max length.
if (approxLen + 1 > StaticPrefs::network_standard_url_max_length()) {
return NS_ERROR_MALFORMED_URI;
}
//
// generate the normalized URL string
//
// approxLen should be correct or 1 high
if (!mSpec.SetLength(approxLen + 1,
fallible)) { // buf needs a trailing '\0' below
return NS_ERROR_OUT_OF_MEMORY;
}
char* buf = mSpec.BeginWriting();
uint32_t i = 0;
int32_t diff = 0;
if (mScheme.mLen > 0) {
i = AppendSegmentToBuf(buf, i, spec, mScheme, mScheme);
net_ToLowerCase(buf + mScheme.mPos, mScheme.mLen);
i = AppendToBuf(buf, i, "://", 3);
}
// record authority starting position
mAuthority.mPos = i;
// append authority
if (mUsername.mLen > 0 || mPassword.mLen > 0) {
if (mUsername.mLen > 0) {
i = AppendSegmentToBuf(buf, i, spec, username, mUsername, &encUsername,
useEncUsername, &diff);
ShiftFromPassword(diff);
} else {
mUsername.mLen = -1;
}
if (password.mLen > 0) {
buf[i++] = ':';
i = AppendSegmentToBuf(buf, i, spec, password, mPassword, &encPassword,
useEncPassword, &diff);
ShiftFromHost(diff);
} else {
mPassword.mLen = -1;
}
buf[i++] = '@';
} else {
mUsername.mLen = -1;
mPassword.mLen = -1;
}
if (host.mLen > 0) {
i = AppendSegmentToBuf(buf, i, spec, host, mHost, &encHost, useEncHost,
&diff);
ShiftFromPath(diff);
MOZ_ASSERT(mPort >= -1, "Invalid negative mPort");
if (mPort != -1 && mPort != mDefaultPort) {
buf[i++] = ':';
// Already formatted while building approxLen
i = AppendToBuf(buf, i, portbuf.get(), portbuf.Length());
}
}
// record authority length
mAuthority.mLen = i - mAuthority.mPos;
// path must always start with a "/"
if (mPath.mLen <= 0) {
LOG(("setting path=/"));
mDirectory.mPos = mFilepath.mPos = mPath.mPos = i;
mDirectory.mLen = mFilepath.mLen = mPath.mLen = 1;
// basename must exist, even if empty (bug 113508)
mBasename.mPos = i + 1;
mBasename.mLen = 0;
buf[i++] = '/';
} else {
uint32_t leadingSlash = 0;
if (spec[path.mPos] != '/') {
LOG(("adding leading slash to path\n"));
leadingSlash = 1;
buf[i++] = '/';
// basename must exist, even if empty (bugs 113508, 429347)
if (mBasename.mLen == -1) {
mBasename.mPos = basename.mPos = i;
mBasename.mLen = basename.mLen = 0;
}
}
// record corrected (file)path starting position
mPath.mPos = mFilepath.mPos = i - leadingSlash;
i = AppendSegmentToBuf(buf, i, spec, directory, mDirectory, &encDirectory,
useEncDirectory, &diff);
ShiftFromBasename(diff);
// the directory must end with a '/'
if (buf[i - 1] != '/') {
buf[i++] = '/';
mDirectory.mLen++;
}
i = AppendSegmentToBuf(buf, i, spec, basename, mBasename, &encBasename,
useEncBasename, &diff);
ShiftFromExtension(diff);
// make corrections to directory segment if leadingSlash
if (leadingSlash) {
mDirectory.mPos = mPath.mPos;
if (mDirectory.mLen >= 0) {
mDirectory.mLen += leadingSlash;
} else {
mDirectory.mLen = 1;
}
}
if (mExtension.mLen >= 0) {
buf[i++] = '.';
i = AppendSegmentToBuf(buf, i, spec, extension, mExtension, &encExtension,
useEncExtension, &diff);
ShiftFromQuery(diff);
}
// calculate corrected filepath length
mFilepath.mLen = i - mFilepath.mPos;
