Skip to content

(v7.x backport) url: updates to the WHATWG URL parser #12507

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TimothyGu merged 21 commits into from
Apr 25, 2017
Merged

(v7.x backport) url: updates to the WHATWG URL parser #12507

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
71d3f94
url: extend URLSearchParams constructor
TimothyGu Jan 28, 2017
c40a45f
doc: document URLSearchParams constructor
TimothyGu Jan 28, 2017
b0fecbe
url: enforce valid UTF-8 in WHATWG parser
TimothyGu Feb 4, 2017
c3366a5
url: prioritize toString when stringifying
TimothyGu Mar 8, 2017
6b2cb6d
url: spec-compliant URLSearchParams serializer
TimothyGu Feb 4, 2017
7e7fd66
src: remove explicit UTF-8 validity check in url
TimothyGu Mar 15, 2017
4a94c2d
querystring: move isHexTable to internal
TimothyGu Mar 15, 2017
d86f0d7
url: spec-compliant URLSearchParams parser
TimothyGu Mar 15, 2017
a2a3d6c
url: use a class for WHATWG url[context]
TimothyGu Mar 22, 2017
75ef213
url: add ToObject method to native URL class
jasnell Mar 27, 2017
5b7b775
src: WHATWG URL C++ parser cleanup
TimothyGu Mar 16, 2017
d912e28
url: change path parsing for non-special URLs
watilde Apr 3, 2017
dceb12e
test: synchronize WPT url test data
watilde Apr 3, 2017
43faf56
url: error when domainTo*() is called w/o argument
TimothyGu Mar 20, 2017
dafa600
url: avoid instanceof for WHATWG URL
mscdex Mar 5, 2017
68cf850
url: trim leading slashes of file URL paths
watilde Apr 10, 2017
752097c
url: remove javascript URL special case
watilde Apr 12, 2017
f484cfd
url: disallow invalid IPv4 in IPv6 parser
watilde Apr 14, 2017
9288b73
url: clean up WHATWG URL origin generation
TimothyGu Apr 5, 2017
8f702ef
url: improve WHATWG URL inspection
TimothyGu Apr 5, 2017
473bd5e
src: clean up WHATWG WG parser
TimothyGu Apr 6, 2017
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
url: disallow invalid IPv4 in IPv6 parser 
PR-URL: #12507
Fixes: #10655
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
@watilde @TimothyGu
watilde authored and TimothyGu committed Apr 25, 2017
commit f484cfdf29318a27e317b48d50e67d978b5d7214
26 changes: 14 additions & 12 deletions src/node_url.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,7 +110,7 @@ namespace url {
uint16_t* compress_pointer = nullptr;
const char* pointer = input;
const char* end = pointer + length;
unsigned value, len, swaps, dots;
unsigned value, len, swaps, numbers_seen;
char ch = pointer < end ? pointer[0] : kEOL;
if (ch == ':') {
if (length < 2 || pointer[1] != ':')
Expand Down Expand Up @@ -148,9 +148,17 @@ namespace url {
ch = pointer < end ? pointer[0] : kEOL;
if (piece_pointer > last_piece - 2)
goto end;
dots = 0;
numbers_seen = 0;
while (ch != kEOL) {
value = 0xffffffff;
if (numbers_seen > 0) {
if (ch == '.' && numbers_seen < 4) {
pointer++;
ch = pointer < end ? pointer[0] : kEOL;
} else {
goto end;
}
}
if (!ASCII_DIGIT(ch))
goto end;
while (ASCII_DIGIT(ch)) {
Expand All @@ -167,19 +175,13 @@ namespace url {
pointer++;
ch = pointer < end ? pointer[0] : kEOL;
}
if (dots < 3 && ch != '.')
goto end;
*piece_pointer = *piece_pointer * 0x100 + value;
if (dots & 0x1)
numbers_seen++;
if (numbers_seen == 2 || numbers_seen == 4)
piece_pointer++;
if (ch != kEOL) {
pointer++;
ch = pointer < end ? pointer[0] : kEOL;
}
if (dots == 3 && ch != kEOL)
goto end;
dots++;
}
if (numbers_seen != 4)
goto end;
continue;
case ':':
pointer++;
Expand Down
144 changes: 72 additions & 72 deletions test/fixtures/url-setter-tests.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -880,42 +880,42 @@ module.exports =
"hostname": "example.net"
}
},
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.3.4x]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.3.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
{
"href": "http://example.net/",
"new_value": "[::1.2.3.4x]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.2.3.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.2.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
// {
// "href": "file://y/",
// "new_value": "x:123",
Expand Down Expand Up @@ -1214,42 +1214,42 @@ module.exports =
"hostname": "example.net"
}
},
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.3.4x]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.3.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.2.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
// {
// "href": "http://example.net/",
// "new_value": "[::1.]",
// "expected": {
// "href": "http://example.net/",
// "host": "example.net",
// "hostname": "example.net"
// }
// },
{
"href": "http://example.net/",
"new_value": "[::1.2.3.4x]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.2.3.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.2.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
{
"href": "http://example.net/",
"new_value": "[::1.]",
"expected": {
"href": "http://example.net/",
"host": "example.net",
"hostname": "example.net"
}
},
// {
// "href": "file://y/",
// "new_value": "x:123",
Expand Down
40 changes: 20 additions & 20 deletions test/fixtures/url-tests.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3800,26 +3800,26 @@ module.exports =
"base": "http://other.com/",
"failure": true
},
// {
// "input": "http://[::1.2.3.4x]",
// "base": "http://other.com/",
// "failure": true
// },
// {
// "input": "http://[::1.2.3.]",
// "base": "http://other.com/",
// "failure": true
// },
// {
// "input": "http://[::1.2.]",
// "base": "http://other.com/",
// "failure": true
// },
// {
// "input": "http://[::1.]",
// "base": "http://other.com/",
// "failure": true
// },
{
"input": "http://[::1.2.3.4x]",
"base": "http://other.com/",
"failure": true
},
{
"input": "http://[::1.2.3.]",
"base": "http://other.com/",
"failure": true
},
{
"input": "http://[::1.2.]",
"base": "http://other.com/",
"failure": true
},
{
"input": "http://[::1.]",
"base": "http://other.com/",
"failure": true
},
"Misc Unicode",
{
"input": "http://foo:💩@example.com/bar",
Expand Down