Bug 1020041 - host limit in nsStandardURL, r=jduell, r=valentin

--HG-- rename : dom/base/test/test_url_empty_port.html => dom/base/test/test_url_malformedHost.html
2014-06-10 12:53:54 +01:00 · 2014-06-10 12:53:54 +01:00 · d1365e73a4
--- a/content/base/src/Link.cpp
+++ b/content/base/src/Link.cpp
@ -183,7 +183,6 @@ Link::SetHost(const nsAString &aHost)

  (void)uri->SetHostPort(NS_ConvertUTF16toUTF8(aHost));
  SetHrefAttribute(uri);
-  return;
 }

 void
--- a/dom/base/test/mochitest.ini
+++ b/dom/base/test/mochitest.ini
@ -64,6 +64,7 @@ skip-if = (buildapp == 'b2g' && toolkit != 'gonk') #Bug 931116, b2g desktop spec
 [test_url.html]
 [test_url_data.html]
 [test_url_empty_port.html]
+[test_url_malformedHost.html]
 [test_urlExceptions.html]
 [test_urlSearchParams.html]
 [test_urlutils_stringify.html]
--- a/dom/base/test/test_url_malformedHost.html
+++ b/dom/base/test/test_url_malformedHost.html
@ -0,0 +1,48 @@
+
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=1020041
+-->
+<head>
+  <meta charset="utf-8">
+  <title>Test for Bug 1020041</title>
+  <script type="application/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css"/>
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=1020041">Mozilla Bug 1020041</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  <iframe name="x" id="x"></iframe>
+  <iframe name="y" id="y"></iframe>
+</div>
+<pre id="test">
+</pre>
+  <a id="link" href="http://www.example.com:8080">foobar</a>
+  <area id="area" href="http://www.example.com:8080" />
+  <script type="application/javascript">
+
+  var tests = [
+    { host: '?', expected: 'www.example.com' },
+    { host: 'what?' , expected: 'what' },
+    { host: 'so what' , expected: 'www.example.com' },
+    { host: 'aa#bb' , expected: 'aa' },
+    { host: 'a/b' , expected: 'a' },
+    { host: 'a\\b', expected: 'a' },
+    { host: '[2001::1]#bla:10', expected: '[2001::1]'}
+  ];
+
+  for (var i = 0; i < tests.length; ++i) {
+    var url = new URL('http://www.example.com');
+    url.host = tests[i].host;
+    is (url.host, tests[i].expected, "URL.host is: " + url.host);
+
+    url = new URL('http://www.example.com');
+    url.hostname = tests[i].host;
+    is (url.hostname, tests[i].expected, "URL.hostname is: " + url.host);
+  }
+
+  </script>
+</body>
+</html>
--- a/netwerk/base/src/nsStandardURL.cpp
+++ b/netwerk/base/src/nsStandardURL.cpp
@ -35,6 +35,7 @@ nsIIDNService *nsStandardURL::gIDN = nullptr;
 bool nsStandardURL::gInitialized = false;
 bool nsStandardURL::gEscapeUTF8 = true;
 bool nsStandardURL::gAlwaysEncodeInUTF8 = true;
+char nsStandardURL::gHostLimitDigits[] = { '/', '\\', '?', '#', 0 };

 #if defined(PR_LOGGING)
 //
@ -1423,6 +1424,18 @@ nsStandardURL::SetPassword(const nsACString &input)
    return NS_OK;
 }

+void
+nsStandardURL::FindHostLimit(nsACString::const_iterator& aStart,
+                             nsACString::const_iterator& aEnd)
+{
+  for (int32_t i = 0; gHostLimitDigits[i]; ++i) {
+    nsACString::const_iterator c(aStart);
+    if (FindCharInReadable(gHostLimitDigits[i], c, aEnd)) {
+      aEnd = c;
+    }
+  }
+}
+
 NS_IMETHODIMP
 nsStandardURL::SetHostPort(const nsACString &aValue)
 {
@ -1438,6 +1451,8 @@ nsStandardURL::SetHostPort(const nsACString &aValue)
    nsACString::const_iterator iter(start);
    bool isIPv6 = false;

+    FindHostLimit(start, end);
+
    if (*start == '[') { // IPv6 address
        if (!FindCharInReadable(']', iter, end)) {
            // the ] character is missing
@ -1496,7 +1511,15 @@ nsStandardURL::SetHost(const nsACString &input)
 {
    ENSURE_MUTABLE();

-    const nsPromiseFlatCString &flat = PromiseFlatCString(input);
+    const nsPromiseFlatCString &hostname = PromiseFlatCString(input);
+
+    nsACString::const_iterator start, end;
+    hostname.BeginReading(start);
+    hostname.EndReading(end);
+
+    FindHostLimit(start, end);
+
+    const nsCString flat(Substring(start, end));
    const char *host = flat.get();

    LOG(("nsStandardURL::SetHost [host=%s]\n", host));
--- a/netwerk/base/src/nsStandardURL.h
+++ b/netwerk/base/src/nsStandardURL.h
@ -226,6 +226,9 @@ private:

    static void PrefsChanged(nsIPrefBranch *prefs, const char *pref);

+    void FindHostLimit(nsACString::const_iterator& aStart,
+                       nsACString::const_iterator& aEnd);
+
    // mSpec contains the normalized version of the URL spec (UTF-8 encoded).
    nsCString mSpec;
    int32_t   mDefaultPort;
@ -270,6 +273,7 @@ private:
    // global objects.  don't use COMPtr as its destructor will cause a
    // coredump if we leak it.
    static nsIIDNService               *gIDN;
+    static char                         gHostLimitDigits[];
    static bool                         gInitialized;
    static bool                         gEscapeUTF8;
    static bool                         gAlwaysEncodeInUTF8;