if (mQuery.mLen >= 0) {
buf[i++] = '?';
i = AppendSegmentToBuf(buf, i, spec, query, mQuery, &encQuery,
useEncQuery, &diff);
ShiftFromRef(diff);
}
if (mRef.mLen >= 0) {
buf[i++] = '#';
i = AppendSegmentToBuf(buf, i, spec, ref, mRef, &encRef, useEncRef,
&diff);
}
// calculate corrected path length
mPath.mLen = i - mPath.mPos;
}
buf[i] = '\0';
if (SegmentIs(buf, mScheme, "file")) {
char* path = &buf[mPath.mPos];
// To account for cases like file:///w|/m and file:///c|
if (mPath.mLen >= 3 && path[0] == '/' && IsAsciiAlpha(path[1]) &&
path[2] == '|' && (mPath.mLen == 3 || path[3] == '/')) {
buf[mPath.mPos + 2] = ':';
}
}
if (mDirectory.mLen > 0) {
netCoalesceFlags coalesceFlag = NET_COALESCE_NORMAL;
if (SegmentIs(buf, mScheme, "ftp")) {
coalesceFlag =
(netCoalesceFlags)(coalesceFlag | NET_COALESCE_ALLOW_RELATIVE_ROOT |
NET_COALESCE_DOUBLE_SLASH_IS_ROOT);
}
CoalescePath(coalesceFlag, buf + mDirectory.mPos);
}
mSpec.Truncate(strlen(buf));
NS_ASSERTION(mSpec.Length() <= approxLen,
"We've overflowed the mSpec buffer!");
MOZ_ASSERT(mSpec.Length() <= StaticPrefs::network_standard_url_max_length(),
"The spec should never be this long, we missed a check.");
MOZ_ASSERT(mUsername.mLen != 0 && mPassword.mLen != 0);
return NS_OK;
}
bool nsStandardURL::SegmentIs(const URLSegment& seg, const char* val,
bool ignoreCase) {
// one or both may be null
if (!val || mSpec.IsEmpty()) {
return (!val && (mSpec.IsEmpty() || seg.mLen < 0));
}
if (seg.mLen < 0) {
return false;
}
// if the first |seg.mLen| chars of |val| match, then |val| must
// also be null terminated at |seg.mLen|.
if (ignoreCase) {
return !nsCRT::strncasecmp(mSpec.get() + seg.mPos, val, seg.mLen) &&
(val[seg.mLen] == '\0');
}
return !strncmp(mSpec.get() + seg.mPos, val, seg.mLen) &&
(val[seg.mLen] == '\0');
}
bool nsStandardURL::SegmentIs(const char* spec, const URLSegment& seg,
const char* val, bool ignoreCase) {
// one or both may be null
if (!val || !spec) {
return (!val && (!spec || seg.mLen < 0));
}
if (seg.mLen < 0) {
return false;
}
// if the first |seg.mLen| chars of |val| match, then |val| must
// also be null terminated at |seg.mLen|.
if (ignoreCase) {
return !nsCRT::strncasecmp(spec + seg.mPos, val, seg.mLen) &&
(val[seg.mLen] == '\0');
}
return !strncmp(spec + seg.mPos, val, seg.mLen) && (val[seg.mLen] == '\0');
}
bool nsStandardURL::SegmentIs(const URLSegment& seg1, const char* val,
const URLSegment& seg2, bool ignoreCase) {
if (seg1.mLen != seg2.mLen) {
return false;
}
if (seg1.mLen == -1 || (!val && mSpec.IsEmpty())) {
return true; // both are empty
}
if (!val) {
return false;
}
if (ignoreCase) {
return !nsCRT::strncasecmp(mSpec.get() + seg1.mPos, val + seg2.mPos,
seg1.mLen);
}
return !strncmp(mSpec.get() + seg1.mPos, val + seg2.mPos, seg1.mLen);
}
int32_t nsStandardURL::ReplaceSegment(uint32_t pos, uint32_t len,
const char* val, uint32_t valLen) {
if (val && valLen) {
if (len == 0) {
mSpec.Insert(val, pos, valLen);
} else {
mSpec.Replace(pos, len, nsDependentCString(val, valLen));
