LadybirdBrowser/ladybird
1
1
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-09-21 18:37:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

LibWeb/Fetch: Refactor forbidden request-headers

Browse Source 
This is a change in the Fetch spec.

See:
- https://github.com/whatwg/fetch/commit/92e6c91
- https://github.com/whatwg/xhr/commit/494431a
This commit is contained in:
Linus Groh 2022-12-07 18:16:32 +00:00
parent 011f6a6cb4
commit 1c9bb2d8b4
Notes: sideshowbarker 2024-07-17 03:38:40 +09:00 
Author: https://github.com/linusg
Commit: https://github.com/SerenityOS/serenity/commit/1c9bb2d8b4
Pull-request: https://github.com/SerenityOS/serenity/pull/16362
Reviewed-by: https://github.com/trflynn89
5 changed files with 125 additions and 79 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
Userland/Libraries/LibWeb/Fetch/Headers.cpp
View File

@ -59,6 +59,7 @@ WebIDL::ExceptionOr<void> Headers::append(DeprecatedString const& name_string, D
WebIDL::ExceptionOr<void> Headers::delete_(DeprecatedString const& name_string)
{
// The delete(name) method steps are:
auto& realm = this->realm();
auto name = name_string.bytes();
// 1. If name is not a header name, then throw a TypeError.
@ -69,8 +70,10 @@ WebIDL::ExceptionOr<void> Headers::delete_(DeprecatedString const& name_string)
if (m_guard == Guard::Immutable)
return WebIDL::SimpleException { WebIDL::SimpleExceptionType::TypeError, "Headers object is immutable"sv };
// 3. Otherwise, if thiss guard is "request" and name is a forbidden header name, return.
if (m_guard == Guard::Request && Infrastructure::is_forbidden_header_name(name))
// 3. Otherwise, if this's guard is "request" and (name, ``) is a forbidden request-header, return.
// NOTE: Passing a dummy header value to forbidden request-header ought not to have any negative repercussions.
auto header = TRY_OR_RETURN_OOM(realm, Infrastructure::Header::from_string_pair(name, ""sv));
if (m_guard == Guard::Request && TRY_OR_RETURN_OOM(realm, Infrastructure::is_forbidden_request_header(header)))
return {};
// 4. Otherwise, if thiss guard is "request-no-cors", name is not a no-CORS-safelisted request-header name, and name is not a privileged no-CORS request-header name, return.
@ -88,9 +91,9 @@ WebIDL::ExceptionOr<void> Headers::delete_(DeprecatedString const& name_string)
// 7. Delete name from thiss header list.
m_header_list->delete_(name);
// 8. If thiss guard is "request-no-cors", then remove privileged no-CORS request headers from this.
// 8. If thiss guard is "request-no-cors", then remove privileged no-CORS request-headers from this.
if (m_guard == Guard::RequestNoCORS)
remove_privileged_no_cors_headers();
remove_privileged_no_cors_request_headers();
return {};
}
@ -129,14 +132,15 @@ WebIDL::ExceptionOr<bool> Headers::has(DeprecatedString const& name_string)
WebIDL::ExceptionOr<void> Headers::set(DeprecatedString const& name_string, DeprecatedString const& value_string)
{
// The set(name, value) method steps are:
auto& realm = this->realm();
auto name = name_string.bytes();
auto value = value_string.bytes();
// 1. Normalize value.
auto normalized_value = TRY_OR_RETURN_OOM(realm(), Infrastructure::normalize_header_value(value));
auto normalized_value = TRY_OR_RETURN_OOM(realm, Infrastructure::normalize_header_value(value));
auto header = Infrastructure::Header {
.name = TRY_OR_RETURN_OOM(realm(), ByteBuffer::copy(name)),
.name = TRY_OR_RETURN_OOM(realm, ByteBuffer::copy(name)),
.value = move(normalized_value),
};
@ -150,8 +154,8 @@ WebIDL::ExceptionOr<void> Headers::set(DeprecatedString const& name_string, Depr
if (m_guard == Guard::Immutable)
return WebIDL::SimpleException { WebIDL::SimpleExceptionType::TypeError, "Headers object is immutable"sv };
// 4. Otherwise, if thiss guard is "request" and name is a forbidden header name, return.
if (m_guard == Guard::Request && Infrastructure::is_forbidden_header_name(name))
// 4. Otherwise, if thiss guard is "request" and (name, value) is a forbidden request-header, return.
if (m_guard == Guard::Request && TRY_OR_RETURN_OOM(realm, Infrastructure::is_forbidden_request_header(header)))
return {};
// 5. Otherwise, if thiss guard is "request-no-cors" and (name, value) is not a no-CORS-safelisted request-header, return.
@ -163,11 +167,11 @@ WebIDL::ExceptionOr<void> Headers::set(DeprecatedString const& name_string, Depr
