[fuchsia] Support non-ASCII hostnames in hosts_filter.

* Convert internationalized domain names in the provided hosts_filter to Punycode. * Add validation for host names in rules. Bug: 1012954 Change-Id: Ib14d35f764ce8cc17936226ac4cad81385f6ab29 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1857189Reviewed-by: Christopher Thompson <cthomp@chromium.org> Reviewed-by: Will Harris <wfh@chromium.org> Reviewed-by: Wez <wez@chromium.org> Commit-Queue: Fabrice de Gans-Riberi <fdegans@chromium.org> Cr-Commit-Position: refs/heads/master@{#709810}

[fuchsia] Support non-ASCII hostnames in hosts_filter.
* Convert internationalized domain names in the provided hosts_filter to Punycode. * Add validation for host names in rules. Bug: 1012954 Change-Id: Ib14d35f764ce8cc17936226ac4cad81385f6ab29 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1857189Reviewed-by: Christopher Thompson <cthomp@chromium.org> Reviewed-by: Will Harris <wfh@chromium.org> Reviewed-by: Wez <wez@chromium.org> Commit-Queue: Fabrice de Gans-Riberi <fdegans@chromium.org> Cr-Commit-Position: refs/heads/master@{#709810}
c5f15c08 · Fabrice de Gans-Riberi · Commit Bot · 571a9c4c · c5f15c08 · c5f15c08
Commit c5f15c08 authored Oct 28, 2019 by Fabrice de Gans-Riberi Committed by Commit Bot Oct 28, 2019
3 changed files
--- a/fuchsia/engine/browser/url_request_rewrite_rules_manager.cc
+++ b/fuchsia/engine/browser/url_request_rewrite_rules_manager.cc
@@ -4,6 +4,7 @@
 #include "fuchsia/engine/browser/url_request_rewrite_rules_manager.h"
+#include "base/strings/strcat.h"
 #include "fuchsia/base/string_util.h"
 #include "fuchsia/engine/url_request_rewrite_type_converters.h"
 #include "net/http/http_util.h"
@@ -18,6 +19,10 @@ RoutingIdRewriterMap& GetRewriterMap() {
  return *rewriter_map;
 }
+bool IsValidUrlHost(base::StringPiece host) {
+  return GURL(base::StrCat({url::kHttpScheme, "://", host})).is_valid();
+}
 bool ValidateAddHeaders(
    const fuchsia::web::UrlRequestRewriteAddHeaders& add_headers) {
  if (!add_headers.has_headers())
@@ -83,8 +88,21 @@ bool ValidateRewrite(const fuchsia::web::UrlRequestRewrite& rewrite) {
 bool ValidateRules(
    const std::vector<fuchsia::web::UrlRequestRewriteRule>& rules) {
  for (const auto& rule : rules) {
-    if (rule.has_hosts_filter() && rule.hosts_filter().empty())
+    if (rule.has_hosts_filter()) {
-      return false;
+      if (rule.hosts_filter().empty())
+        return false;
+      const base::StringPiece kWildcard("*.");
+      for (const base::StringPiece host : rule.hosts_filter()) {
+        if (base::StartsWith(host, kWildcard, base::CompareCase::SENSITIVE)) {
+          if (!IsValidUrlHost(host.substr(2)))
+            return false;
+        } else {
+          if (!IsValidUrlHost(host))
+            return false;
+        }
+      }
+    }
    if (rule.has_schemes_filter() && rule.schemes_filter().empty())
      return false;
    if (!rule.has_rewrites())

--- a/fuchsia/engine/browser/url_request_rewrite_rules_manager_unittest.cc
+++ b/fuchsia/engine/browser/url_request_rewrite_rules_manager_unittest.cc
@@ -229,3 +229,32 @@ TEST_F(UrlRequestRewriteRulesManagerTest, RuleRenewal) {
      cached_rules->data[0]->rewrites[0]->get_add_headers()->headers.HasHeader(
          "Test2"));
 }
+// Tests host names containing non-ASCII characters are properly converted.
+TEST_F(UrlRequestRewriteRulesManagerTest, ConvertInternationalHostName) {
+  const char kNonAsciiHostName[] = "t\u00E8st.net";
+  const char kNonAsciiHostNameWithWildcard[] = "*.t\u00E8st.net";
+  std::vector<fuchsia::web::UrlRequestRewrite> rewrites;
+  rewrites.push_back(cr_fuchsia::CreateRewriteAddHeaders("Test", "Value"));
+  fuchsia::web::UrlRequestRewriteRule rule;
+  rule.set_rewrites(std::move(rewrites));
+  rule.set_hosts_filter({kNonAsciiHostName, kNonAsciiHostNameWithWildcard});
+  std::vector<fuchsia::web::UrlRequestRewriteRule> rules;
+  rules.push_back(std::move(rule));
+  EXPECT_EQ(url_request_rewrite_rules_manager_->OnRulesUpdated(std::move(rules),
+                                                               []() {}),
+            ZX_OK);
+  scoped_refptr<WebEngineURLLoaderThrottle::UrlRequestRewriteRules>
+      cached_rules = url_request_rewrite_rules_manager_->GetCachedRules();
+  ASSERT_EQ(cached_rules->data.size(), 1u);
+  ASSERT_TRUE(cached_rules->data[0]->hosts_filter);
+  ASSERT_EQ(cached_rules->data[0]->hosts_filter.value().size(), 2u);
+  EXPECT_EQ(
+      cached_rules->data[0]->hosts_filter.value()[0].compare("xn--tst-6la.net"),
+      0);
+  EXPECT_EQ(cached_rules->data[0]->hosts_filter.value()[1].compare(
+                "*.xn--tst-6la.net"),
+            0);
+}
--- a/fuchsia/engine/url_request_rewrite_type_converters.cc
+++ b/fuchsia/engine/url_request_rewrite_type_converters.cc
@@ -4,6 +4,16 @@
 #include "fuchsia/engine/url_request_rewrite_type_converters.h"
+#include "base/strings/strcat.h"
+namespace {
+std::string NormalizeHost(base::StringPiece host) {
+  return GURL(base::StrCat({url::kHttpScheme, "://", host})).host();
+}
+}  // namespace
 namespace mojo {
 mojom::UrlRequestRewriteAddHeadersPtr
@@ -96,8 +106,21 @@ TypeConverter<mojom::UrlRequestRewriteRulePtr,
              fuchsia::web::UrlRequestRewriteRule>::
    Convert(const fuchsia::web::UrlRequestRewriteRule& input) {
  mojom::UrlRequestRewriteRulePtr rule = mojom::UrlRequestRewriteRule::New();
-  if (input.has_hosts_filter())
+  if (input.has_hosts_filter()) {
-    rule->hosts_filter = base::make_optional(input.hosts_filter());
+    // Convert host names in case they contain non-ASCII characters.
+    const base::StringPiece kWildcard("*.");
+    std::vector<std::string> hosts;
+    for (const base::StringPiece host : input.hosts_filter()) {
+      if (base::StartsWith(host, kWildcard, base::CompareCase::SENSITIVE)) {
+        hosts.push_back(
+            base::StrCat({kWildcard, NormalizeHost(host.substr(2))}));
+      } else {
+        hosts.push_back(NormalizeHost(host));
+      }
+    }
+    rule->hosts_filter = std::move(hosts);
+  }
  if (input.has_schemes_filter())
    rule->schemes_filter = base::make_optional(input.schemes_filter());
  if (input.has_rewrites())