Skip to content

Commit 45dd7e4

Browse files
Chan Chak ShingHainish
Chan Chak Shing
authored and
Hainish
committed
Create utils/normalize-securecookie.py (EFForg#13864)
1 parent 2a6a4b1 commit 45dd7e4

3 files changed

Lines changed: 59 additions & 122 deletions

File tree

test/travis.sh

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,7 @@ if [ "$TEST" == "rules" ]; then
4242
docker run --rm -ti -v $(pwd):/opt httpse bash -c "utils/remove-obsolete-references.sh"
4343
docker run --rm -ti -v $(pwd):/opt httpse bash -c "utils/validate.sh"
4444
docker run --rm -ti -v $(pwd):/opt httpse bash -c "test/rules.sh"
45-
docker run --rm -ti -v $(pwd):/opt node bash -c "cd /opt && node utils/normalize-securecookie.js"
46-
[ `git diff --name-only $RULESETFOLDER | wc -l` -eq 0 ]
45+
docker run --rm -ti -v $(pwd):/opt httpse python utils/normalize-securecookie.py
4746
fi
4847

4948
if [ "$TEST" == "fetch" ]; then

utils/normalize-securecookie.js

Lines changed: 0 additions & 120 deletions
This file was deleted.

utils/normalize-securecookie.py

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
#!/usr/bin/env python2.7
2+
3+
# This python utility check for wildcard securecookies which
4+
# can be normalized, warn and exit with non-zero when such
5+
# rulesets exist.
6+
7+
# This is create in attempt to fix the issues on
8+
# https://github.com/EFForg/https-everywhere/pull/13840
9+
# https://github.com/EFForg/https-everywhere/pull/12493
10+
11+
import argparse
12+
import glob
13+
import os
14+
import unicodedata
15+
import xml.etree.ElementTree
16+
17+
def normalize_fn(fn):
18+
"""
19+
OSX and Linux filesystems encode composite characters differently in
20+
filenames. We should normalize to NFC: https://unicode.org/reports/tr15/
21+
"""
22+
fn = unicodedata.normalize("NFC", unicode(fn, "utf-8")).encode()
23+
return fn
24+
25+
def should_normalize_securecookie(host, name):
26+
wildcards = [ ".", ".*" ]
27+
return True if host in wildcards or name in wildcards else False
28+
29+
# commandline arguments parsing (nobody use it, though)
30+
parser = argparse.ArgumentParser(description="Normalize wildcard securecookies")
31+
parser.add_argument("--source_dir", default="src/chrome/content/rules")
32+
33+
args = parser.parse_args()
34+
35+
# Exit code
36+
exit_with_non_zero = False
37+
38+
# XML ruleset files
39+
filenames = map(normalize_fn, glob.glob(os.path.join(args.source_dir, "*.xml")))
40+
41+
for filename in filenames:
42+
tree = xml.etree.ElementTree.parse(filename)
43+
root = tree.getroot()
44+
45+
for branch in root:
46+
if branch.tag != "securecookie":
47+
continue
48+
49+
host = branch.attrib["host"]
50+
name = branch.attrib["name"]
51+
52+
if should_normalize_securecookie(host, name):
53+
print ("ERROR %s: contains wildcard securecookies "\
54+
"which can be normalized." % filename)
55+
exit_with_non_zero = True
56+
break
57+
58+
exit(0) if not exit_with_non_zero else exit(1)

0 commit comments

Comments
 (0)