return {};
// 7. Set (name, value) in thiss header list.
TRY_OR_RETURN_OOM(realm(), m_header_list->set(move(header)));
TRY_OR_RETURN_OOM(realm, m_header_list->set(move(header)));
// 8. If thiss guard is "request-no-cors", then remove privileged no-CORS request headers from this.
// 8. If thiss guard is "request-no-cors", then remove privileged no-CORS request-headers from this.
if (m_guard == Guard::RequestNoCORS)
remove_privileged_no_cors_headers();
remove_privileged_no_cors_request_headers();
return {};
}
@ -213,10 +217,11 @@ JS::ThrowCompletionOr<void> Headers::for_each(ForEachCallback callback)
WebIDL::ExceptionOr<void> Headers::append(Infrastructure::Header header)
{
// To append a header (name, value) to a Headers object headers, run these steps:
auto& realm = this->realm();
auto& [name, value] = header;
// 1. Normalize value.
value = TRY_OR_RETURN_OOM(realm(), Infrastructure::normalize_header_value(value));
value = TRY_OR_RETURN_OOM(realm, Infrastructure::normalize_header_value(value));
// 2. If name is not a header name or value is not a header value, then throw a TypeError.
if (!Infrastructure::is_header_name(name))
@ -228,28 +233,28 @@ WebIDL::ExceptionOr<void> Headers::append(Infrastructure::Header header)
if (m_guard == Guard::Immutable)
return WebIDL::SimpleException { WebIDL::SimpleExceptionType::TypeError, "Headers object is immutable"sv };
// 4. Otherwise, if headerss guard is "request" and name is a forbidden header name, return.
if (m_guard == Guard::Request && Infrastructure::is_forbidden_header_name(name))
// 4. Otherwise, if headerss guard is "request" and (name, value) is a forbidden request-header, return.
if (m_guard == Guard::Request && TRY_OR_RETURN_OOM(realm, Infrastructure::is_forbidden_request_header(header)))
return {};
// 5. Otherwise, if headerss guard is "request-no-cors":
if (m_guard == Guard::RequestNoCORS) {
// 1. Let temporaryValue be the result of getting name from headerss header list.
auto temporary_value = TRY_OR_RETURN_OOM(realm(), m_header_list->get(name));
auto temporary_value = TRY_OR_RETURN_OOM(realm, m_header_list->get(name));
// 2. If temporaryValue is null, then set temporaryValue to value.
if (!temporary_value.has_value()) {
temporary_value = TRY_OR_RETURN_OOM(realm(), ByteBuffer::copy(value));
temporary_value = TRY_OR_RETURN_OOM(realm, ByteBuffer::copy(value));
}
// 3. Otherwise, set temporaryValue to temporaryValue, followed by 0x2C 0x20, followed by value.
else {
TRY_OR_RETURN_OOM(realm(), temporary_value->try_append(0x2c));
TRY_OR_RETURN_OOM(realm(), temporary_value->try_append(0x20));
TRY_OR_RETURN_OOM(realm(), temporary_value->try_append(value));
TRY_OR_RETURN_OOM(realm, temporary_value->try_append(0x2c));
TRY_OR_RETURN_OOM(realm, temporary_value->try_append(0x20));
TRY_OR_RETURN_OOM(realm, temporary_value->try_append(value));
}
auto temporary_header = Infrastructure::Header {
.name = TRY_OR_RETURN_OOM(realm(), ByteBuffer::copy(name)),
.name = TRY_OR_RETURN_OOM(realm, ByteBuffer::copy(name)),
.value = temporary_value.release_value(),
};
@ -263,11 +268,11 @@ WebIDL::ExceptionOr<void> Headers::append(Infrastructure::Header header)
return {};
// 7. Append (name, value) to headerss header list.
TRY_OR_RETURN_OOM(realm(), m_header_list->append(move(header)));
TRY_OR_RETURN_OOM(realm, m_header_list->append(move(header)));
// 8. If headerss guard is "request-no-cors", then remove privileged no-CORS request headers from headers.
// 8. If headerss guard is "request-no-cors", then remove privileged no-CORS request-headers from headers.
if (m_guard == Guard::RequestNoCORS)
remove_privileged_no_cors_headers();
remove_privileged_no_cors_request_headers();
return {};
}
@ -301,9 +306,9 @@ WebIDL::ExceptionOr<void> Headers::fill(HeadersInit const& object)
}
// https://fetch.spec.whatwg.org/#concept-headers-remove-privileged-no-cors-request-headers
void Headers::remove_privileged_no_cors_headers()
void Headers::remove_privileged_no_cors_request_headers()
{
// To remove privileged no-CORS request headers from a Headers object (headers), run these steps:
// To remove privileged no-CORS request-headers from a Headers object (headers), run these steps:
static constexpr Array privileged_no_cors_request_header_names = {
"Range"sv,