}
return valLen - len;
}
// else remove the specified segment
mSpec.Cut(pos, len);
return -int32_t(len);
}
int32_t nsStandardURL::ReplaceSegment(uint32_t pos, uint32_t len,
const nsACString& val) {
if (len == 0) {
mSpec.Insert(val, pos);
} else {
mSpec.Replace(pos, len, val);
}
return val.Length() - len;
}
nsresult nsStandardURL::ParseURL(const char* spec, int32_t specLen) {
nsresult rv;
if (specLen > (int32_t)StaticPrefs::network_standard_url_max_length()) {
return NS_ERROR_MALFORMED_URI;
}
//
// parse given URL string
//
uint32_t schemePos = mScheme.mPos;
int32_t schemeLen = mScheme.mLen;
uint32_t authorityPos = mAuthority.mPos;
int32_t authorityLen = mAuthority.mLen;
uint32_t pathPos = mPath.mPos;
int32_t pathLen = mPath.mLen;
rv = mParser->ParseURL(spec, specLen, &schemePos, &schemeLen, &authorityPos,
&authorityLen, &pathPos, &pathLen);
if (NS_FAILED(rv)) {
return rv;
}
mScheme.mPos = schemePos;
mScheme.mLen = schemeLen;
mAuthority.mPos = authorityPos;
mAuthority.mLen = authorityLen;
mPath.mPos = pathPos;
mPath.mLen = pathLen;
#ifdef DEBUG
if (mScheme.mLen <= 0) {
printf("spec=%s\n", spec);
NS_WARNING("malformed url: no scheme");
}
#endif
if (mAuthority.mLen > 0) {
uint32_t usernamePos = mUsername.mPos;
int32_t usernameLen = mUsername.mLen;
uint32_t passwordPos = mPassword.mPos;
int32_t passwordLen = mPassword.mLen;
uint32_t hostPos = mHost.mPos;
int32_t hostLen = mHost.mLen;
rv = mParser->ParseAuthority(spec + mAuthority.mPos, mAuthority.mLen,
&usernamePos, &usernameLen, &passwordPos,
&passwordLen, &hostPos, &hostLen, &mPort);
if (NS_FAILED(rv)) {
return rv;
}
mUsername.mPos = usernamePos;
mUsername.mLen = usernameLen;
mPassword.mPos = passwordPos;
mPassword.mLen = passwordLen;
mHost.mPos = hostPos;
mHost.mLen = hostLen;
// Don't allow mPort to be set to this URI's default port
if (mPort == mDefaultPort) {
mPort = -1;
}
mUsername.mPos += mAuthority.mPos;
mPassword.mPos += mAuthority.mPos;
mHost.mPos += mAuthority.mPos;
}
if (mPath.mLen > 0) {
rv = ParsePath(spec, mPath.mPos, mPath.mLen);
}
return rv;
}
nsresult nsStandardURL::ParsePath(const char* spec, uint32_t pathPos,
int32_t pathLen) {
LOG(("ParsePath: %s pathpos %d len %d\n", spec, pathPos, pathLen));
if (pathLen > (int32_t)StaticPrefs::network_standard_url_max_length()) {
return NS_ERROR_MALFORMED_URI;
}
uint32_t filePathPos = mFilepath.mPos;
int32_t filePathLen = mFilepath.mLen;
uint32_t queryPos = mQuery.mPos;
int32_t queryLen = mQuery.mLen;
uint32_t refPos = mRef.mPos;
int32_t refLen = mRef.mLen;
nsresult rv =
mParser->ParsePath(spec + pathPos, pathLen, &filePathPos, &filePathLen,
&queryPos, &queryLen, &refPos, &refLen);
if (NS_FAILED(rv)) {
return rv;
}
mFilepath.mPos = filePathPos;
mFilepath.mLen = filePathLen;
mQuery.mPos = queryPos;
mQuery.mLen = queryLen;
mRef.mPos = refPos;
mRef.mLen = refLen;
mFilepath.mPos += pathPos;
mQuery.mPos += pathPos;
mRef.mPos += pathPos;
if (mFilepath.mLen > 0) {
uint32_t directoryPos = mDirectory.mPos;
int32_t directoryLen = mDirectory.mLen;
