summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Groh <mail@linusgroh.de>2022-10-13 18:30:15 +0200
committerLinus Groh <mail@linusgroh.de>2022-10-30 20:10:29 +0000
commit62228f087064f3e337479e51266a820a7bb6ee09 (patch)
tree3f1d74d4946928ddafa9840ae26f8acafc64375e
parent7fd4c7b0c67d343f66471553a097d4f962418426 (diff)
downloadserenity-62228f087064f3e337479e51266a820a7bb6ee09.zip
LibWeb: Implement 'Should request be blocked due to a bad port' AO
-rw-r--r--Userland/Libraries/LibWeb/CMakeLists.txt1
-rw-r--r--Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.cpp118
-rw-r--r--Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.h18
-rw-r--r--Userland/Libraries/LibWeb/Fetch/Infrastructure/RequestOrResponseBlocking.h19
4 files changed, 156 insertions, 0 deletions
diff --git a/Userland/Libraries/LibWeb/CMakeLists.txt b/Userland/Libraries/LibWeb/CMakeLists.txt
index 1de1f4554e..4ae2d2db43 100644
--- a/Userland/Libraries/LibWeb/CMakeLists.txt
+++ b/Userland/Libraries/LibWeb/CMakeLists.txt
@@ -131,6 +131,7 @@ set(SOURCES
Fetch/Infrastructure/HTTP/Requests.cpp
Fetch/Infrastructure/HTTP/Responses.cpp
Fetch/Infrastructure/HTTP/Statuses.cpp
+ Fetch/Infrastructure/PortBlocking.cpp
Fetch/Infrastructure/URL.cpp
Fetch/Request.cpp
Fetch/Response.cpp
diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.cpp b/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.cpp
new file mode 100644
index 0000000000..bdfc572c38
--- /dev/null
+++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.cpp
@@ -0,0 +1,118 @@
+/*
+ * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#include <AK/Array.h>
+#include <AK/BinarySearch.h>
+#include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
+#include <LibWeb/Fetch/Infrastructure/PortBlocking.h>
+#include <LibWeb/Fetch/Infrastructure/URL.h>
+
+namespace Web::Fetch::Infrastructure {
+
+// https://fetch.spec.whatwg.org/#block-bad-port
+RequestOrResponseBlocking block_bad_port(Request const& request)
+{
+ // 1. Let url be request’s current URL.
+ auto const& url = request.current_url();
+
+ // 2. If url’s scheme is an HTTP(S) scheme and url’s port is a bad port, then return blocked.
+ if (is_http_or_https_scheme(url.scheme()) && url.port().has_value() && is_bad_port(*url.port()))
+ return RequestOrResponseBlocking::Blocked;
+
+ // 3. Return allowed.
+ return RequestOrResponseBlocking::Allowed;
+}
+
+// https://fetch.spec.whatwg.org/#bad-port
+bool is_bad_port(u16 port)
+{
+ // A port is a bad port if it is listed in the first column of the following table.
+ static constexpr auto bad_ports = Array {
+ 1, // tcpmux
+ 7, // echo
+ 9, // discard
+ 11, // systat
+ 13, // daytime
+ 15, // netstat
+ 17, // qotd
+ 19, // chargen
+ 20, // ftp-data
+ 21, // ftp
+ 22, // ssh
+ 23, // telnet
+ 25, // smtp
+ 37, // time
+ 42, // name
+ 43, // nicname
+ 53, // domain
+ 69, // tftp
+ 77, // —
+ 79, // finger
+ 87, // —
+ 95, // supdup
+ 101, // hostname
+ 102, // iso-tsap
+ 103, // gppitnp
+ 104, // acr-nema
+ 109, // pop2
+ 110, // pop3
+ 111, // sunrpc
+ 113, // auth
+ 115, // sftp
+ 117, // uucp-path
+ 119, // nntp
+ 123, // ntp
+ 135, // epmap
+ 137, // netbios-ns
+ 139, // netbios-ssn
+ 143, // imap
+ 161, // snmp
+ 179, // bgp
+ 389, // ldap
+ 427, // svrloc
+ 465, // submissions
+ 512, // exec
+ 513, // login
+ 514, // shell
+ 515, // printer
+ 526, // tempo
+ 530, // courier
+ 531, // chat
+ 532, // netnews
+ 540, // uucp
+ 548, // afp
+ 554, // rtsp
+ 556, // remotefs
+ 563, // nntps
+ 587, // submission
+ 601, // syslog-conn
+ 636, // ldaps
+ 989, // ftps-data
+ 990, // ftps
+ 993, // imaps
+ 995, // pop3s
+ 1719, // h323gatestat
+ 1720, // h323hostcall
+ 1723, // pptp
+ 2049, // nfs
+ 3659, // apple-sasl
+ 4045, // npp
+ 5060, // sip
+ 5061, // sips
+ 6000, // x11
+ 6566, // sane-port
+ 6665, // ircu
+ 6666, // ircu
+ 6667, // ircu
+ 6668, // ircu
+ 6669, // ircu
+ 6697, // ircs-u
+ 10080, // amanda
+ };
+ return binary_search(bad_ports.span(), port);
+}
+
+}
diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.h b/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.h
new file mode 100644
index 0000000000..c91bdd43ed
--- /dev/null
+++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.h
@@ -0,0 +1,18 @@
+/*
+ * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <AK/Forward.h>
+#include <LibWeb/Fetch/Infrastructure/RequestOrResponseBlocking.h>
+#include <LibWeb/Forward.h>
+
+namespace Web::Fetch::Infrastructure {
+
+[[nodiscard]] RequestOrResponseBlocking block_bad_port(Request const&);
+[[nodiscard]] bool is_bad_port(u16);
+
+}
diff --git a/Userland/Libraries/LibWeb/Fetch/Infrastructure/RequestOrResponseBlocking.h b/Userland/Libraries/LibWeb/Fetch/Infrastructure/RequestOrResponseBlocking.h
new file mode 100644
index 0000000000..830f7fe4c6
--- /dev/null
+++ b/Userland/Libraries/LibWeb/Fetch/Infrastructure/RequestOrResponseBlocking.h
@@ -0,0 +1,19 @@
+/*
+ * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
+ *
+ * SPDX-License-Identifier: BSD-2-Clause
+ */
+
+#pragma once
+
+#include <AK/Forward.h>
+#include <LibWeb/Forward.h>
+
+namespace Web::Fetch::Infrastructure {
+
+enum class RequestOrResponseBlocking {
+ Blocked,
+ Allowed,
+};
+
+}