Bug 1696685 - r=xpcom-reviewers,necko-reviewers,valentin,nika

Differential Revision: https://phabricator.services.mozilla.com/D128630

netwerk/base/nsINetUtil.idl

@@ -157,6 +157,9 @@ interface nsINetUtil : nsISupports
   /** Skip C0 and DEL from unescaping */
   const unsigned long ESCAPE_URL_SKIP_CONTROL = 1 << 15;
 
+  /** %XX-escape external protocol handler URL */
+  const unsigned long ESCAPE_URL_EXT_HANDLER = 1 << 17;
+
   /**
    * %XX-Escape invalid chars in a URL segment.
    *

uriloader/exthandler/nsExternalHelperAppService.cpp

@@ -994,6 +994,25 @@ static const char kExternalProtocolPrefPrefix[] =
 static const char kExternalProtocolDefaultPref[] =
     "network.protocol-handler.external-default";
 
+// static
+nsresult nsExternalHelperAppService::EscapeURI(nsIURI* aURI, nsIURI** aResult) {
+  MOZ_ASSERT(aURI);
+  MOZ_ASSERT(aResult);
+
+  nsAutoCString spec;
+  aURI->GetSpec(spec);
+
+  if (spec.Find("%00") != -1) return NS_ERROR_MALFORMED_URI;
+
+  nsAutoCString escapedSpec;
+  nsresult rv = NS_EscapeURL(spec, esc_AlwaysCopy | esc_ExtHandler, escapedSpec,
+                             fallible);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  nsCOMPtr<nsIIOService> ios(do_GetIOService());
+  return ios->NewURI(escapedSpec, nullptr, nullptr, aResult);
+}
+
 NS_IMETHODIMP
 nsExternalHelperAppService::LoadURI(nsIURI* aURI,
                                     nsIPrincipal* aTriggeringPrincipal,
@@ -1007,21 +1026,12 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI,
     return NS_OK;
   }
 
-  nsAutoCString spec;
-  aURI->GetSpec(spec);
-
-  if (spec.Find("%00") != -1) return NS_ERROR_MALFORMED_URI;
-
-  spec.ReplaceSubstring("\"", "%22");
-  spec.ReplaceSubstring("`", "%60");
-
-  nsCOMPtr<nsIIOService> ios(do_GetIOService());
-  nsCOMPtr<nsIURI> uri;
-  nsresult rv = ios->NewURI(spec, nullptr, nullptr, getter_AddRefs(uri));
+  nsCOMPtr<nsIURI> escapedURI;
+  nsresult rv = EscapeURI(aURI, getter_AddRefs(escapedURI));
   NS_ENSURE_SUCCESS(rv, rv);
 
   nsAutoCString scheme;
-  uri->GetScheme(scheme);
+  escapedURI->GetScheme(scheme);
   if (scheme.IsEmpty()) return NS_OK;  // must have a scheme
 
   // Deny load if the prefs say to do so
@@ -1104,7 +1114,7 @@ nsExternalHelperAppService::LoadURI(nsIURI* aURI,
       do_CreateInstance("@mozilla.org/content-dispatch-chooser;1", &rv);
   NS_ENSURE_SUCCESS(rv, rv);
 
-  return chooser->HandleURI(handler, uri, aTriggeringPrincipal,
+  return chooser->HandleURI(handler, escapedURI, aTriggeringPrincipal,
                             aBrowsingContext, aTriggeredExternally);
 }
 

uriloader/exthandler/nsExternalHelperAppService.h

@@ -83,6 +83,7 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService,
                                bool* aResult) override;
   NS_IMETHOD GetProtocolHandlerInfo(const nsACString& aScheme,
                                     nsIHandlerInfo** aHandlerInfo) override;
+
   NS_IMETHOD LoadURI(nsIURI* aURI, nsIPrincipal* aTriggeringPrincipal,
                      mozilla::dom::BrowsingContext* aBrowsingContext,
                      bool aWasTriggeredExternally) override;
@@ -119,6 +120,9 @@ class nsExternalHelperAppService : public nsIExternalHelperAppService,
 
   static already_AddRefed<nsExternalHelperAppService> GetSingleton();
 