2
Userland/Libraries/LibWeb/Fetch/Headers.h
View File

@ -62,7 +62,7 @@ private:
virtual void visit_edges(JS::Cell::Visitor&) override;
void remove_privileged_no_cors_headers();
void remove_privileged_no_cors_request_headers();
// https://fetch.spec.whatwg.org/#concept-headers-header-list
// A Headers object has an associated header list (a header list), which is initially empty.

133
Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Headers.cpp
View File

@ -16,6 +16,7 @@
#include <LibRegex/Regex.h>
#include <LibWeb/Fetch/Infrastructure/HTTP.h>
#include <LibWeb/Fetch/Infrastructure/HTTP/Headers.h>
#include <LibWeb/Fetch/Infrastructure/HTTP/Methods.h>
#include <LibWeb/Infra/ByteSequences.h>
#include <LibWeb/Loader/ResourceLoader.h>
#include <LibWeb/MimeSniff/MimeType.h>
@ -90,37 +91,46 @@ ErrorOr<Optional<Vector<DeprecatedString>>> HeaderList::get_decode_and_split(Rea
{
// To get, decode, and split a header name name from header list list, run these steps:
// 1. Let initialValue be the result of getting name from list.
auto initial_value = TRY(get(name));
// 1. Let value be the result of getting name from list.
auto value = TRY(get(name));
// 2. If initialValue is null, then return null.
if (!initial_value.has_value())
// 2. If value is null, then return null.
if (!value.has_value())
return Optional<Vector<DeprecatedString>> {};
// 3. Let input be the result of isomorphic decoding initialValue.
auto input = StringView { *initial_value };
// 3. Return the result of getting, decoding, and splitting value.
return get_decode_and_split_header_value(*value);
}
// 4. Let position be a position variable for input, initially pointing at the start of input.
// https://fetch.spec.whatwg.org/#header-value-get-decode-and-split
ErrorOr<Optional<Vector<DeprecatedString>>> get_decode_and_split_header_value(ReadonlyBytes value)
{
// To get, decode, and split a header value value, run these steps:
// 1. Let input be the result of isomorphic decoding value.
auto input = StringView { value };
// 2. Let position be a position variable for input, initially pointing at the start of input.
auto lexer = GenericLexer { input };
// 5. Let values be a list of strings, initially empty.
// 3. Let values be a list of strings, initially empty.
Vector<DeprecatedString> values;
// 6. Let value be the empty string.
StringBuilder value_builder;
// 4. Let temporaryValue be the empty string.
StringBuilder temporary_value_builder;
// 7. While position is not past the end of input:
// 5. While position is not past the end of input:
while (!lexer.is_eof()) {
// 1. Append the result of collecting a sequence of code points that are not U+0022 (") or U+002C (,) from input, given position, to value.
// 1. Append the result of collecting a sequence of code points that are not U+0022 (") or U+002C (,) from input, given position, to temporaryValue.
// NOTE: The result might be the empty string.
value_builder.append(lexer.consume_until(is_any_of("\","sv)));
temporary_value_builder.append(lexer.consume_until(is_any_of("\","sv)));
// 2. If position is not past the end of input, then:
if (!lexer.is_eof()) {
// 1. If the code point at position within input is U+0022 ("), then:
if (lexer.peek() == '"') {
// 1. Append the result of collecting an HTTP quoted string from input, given position, to value.
value_builder.append(collect_an_http_quoted_string(lexer));
// 1. Append the result of collecting an HTTP quoted string from input, given position, to temporaryValue.
