[epiphany/mcatanzaro/uri-decode] uri-helpers: Use webkit_uri_for_display()



commit a188cd36ce519cd9cec450d4afb58008361d6e1a
Author: Michael Catanzaro <mcatanzaro igalia com>
Date:   Sat Feb 9 10:27:08 2019 -0600

    uri-helpers: Use webkit_uri_for_display()
    
    We'll use WebKit's code for processing punycode and IDN. This also means
    we'll adopt the same IDN homograph mitigation strategy as Safari, rather
    than the current implementation based on Firefox.

 lib/ephy-uri-helpers.c | 222 +------------------------------------------------
 meson.build            |   2 +-
 2 files changed, 4 insertions(+), 220 deletions(-)
---
diff --git a/lib/ephy-uri-helpers.c b/lib/ephy-uri-helpers.c
index 32b3ef3a4..7397960db 100644
--- a/lib/ephy-uri-helpers.c
+++ b/lib/ephy-uri-helpers.c
@@ -253,237 +253,21 @@ ephy_remove_tracking_from_uri (const char *uri_string)
   return ret;
 }
 
-static inline void
-script_table_update (GHashTable     *table,
-                     GUnicodeScript  script)
-{
-  gpointer value;
-  gpointer new_value;
-
-  value = g_hash_table_lookup (table, GINT_TO_POINTER (script));
-  new_value = GINT_TO_POINTER (GPOINTER_TO_INT (value) + 1);
-  g_hash_table_replace (table, GINT_TO_POINTER (script), new_value);
-}
-
-static inline int
-script_table_get (GHashTable     *table,
-                  GUnicodeScript  script)
-{
-  gpointer value;
-
-  value = g_hash_table_lookup (table, GINT_TO_POINTER (script));
-  return GPOINTER_TO_INT (value);
-}
-
-/**
- * validate_unicode_label:
- * @label: a domain label, UTF-8 encoded
- *
- * Verifies whether @label is safe to be displayed as Unicode characters, as per
- * this algorithm: https://wiki.mozilla.org/IDN_Display_Algorithm#Algorithm. If
- * %FALSE is returned, then @label should be displayed as Punycode text.
- *
- * Return value: %TRUE if @label is considered safe, %FALSE otherwise
- **/
-static gboolean
-validate_unicode_label (const char *label)
-{
-  GHashTable *table;
-  GUnicodeScript script;
-  gunichar *unichars;
-  gunichar saved_zero_char = 0;
-  gboolean retval = FALSE;
-  long num;
-
-  g_assert (label);
-
-  if (!g_utf8_validate (label, -1, NULL))
-    return FALSE;
-
-  /* Use a hash table to count the occurrences of every script,
-   * except Common and Inherited. */
-  table = g_hash_table_new (g_direct_hash, g_direct_equal);
-  unichars = g_utf8_to_ucs4_fast (label, -1, &num);
-
-  for (gunichar *u = unichars; u && *u; u++) {
-    script = g_unichar_get_script (*u);
-
-    if (script != G_UNICODE_SCRIPT_COMMON && script != G_UNICODE_SCRIPT_INHERITED)
-      script_table_update (table, script);
-    else
-      num--;
-
-    /* Check for mixed numbering systems. */
-    if (g_unichar_isdigit (*u)) {
-      gunichar zero_char = *u - g_unichar_digit_value (*u);
-      if (saved_zero_char == 0)
-        saved_zero_char = zero_char;
-      else if (zero_char != saved_zero_char)
-        goto out;
-    }
-  }
-
-  /* Single script, allow. */
-  if (g_hash_table_size (table) < 2) {
-    retval = TRUE;
-    goto out;
-  }
-
-  /* Chinese scripts. */
-  if (script_table_get (table, G_UNICODE_SCRIPT_LATIN) +
-      script_table_get (table, G_UNICODE_SCRIPT_HAN) +
-      script_table_get (table, G_UNICODE_SCRIPT_BOPOMOFO) == num) {
-    retval = TRUE;
-    goto out;
-  }
-
-  /* Korean scripts. */
-  if (script_table_get (table, G_UNICODE_SCRIPT_LATIN) +
-      script_table_get (table, G_UNICODE_SCRIPT_HAN) +
-      script_table_get (table, G_UNICODE_SCRIPT_HANGUL) == num) {
-    retval = TRUE;
-    goto out;
-  }
-
-  /* Japanese scripts. */
-  if (script_table_get (table, G_UNICODE_SCRIPT_LATIN) +
-      script_table_get (table, G_UNICODE_SCRIPT_HAN) +
-      script_table_get (table, G_UNICODE_SCRIPT_HIRAGANA) +
-      script_table_get (table, G_UNICODE_SCRIPT_KATAKANA) == num) {
-    retval = TRUE;
-    goto out;
-  }
-
-  /* Ban mixes of more than two scripts. */
-  if (g_hash_table_size (table) > 2)
-    goto out;
-
-  /* Ban any mix of two scrips that doesn't contain Latin. */
-  if (script_table_get (table, G_UNICODE_SCRIPT_LATIN) == 0)
-    goto out;
-
-  /* Ban Latin + Cyrillic or Latin + Greek. */
-  if (script_table_get (table, G_UNICODE_SCRIPT_CYRILLIC) > 0 ||
-      script_table_get (table, G_UNICODE_SCRIPT_GREEK) > 0)
-    goto out;
-
-  /* Allow Latin + any other single script. */
-  retval = TRUE;
-
-out:
-  g_hash_table_unref (table);
-  g_free (unichars);
-
-  return retval;
-}
-
-static char *
-evaluate_host_for_display (const char *original_host,
-                           const char *unicode_host)
-{
-  char **original_labels;
-  char **unicode_labels;
-  char *retval;
-
-  g_assert (original_host);
-  g_assert (unicode_host);
-
-  /* These arrays will have the same length. */
-  original_labels = g_strsplit (original_host, ".", -1);
-  unicode_labels = g_strsplit (unicode_host, ".", -1);
-
-  for (guint i = 0; i < g_strv_length (unicode_labels); i++) {
-    if (!validate_unicode_label (unicode_labels[i])) {
-      g_free (unicode_labels[i]);
-      unicode_labels[i] = g_strdup (original_labels[i]);
-    }
-  }
-
-  retval = g_strjoinv (".", unicode_labels);
-  g_strfreev (original_labels);
-  g_strfreev (unicode_labels);
-
-  return retval;
-}
-
-
 /* Use this function to format a URI for display. The URIs used
  * internally by WebKit may contain percent-encoded characters or
  * punycode, which we do not want the user to see.
- *
- * Note this should probably be handled by WebKit instead.
  */
 char *
 ephy_uri_decode (const char *uri_string)
 {
-  static const guint MAX_DOMAIN_LENGTH = 255; /* RFC 1034, section 3.1 */
-  static UIDNA *idna = NULL;
-  static GMutex idna_creation_mutex;
-  SoupURI *uri;
-  char *percent_encoded_uri;
-  char *percent_decoded_host;
-  char *idna_decoded_name;
-  char *fully_decoded_uri;
-  UIDNAInfo info = UIDNA_INFO_INITIALIZER;
-  UErrorCode error = U_ZERO_ERROR;
+  char *decoded_uri;
 
