bug 368998: when normalizing hostnames, we don't properly escape non-alphanumerics

patch: do our own escaping of hostnames r=bryner
2007-02-08 18:10:48 +00:00 · 2007-02-08 18:10:48 +00:00 · e05dd4f97f
--- a/testing/mochitest/tests/test_bug356355.xhtml
+++ b/testing/mochitest/tests/test_bug356355.xhtml
@ -275,7 +275,7 @@ testing["http://poseidon.marinet.gr/~elani"] = "poseidon.marinet.gr";
 testing["http://www.google.com.."] = "www.google.com";
 testing["https://www.yaho%6F.com"] = "www.yahoo.com";
 testing["http://012.034.01.0xa"] = "10.28.1.10";
-testing["ftp://wierd..chars...%0f,%fa"] = "wierd.chars.,";
+testing["ftp://wierd..chars...%0f,%fa"] = "wierd.chars.%2c";
 testing["http://0x18ac89d5/http.www.paypal.com/"] = "24.172.137.213";
 testing["http://413960661/http.www.paypal.com/"] = "24.172.137.213";
 testing["http://03053104725/http.www.paypal.com/"] = "24.172.137.213";
--- a/testing/mochitest/tests/test_bug368998.xhtml
+++ b/testing/mochitest/tests/test_bug368998.xhtml
@ -0,0 +1,67 @@
+<html xmlns="http://www.w3.org/1999/xhtml">
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=368998
+-->
+<head>
+  <title>Test for Bug 368998</title>
+  <script type="text/javascript" src="/MochiKit/packed.js"></script>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>        
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=368998">Mozilla Bug 368998</a>
+<p id="display"></p>
+<div id="content" style="display: none">
+  
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+<![CDATA[
+
+/** Test for Bug 368998 - hostname canonicalization **/
+
+// test charmap
+netscape.security.PrivilegeManager.enablePrivilege('UniversalXPConnect');
+var Cc = Components.classes;
+var Ci = Components.interfaces;
+var table = Cc["@mozilla.org/url-classifier/table;1?type=url"].createInstance();
+var componentScope = table.wrappedJSObject.__parent__;
+ok(!!componentScope, "unable to get wrapped js object");
+
+var PROT_EnchashDecrypter = componentScope.PROT_EnchashDecrypter;
+var enchash = new PROT_EnchashDecrypter();
+
+// escapeCharmap_ should be true for non-alphanumeric, non-hyphen, and
+// non-dot chars
+for (var i = 0; i < 256; ++i) {
+  var chr = String.fromCharCode(i);
+  if ( (chr.toLowerCase() >= 'a' && chr.toLowerCase() <= 'z') ||
+       (chr >= '0' && chr <= '9') ||
+       '.' == chr || '-' == chr) {
+    ok(!enchash.escapeCharmap_.contains(chr), 'failed on ' + i);
+  } else {
+    ok(enchash.escapeCharmap_.contains(chr), 'failed on ' + i);
+  }
+}
+
+// Test canonicalizeHost
+var tests = {
+  'http://www.mozilla.org/foo': 'www.mozilla.org',
+  'http://,=.mozilla.org/foo': '%2c%3d.mozilla.org',
+  'http://f00.b4r.mozi=lla.org/': 'f00.b4r.mozi%3dlla.org',
+  'http://a-_b.mozilla.org/': 'a-%5fb.mozilla.org',
+  'http://z%38bl%61h%%2F.com/': 'z8blah%25%2f.com',
+  'http://moZilla.Org/': 'mozilla.org'
+}
+
+for (var url in tests) {
+  ok(enchash.getCanonicalHost(url) == tests[url],
+     'expected ' + tests[url] + ' but got ' + enchash.getCanonicalHost(url));
+}
+
+]]>
+</script>
+</pre>
+</body>
+</html>
+
--- a/toolkit/components/url-classifier/content/enchash-decrypter.js
+++ b/toolkit/components/url-classifier/content/enchash-decrypter.js
@ -51,9 +51,37 @@
 //
 // This code should not change, except to fix bugs.
 //
-// TODO: verify that using encodeURI() in getCanonicalHost is OK
 // TODO: accommodate other kinds of perl-but-not-javascript qualifiers

+/**
+ * A fast, bit-vector map for ascii characters.
+ *
+ * Internally stores 256 bits in an array of 8 ints.
+ * Does quick bit-flicking to lookup needed characters.
+ */
+
+/**
+ * @param Takes 8 ints to initialize the character map
+ */
+function Charmap() {
+  if (arguments.length != 8) {
+    throw G_Error("charmap ctor requires 8 int args");
+  }
+  this.map_ = [];
+  for (var i = 0; i < 8; ++i) {
+    this.map_.push(arguments[i]);
+  }
+}
+
+/**
+ * Do a quick lookup to see if the letter is in the map.
+ * @param chr String of length 1 (ascii)
+ * @return Boolean true if the letter is in the map
+ */
+Charmap.prototype.contains = function(chr) {
+  var val = chr.charCodeAt(0);
+  return !!(this.map_[val >> 5] & (1 << (val & 31)));
+}

 /**
 * This thing knows how to generate lookup keys and decrypt values found in
@ -66,6 +94,9 @@ function PROT_EnchashDecrypter() {
  this.base64_ = new G_Base64();
  this.streamCipher_ = Cc["@mozilla.org/security/streamcipher;1"]
                       .createInstance(Ci.nsIStreamCipher);
+  this.escapeCharmap_ = new Charmap(
+    0xffffffff, 0xfc009fff, 0xf8000001, 0xf8000001,
+    0xffffffff, 0xffffffff, 0xffffffff, 0xffffffff);
 }

 PROT_EnchashDecrypter.DATABASE_SALT = "oU3q.72p";
@ -211,9 +242,15 @@ PROT_EnchashDecrypter.prototype.getCanonicalHost = function(str, opt_maxDots) {
  if (temp)
    unescaped = temp;

-  // TODO: what, exactly is it supposed to escape? This doesn't esecape 
-  // ":", "/", ";", and "?"
-  var escaped = encodeURI(unescaped);
+  // Escape everything that's not alphanumeric, hyphen, or dot.
+  var escaped = '';
+  for (var i = 0; i < unescaped.length; ++i) {
+    if (this.escapeCharmap_.contains(unescaped[i])) {
+      escaped += '%' + unescaped.charCodeAt(i).toString(16);
+    } else {
+      escaped += unescaped[i];
+    }
+  }

  if (opt_maxDots) {
    // Limit the number of dots