temporary_value_builder.append(collect_an_http_quoted_string(lexer));
// 2. If position is not past the end of input, then continue.
if (!lexer.is_eof())
@ -136,14 +146,14 @@ ErrorOr<Optional<Vector<DeprecatedString>>> HeaderList::get_decode_and_split(Rea
}
}
// 3. Remove all HTTP tab or space from the start and end of value.
auto value = value_builder.build().trim(HTTP_TAB_OR_SPACE, TrimMode::Both);
// 3. Remove all HTTP tab or space from the start and end of temporaryValue.
auto temporary_value = temporary_value_builder.build().trim(HTTP_TAB_OR_SPACE, TrimMode::Both);
// 4. Append value to values.
values.append(move(value));
// 4. Append temporaryValue to values.
values.append(move(temporary_value));
// 5. Set value to the empty string.
value_builder.clear();
// 5. Set temporaryValue to the empty string.
temporary_value_builder.clear();
}
// 8. Return values.
@ -580,34 +590,63 @@ bool is_no_cors_safelisted_request_header(Header const& header)
}
// https://fetch.spec.whatwg.org/#forbidden-header-name
bool is_forbidden_header_name(ReadonlyBytes header_name)
ErrorOr<bool> is_forbidden_request_header(Header const& header)
{
// A forbidden header name is a header name that is a byte-case-insensitive match for one of
// A header (name, value) is forbidden request-header if these steps return true:
auto name = StringView { header.name };
// 1. If name is a byte-case-insensitive match for one of:
// [...]
// or a header name that when byte-lowercased starts with `proxy-` or `sec-`.
return StringView { header_name }.is_one_of_ignoring_case(
"Accept-Charset"sv,
"Accept-Encoding"sv,
"Access-Control-Request-Headers"sv,
"Access-Control-Request-Method"sv,
"Connection"sv,
"Content-Length"sv,
"Cookie"sv,
"Cookie2"sv,
"Date"sv,
"DNT"sv,
"Expect"sv,
"Host"sv,
"Keep-Alive"sv,
"Origin"sv,
"Referer"sv,
"TE"sv,
"Trailer"sv,
"Transfer-Encoding"sv,
"Upgrade"sv,
"Via"sv)
|| StringView { header_name }.starts_with("proxy-"sv, CaseSensitivity::CaseInsensitive)
|| StringView { header_name }.starts_with("sec-"sv, CaseSensitivity::CaseInsensitive);
// then return true.
if (name.is_one_of_ignoring_case(
"Accept-Charset"sv,
"Accept-Encoding"sv,
"Access-Control-Request-Headers"sv,
"Access-Control-Request-Method"sv,
"Connection"sv,
"Content-Length"sv,
"Cookie"sv,
"Cookie2"sv,
"Date"sv,
"DNT"sv,
"Expect"sv,
"Host"sv,
"Keep-Alive"sv,
"Origin"sv,
"Referer"sv,
"TE"sv,
"Trailer"sv,
"Transfer-Encoding"sv,
"Upgrade"sv,
"Via"sv)) {
return true;
}
// 2. If name when byte-lowercased starts with `proxy-` or `sec-`, then return true.
if (name.starts_with("proxy-"sv, CaseSensitivity::CaseInsensitive)
|| name.starts_with("sec-"sv, CaseSensitivity::CaseInsensitive)) {
return true;
}
// 3. If name is a byte-case-insensitive match for one of:
// - `X-HTTP-Method`
// - `X-HTTP-Method-Override`
// - `X-Method-Override`
// then:
if (name.is_one_of_ignoring_case(
"X-HTTP-Method"sv,
"X-HTTP-Method-Override"sv,
"X-Method"sv)) {
// 1. Let parsedValues be the result of getting, decoding, and splitting value.
auto parsed_values = TRY(get_decode_and_split_header_value(header.value));
// 2. For each method in parsedValues: if the isomorphic encoding of method is a forbidden method, then return true.
if (parsed_values.has_value() && any_of(*parsed_values, [](auto method) { return is_forbidden_method(method.bytes()); }))
return true;
}
// 4. Return false.
return false;
}
// https://fetch.spec.whatwg.org/#forbidden-response-header-name