   /* This function is not null-safe since it is mostly used in scenarios where
    * passing or returning null would typically lead to a security issue. */
   g_assert (uri_string);
 
-  /* This object is threadsafe to *use*, but need to create it exactly once. */
-  g_mutex_lock (&idna_creation_mutex);
-  if (idna == NULL) {
-    /* These flags should be synced with URLParser::internationalDomainNameTranscoder
-     * in WebKit's URLParser.cpp. */
-    idna = uidna_openUTS46 (UIDNA_CHECK_BIDI | UIDNA_CHECK_CONTEXTJ | UIDNA_NONTRANSITIONAL_TO_UNICODE | 
UIDNA_NONTRANSITIONAL_TO_ASCII, &error);
-    if (U_FAILURE (error))
-      g_error ("ICU error opening UTS #46 context: %d", error);
-  }
-  g_mutex_unlock (&idna_creation_mutex);
-
-  uri = soup_uri_new (uri_string);
-  if (uri == NULL)
-    return g_strdup (uri_string);
-
-  /* Process any punycode in the host portion of the URI. */
-  if (uri->host != NULL) {
-    /* +1 so there is space for the trailing NUL with the longest-possible
-     * domain name. +2 because ICU has this rather terrible behavior of
-     * sometimes returning a result that's not NUL-terminated if the buffer
-     * capacity exactly matches the output length, indicating that with a
-     * warning code that's not caught by U_FAILURE. Our buffer is large enough
-     * for any valid domain, but this function may receive invalid domains as
-     * input. */
-    idna_decoded_name = g_malloc0 (MAX_DOMAIN_LENGTH + 2);
-    uidna_nameToUnicodeUTF8 (idna, uri->host, -1, idna_decoded_name, MAX_DOMAIN_LENGTH + 1, &info, &error);
-
-    if (U_FAILURE (error)) {
-      g_warning ("ICU error converting domain %s for display: %d", uri->host, error);
-      soup_uri_free (uri);
-      g_free (idna_decoded_name);
-      return g_strdup (uri_string);
-    }
-
-    percent_decoded_host = soup_uri_decode (uri->host);
-    g_free (uri->host);
-    uri->host = evaluate_host_for_display (percent_decoded_host, idna_decoded_name);
-    g_free (percent_decoded_host);
-    g_free (idna_decoded_name);
-  }
-
-  /* Note: this also strips passwords from the display URI. */
-  percent_encoded_uri = soup_uri_to_string (uri, FALSE);
-  soup_uri_free (uri);
-
-  /* Now, decode any percent-encoded characters in the URI. If there are null
-   * characters or escaped slashes, this returns NULL, so just display the
-   * encoded URI in that case. */
-  fully_decoded_uri = g_uri_unescape_string (percent_encoded_uri, "/");
-  if (fully_decoded_uri == NULL)
-    return percent_encoded_uri;
-  g_free (percent_encoded_uri);
-  return fully_decoded_uri;
+  decoded_uri = webkit_uri_for_display (uri_string);
+  return decoded_uri ? decoded_uri : g_strdup (uri_string);
 }
 
 char *
diff --git a/meson.build b/meson.build
index 8db3f3ea8..9f7a117f7 100644
--- a/meson.build
+++ b/meson.build
@@ -82,7 +82,7 @@ endif
 glib_requirement = '>= 2.56.0'
 gtk_requirement = '>= 3.22.13'
 nettle_requirement = '>= 3.4'
-webkitgtk_requirement = '>= 2.21.92'
+webkitgtk_requirement = '>= 2.23.90'
 
 cairo_dep = dependency('cairo', version: '>= 1.2')
 gcr_dep = dependency('gcr-3', version: '>= 3.5.5')


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]