| blob | eea8300489d79bdb18170d447027020d158fc108 |
1 #define DISABLE_SIGN_COMPARE_WARNINGS
11 #define URL_ALPHADIGIT URL_ALPHA URL_DIGIT
24 {
25 /*
26 * Append to strbuf 'buf' characters from string 'from' with length
27 * 'from_len' while unescaping characters that do not need to be escaped
28 * and escaping characters that do. The set of characters to escape
29 * (the complement of which is unescaped) starts out as the RFC 3986
30 * unsafe characters (0x00-0x1F,0x7F-0xFF," <>\"#%{}|\\^`"). If
31 * 'esc_extra' is not NULL, those additional characters will also always
32 * be escaped. If 'esc_ok' is not NULL, those characters will be left
33 * escaped if found that way, but will not be unescaped otherwise (used
34 * for delimiters). If a %-escape sequence is encountered that is not
35 * followed by 2 hexadecimal digits, the sequence is invalid and
36 * false (0) will be returned. Otherwise true (1) will be returned for
37 * success.
38 *
39 * Note that all %-escape sequences will be normalized to UPPERCASE
40 * as indicated in RFC 3986. Unless included in esc_extra or esc_ok
41 * alphanumerics and "-._~" will always be unescaped as per RFC 3986.
42 */
48 from_len--;
58 }
64 else
66 }
69 }
72 {
77 }
81 {
92 /* wildcard matches anything */
93 ;
96 /* the components are the same */
97 ;
98 else
102 url_next++;
106 pat_next++;
109 }
112 }
115 {
116 /*
117 * Normalize NUL-terminated url using the following rules:
118 *
119 * 1. Case-insensitive parts of url will be converted to lower case
120 * 2. %-encoded characters that do not need to be will be unencoded
121 * 3. Characters that are not %-encoded and must be will be encoded
122 * 4. All %-encodings will be converted to upper case hexadecimal
123 * 5. Leading 0s are removed from port numbers
124 * 6. If the default port for the scheme is given it will be removed
125 * 7. A path part (including empty) not starting with '/' has one added
126 * 8. Any dot segments (. or ..) in the path are resolved and removed
127 * 9. IPv6 host literals are allowed (but not normalized or validated)
128 *
129 * The rules are based on information in RFC 3986.
130 *
131 * Please note this function requires a full URL including a scheme
132 * and host part (except for file: URLs which may have an empty host).
133 *
134 * The return value is a newly allocated string that must be freed
135 * or NULL if the url is not valid.
136 *
137 * If out_info is non-NULL, the url and err fields therein will always
138 * be set. If a non-NULL value is returned, it will be stored in
139 * out_info->url as well, out_info->err will be set to NULL and the
140 * other fields of *out_info will also be filled in. If a NULL value
141 * is returned, NULL will be stored in out_info->url and out_info->err
142 * will be set to a brief, translated, error message, but no other
143 * fields will be filled in.
144 *
145 * This is NOT a URL validation function. Full URL validation is NOT
146 * performed. Some invalid host names are passed through this function
147 * undetected. However, most all other problems that make a URL invalid
148 * will be detected (including a missing host for non file: URLs).
149 */
159 /*
160 * Copy lowercased scheme and :// suffix, %-escapes are not allowed
161 * First character of scheme must be URL_ALPHA
162 */
169 }
171 }
180 /*
181 * Copy any username:password if present normalizing %-escapes
182 */
193 }
196 }
204 }
205 }
209 }
212 /*
213 * Copy the host part excluding any port part, no %-escapes allowed
214 */
216 /* Missing host invalid for all URL schemes except file */
221 }
224 }
227 }
230 colon_ptr--;
234 /* file: URLs may not have a port number */
238 }
241 }
245 else
249 /* Host name has invalid characters */
253 }
256 }
259 url_len--;
260 }
263 /*
264 * Check the port part and copy if not the default (after removing any
265 * leading 0s); no %-escapes allowed
266 */
268 /* skip the ':' and leading 0s but not the last one if all 0s */
269 url++;
272 url--;
274 /* Skip ":" port with no number, it's same as default */
278 /* Skip http :80 as it's the default */
282 /* Skip https :443 as it's the default */
284 /*
285 * Port number must be all digits with leading 0s removed
286 * and since all the protocols we deal with have a 16-bit
287 * port number it must also be in the range 1..65535
288 * 0 is not allowed because that means "next available"
289 * on just about every system and therefore cannot be used
290 */
294 /* port number has invalid characters */
298 }
301 }
305 /* port number not in range 1..65535 */
309 }
312 }
317 }
320 }
325 /*
326 * Now copy the path resolving any . and .. segments being careful not
327 * to corrupt the URL by unescaping any delimiters, but do add an
328 * initial '/' if it's missing and do normalize any %-escape sequences.
329 */
334 url++;
335 url_len--;
336 }
343 /*
344 * RFC 3689 indicates that any . or .. segments should be
345 * unescaped before being checked for.
346 */
348 URL_RESERVED)) {
352 }
355 }
359 /* ignore a . segment; be careful not to remove initial '/' */
365 }
367 /*
368 * ignore a .. segment and remove the previous segment;
369 * be careful not to remove initial '/' from path
370 */
373 /* invalid .. because no previous segment to remove */
377 }
380 }
387 }
388 }
391 /* if the next char is not '/' done with the path */
394 url++;
395 url_len--;
398 }
402 /*
403 * Now simply copy the rest, if any, only normalizing %-escapes and
404 * being careful not to corrupt the URL by unescaping any delimiters.
405 */
411 }
414 }
415 }
434 }
436 }
439 {
441 }
446 {
447 /*
448 * url_prefix matches url if url_prefix is an exact match for url or it
449 * is a prefix of url and the match ends on a path component boundary.
450 * Both url and url_prefix are considered to have an implicit '/' on the
451 * end for matching purposes if they do not already.
452 *
453 * url must be NUL terminated. url_prefix_len is the length of
454 * url_prefix which need not be NUL terminated.
455 *
456 * The return value is the length of the match in characters (including
457 * the final '/' even if it's implicit) or 0 for no match.
458 *
459 * Passing NULL as url and/or url_prefix will always cause 0 to be
460 * returned without causing any faults.
461 */
467 url_prefix_len--;
473 }
478 {
479 /*
480 * url_prefix matches url if the scheme, host and port of url_prefix
481 * are the same as those of url and the path portion of url_prefix
482 * is the same as the path portion of url or it is a prefix that
483 * matches at a '/' boundary. If url_prefix contains a user name,
484 * that must also exactly match the user name in url.
485 *
486 * If the user, host, port and path match in this fashion, the returned
487 * value is the length of the path match including any implicit
488 * final '/'. For example, "http://me@example.com/path" is matched by
489 * "http://example.com" with a path length of 1.
490 *
491 * If there is a match and exactusermatch is not NULL, then
492 * *exactusermatch will be set to true if both url and url_prefix
493 * contained a user name or false if url_prefix did not have a
494 * user name. If there is no match *exactusermatch is left untouched.
495 */
502 /* check the scheme */
507 /* check the user name if url_prefix has one */
515 }
517 /* check the host */
521 /* check the port */
527 /* check the path */
539 }
542 }
546 {
554 }
558 {
573 }
586 else
593 }
603 /*
604 * Our match is worse than the old one,
605 * we cannot use it.
606 */
608 /* Otherwise, replace it with this one. */
609 }
619 }
622 {
624 }