3
Userland/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Headers.h
View File

@ -58,6 +58,7 @@ struct RangeHeaderValue {
Optional<u64> end;
};
[[nodiscard]] ErrorOr<Optional<Vector<DeprecatedString>>> get_decode_and_split_header_value(ReadonlyBytes);
[[nodiscard]] ErrorOr<OrderedHashTable<ByteBuffer>> convert_header_names_to_a_sorted_lowercase_set(Span<ReadonlyBytes>);
[[nodiscard]] bool is_header_name(ReadonlyBytes);
[[nodiscard]] bool is_header_value(ReadonlyBytes);
@ -70,7 +71,7 @@ struct RangeHeaderValue {
[[nodiscard]] bool is_cors_safelisted_response_header_name(ReadonlyBytes, Span<ReadonlyBytes>);
[[nodiscard]] bool is_no_cors_safelisted_request_header_name(ReadonlyBytes);
[[nodiscard]] bool is_no_cors_safelisted_request_header(Header const&);
[[nodiscard]] bool is_forbidden_header_name(ReadonlyBytes);
[[nodiscard]] ErrorOr<bool> is_forbidden_request_header(Header const&);
[[nodiscard]] bool is_forbidden_response_header_name(ReadonlyBytes);
[[nodiscard]] bool is_request_body_header_name(ReadonlyBytes);
[[nodiscard]] ErrorOr<Optional<Vector<ByteBuffer>>> extract_header_values(Header const&);

11
Userland/Libraries/LibWeb/XHR/XMLHttpRequest.cpp
View File

@ -310,15 +310,16 @@ WebIDL::ExceptionOr<void> XMLHttpRequest::set_request_header(DeprecatedString co
if (!Fetch::Infrastructure::is_header_value(value))
return WebIDL::SyntaxError::create(realm, "Header value contains invalid characters.");
// 5. If name is a forbidden header name, then return.
if (Fetch::Infrastructure::is_forbidden_header_name(name))
return {};
// 6. Combine (name, value) in thiss author request headers.
auto header = Fetch::Infrastructure::Header {
.name = move(name),
.value = move(value),
};
// 5. If (name, value) is a forbidden request-header, then return.
if (TRY_OR_RETURN_OOM(realm, Fetch::Infrastructure::is_forbidden_request_header(header)))
return {};
// 6. Combine (name, value) in thiss author request headers.
TRY_OR_RETURN_OOM(realm, m_author_request_headers->combine(move(header)));
return {};