+  // Internal method. Only called directly from tests.
+  static nsresult EscapeURI(nsIURI* aURI, nsIURI** aResult);
+
  protected:
   virtual ~nsExternalHelperAppService();
 

xpcom/io/nsEscape.cpp

@@ -245,40 +245,41 @@ void nsAppendEscapedHTML(const nsACString& aSrc, nsACString& aDst) {
 // parts of an URL.  The bits are the "url components" in the enum EscapeMask,
 // see nsEscape.h.
 //
-// esc_Scheme        =     1
-// esc_Username      =     2
-// esc_Password      =     4
-// esc_Host          =     8
-// esc_Directory     =    16
-// esc_FileBaseName  =    32
-// esc_FileExtension =    64
-// esc_Param         =   128
-// esc_Query         =   256
-// esc_Ref           =   512
+// esc_Scheme        =      1
+// esc_Username      =      2
+// esc_Password      =      4
+// esc_Host          =      8
+// esc_Directory     =     16
+// esc_FileBaseName  =     32
+// esc_FileExtension =     64
+// esc_Param         =    128
+// esc_Query         =    256
+// esc_Ref           =    512
+// esc_ExtHandler    = 131072
 
 static const uint32_t EscapeChars[256] =
     // clang-format off
-//   0    1    2    3    4    5    6    7    8    9    A    B    C    D    E    F
+//     0      1      2      3      4      5      6      7      8      9      A      B      C      D      E      F
 {
-     0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,  // 0x
-     0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,   0,  // 1x
-     0,1023,   0, 512,1023,   0,1023, 624,1023,1023,1023,1023,1023,1023, 953, 784,  // 2x   !"#$%&'()*+,-./
-  1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1008,1008,   0,1008,   0, 768,  // 3x  0123456789:;<=>?
-  1008,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,  // 4x  @ABCDEFGHIJKLMNO
-  1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1008, 896,1008, 896,1023,  // 5x  PQRSTUVWXYZ[\]^_
-   384,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,  // 6x  `abcdefghijklmno
-  1023,1023,1023,1023,1023,1023,1023,1023,1023,1023,1023, 896,1012, 896,1023,   0,  // 7x  pqrstuvwxyz{|}~ DEL
-     0                                                                              // 80 to FF are zero
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,  // 0x
+       0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,     0,  // 1x
+       0,132095,     0,131584,132095,     0,132095,131696,132095,132095,132095,132095,132095,132095,132025,131856,  // 2x   !"#$%&'()*+,-./
+  132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132080,132080,     0,132080,     0,131840,  // 3x  0123456789:;<=>?
+  132080,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,  // 4x  @ABCDEFGHIJKLMNO
+  132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132080,   896,132080,   896,132095,  // 5x  PQRSTUVWXYZ[\]^_
+     384,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,  // 6x  `abcdefghijklmno
+  132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,132095,   896,  1012,   896,132095,     0,  // 7x  pqrstuvwxyz{|}~ DEL
+       0                                                                                                            // 80 to FF are zero
 };
 // clang-format on
 
-static uint16_t dontNeedEscape(unsigned char aChar, uint32_t aFlags) {
+static bool dontNeedEscape(unsigned char aChar, uint32_t aFlags) {
   return EscapeChars[(uint32_t)aChar] & aFlags;
 }
-static uint16_t dontNeedEscape(uint16_t aChar, uint32_t aFlags) {
+static bool dontNeedEscape(uint16_t aChar, uint32_t aFlags) {
   return aChar < mozilla::ArrayLength(EscapeChars)
              ? (EscapeChars[(uint32_t)aChar] & aFlags)
-             : 0;
+             : false;
 }
 
 //----------------------------------------------------------------------------------------

xpcom/io/nsEscape.h

@@ -104,7 +104,10 @@ enum EscapeMask {
       1u << 13, /* copy input to result buf even if escaping is unnecessary */
   esc_Colon = 1u << 14,       /* forces escape of colon */
   esc_SkipControl = 1u << 15, /* skips C0 and DEL from unescaping */
-  esc_Spaces = 1u << 16       /* forces escape of spaces */
+  esc_Spaces = 1u << 16,      /* forces escape of spaces */
+  esc_ExtHandler = 1u << 17   /* For escaping external protocol handler urls.
+                              /* Escapes everything except:
+                              /* a-z, 0-9 and !#$&'()*+,-./:;=?@[]_~ */
 };
 
 /**