uint32_t basenamePos = mBasename.mPos;
int32_t basenameLen = mBasename.mLen;
uint32_t extensionPos = mExtension.mPos;
int32_t extensionLen = mExtension.mLen;
rv = mParser->ParseFilePath(spec + mFilepath.mPos, mFilepath.mLen,
&directoryPos, &directoryLen, &basenamePos,
&basenameLen, &extensionPos, &extensionLen);
if (NS_FAILED(rv)) {
return rv;
}
mDirectory.mPos = directoryPos;
mDirectory.mLen = directoryLen;
mBasename.mPos = basenamePos;
mBasename.mLen = basenameLen;
mExtension.mPos = extensionPos;
mExtension.mLen = extensionLen;
mDirectory.mPos += mFilepath.mPos;
mBasename.mPos += mFilepath.mPos;
mExtension.mPos += mFilepath.mPos;
}
return NS_OK;
}
char* nsStandardURL::AppendToSubstring(uint32_t pos, int32_t len,
const char* tail) {
// Verify pos and length are within boundaries
if (pos > mSpec.Length()) {
return nullptr;
}
if (len < 0) {
return nullptr;
}
if ((uint32_t)len > (mSpec.Length() - pos)) {
return nullptr;
}
if (!tail) {
return nullptr;
}
uint32_t tailLen = strlen(tail);
// Check for int overflow for proposed length of combined string
if (UINT32_MAX - ((uint32_t)len + 1) < tailLen) {
return nullptr;
}
char* result = (char*)moz_xmalloc(len + tailLen + 1);
memcpy(result, mSpec.get() + pos, len);
memcpy(result + len, tail, tailLen);
result[len + tailLen] = '\0';
return result;
}
nsresult nsStandardURL::ReadSegment(nsIBinaryInputStream* stream,
URLSegment& seg) {
nsresult rv;
uint32_t pos = seg.mPos;
rv = stream->Read32(&pos);
if (NS_FAILED(rv)) {
return rv;
}
seg.mPos = pos;
uint32_t len = seg.mLen;
rv = stream->Read32(&len);
if (NS_FAILED(rv)) {
return rv;
}
CheckedInt<int32_t> checkedLen(len);
if (!checkedLen.isValid()) {
seg.mLen = -1;
} else {
seg.mLen = len;
}
return NS_OK;
}
nsresult nsStandardURL::WriteSegment(nsIBinaryOutputStream* stream,
const URLSegment& seg) {
nsresult rv;
rv = stream->Write32(seg.mPos);
if (NS_FAILED(rv)) {
return rv;
}
rv = stream->Write32(uint32_t(seg.mLen));
if (NS_FAILED(rv)) {
return rv;
}
return NS_OK;
}
#define SHIFT_FROM(name, what) \
void nsStandardURL::name(int32_t diff) { \
if (!diff) return; \
if ((what).mLen >= 0) { \
CheckedInt<int32_t> pos = (uint32_t)(what).mPos; \
pos += diff; \
MOZ_ASSERT(pos.isValid()); \
(what).mPos = pos.value(); \
} else { \
MOZ_RELEASE_ASSERT((what).mLen == -1); \
}
#define SHIFT_FROM_NEXT(name, what, next) \
SHIFT_FROM(name, what) \
next(diff); \
}
#define SHIFT_FROM_LAST(name, what) \
SHIFT_FROM(name, what) \
}
SHIFT_FROM_NEXT(ShiftFromAuthority, mAuthority, ShiftFromUsername)
SHIFT_FROM_NEXT(ShiftFromUsername, mUsername, ShiftFromPassword)
SHIFT_FROM_NEXT(ShiftFromPassword, mPassword, ShiftFromHost)
SHIFT_FROM_NEXT(ShiftFromHost, mHost, ShiftFromPath)
SHIFT_FROM_NEXT(ShiftFromPath, mPath, ShiftFromFilepath)
SHIFT_FROM_NEXT(ShiftFromFilepath, mFilepath, ShiftFromDirectory)
SHIFT_FROM_NEXT(ShiftFromDirectory, mDirectory, ShiftFromBasename)
SHIFT_FROM_NEXT(ShiftFromBasename, mBasename, ShiftFromExtension)
SHIFT_FROM_NEXT(ShiftFromExtension, mExtension, ShiftFromQuery)