| blob | 15de5e1dbd37d1720eec25cab678654c95c98777 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include <algorithm>
25 }
27 // A fast bit-vector map for ascii characters.
28 //
29 // Internally stores 256 bits in an array of 8 ints.
30 // Does quick bit-flicking to lookup needed characters.
34 }
37 };
39 // Given text to escape and a Charmap defining which values to escape,
40 // return an escaped string. If use_plus is true, spaces are converted
41 // to +, otherwise, if spaces are in the charmap, they are converted to
42 // %20. And if keep_escaped is true, %XX will be kept as it is, otherwise, if
43 // '%' is in the charmap, it is converted to %25.
63 }
64 }
66 }
68 // Contains nonzero when the corresponding character is unescapable for normal
69 // URLs. These characters are the ones that may change the parsing of a URL, so
70 // we don't want to unescape them sometimes. In many case we won't want to
71 // unescape spaces, but that is controlled by parameters to Unescape*.
72 //
73 // The basic rule is that we can't unescape anything that would changing parsing
74 // like # or ?. We also can't unescape &, =, or + since that could be part of a
75 // query and that could change the server's parsing of the query. Nor can we
76 // unescape \ since src/url/ will convert it to a /.
77 //
78 // Lastly, we can't unescape anything that doesn't have a canonical
79 // representation in a URL. This means that unescaping will change the URL, and
80 // you could get different behavior if you copy and paste the URL, or press
81 // enter in the URL bar. The list of characters that fall into this category
82 // are the ones labeled PASS (allow either escaped or unescaped) in the big
83 // lookup table at the top of url/url_canon_path.cc. Also, characters
84 // that have CHAR_QUERY set in url/url_canon_internal.cc but are not
85 // allowed in query strings according to http://www.ietf.org/rfc/rfc3261.txt are
86 // not unescaped, to avoid turning a valid url according to spec into an
87 // invalid one.
89 // NULL, control chars...
92 // ' ' ! " # $ % & ' ( ) * + , - . /
94 // 0 1 2 3 4 5 6 7 8 9 : ; < = > ?
96 // @ A B C D E F G H I J K L M N O
98 // P Q R S T U V W X Y Z [ \ ] ^ _
100 // ` a b c d e f g h i j k l m n o
102 // p q r s t u v w x y z { | } ~ <NBSP>
104 };
106 // Attempts to unescape the sequence at |index| within |escaped_text|. If
107 // successful, sets |value| to the unescaped value. Returns whether
108 // unescaping succeeded.
125 }
127 }
129 // Returns true if there is an Arabic Language Mark at |index|. |first_byte|
130 // is the byte at |index|.
141 }
143 // Returns true if there is a BiDi control char at |index|. |first_byte| is the
144 // byte at |index|.
163 }
165 }
167 // Returns true if there is a four-byte banned char at |index|. |first_byte| is
168 // the byte at |index|.
173 // The following characters are blacklisted for spoofability concerns.
174 // U+1F50F LOCK WITH INK PEN (%F0%9F%94%8F)
175 // U+1F510 CLOSED LOCK WITH KEY (%F0%9F%94%90)
176 // U+1F512 LOCK (%F0%9F%94%92)
177 // U+1F513 OPEN LOCK (%F0%9F%94%93)
185 }
191 }
197 }
199 // Unescapes |escaped_text| according to |rules|, returning the resulting
200 // string. Fills in an |adjustments| parameter, if non-NULL, so it reflects
201 // the alterations done to the string that are not one-character-to-one-
202 // character. The resulting |adjustments| will always be sorted by increasing
203 // offset.
211 // Do not unescape anything, return the |escaped_text| text.
215 // The output of the unescaping is always smaller than the input, so we can
216 // reserve the input size to make sure we have enough buffer and don't have
217 // to allocate in the loop below.
218 STR result;
221 // Locations of adjusted text.
224 // Non ASCII character, append as is.
227 }
231 // Per http://tools.ietf.org/html/rfc3987#section-4.1, the following BiDi
232 // control characters are not allowed to appear unescaped in URLs:
233 //
234 // U+200E LEFT-TO-RIGHT MARK (%E2%80%8E)
235 // U+200F RIGHT-TO-LEFT MARK (%E2%80%8F)
236 // U+202A LEFT-TO-RIGHT EMBEDDING (%E2%80%AA)
237 // U+202B RIGHT-TO-LEFT EMBEDDING (%E2%80%AB)
238 // U+202C POP DIRECTIONAL FORMATTING (%E2%80%AC)
239 // U+202D LEFT-TO-RIGHT OVERRIDE (%E2%80%AD)
240 // U+202E RIGHT-TO-LEFT OVERRIDE (%E2%80%AE)
241 //
242 // Additionally, the Unicode Technical Report (TR9) as referenced by RFC
243 // 3987 above has since added some new BiDi control characters.
244 // http://www.unicode.org/reports/tr9
245 //
246 // U+061C ARABIC LETTER MARK (%D8%9C)
247 // U+2066 LEFT-TO-RIGHT ISOLATE (%E2%81%A6)
248 // U+2067 RIGHT-TO-LEFT ISOLATE (%E2%81%A7)
249 // U+2068 FIRST STRONG ISOLATE (%E2%81%A8)
250 // U+2069 POP DIRECTIONAL ISOLATE (%E2%81%A9)
251 //
252 // The following spoofable characters are also banned, because they could
253 // be used to imitate parts of a web browser's UI.
254 //
255 // U+1F50F LOCK WITH INK PEN (%F0%9F%94%8F)
256 // U+1F510 CLOSED LOCK WITH KEY (%F0%9F%94%90)
257 // U+1F512 LOCK (%F0%9F%94%92)
258 // U+1F513 OPEN LOCK (%F0%9F%94%93)
259 //
260 // However, some schemes such as data: and file: need to parse the exact
261 // binary data when loading the URL. For that reason,
262 // SPOOFING_AND_CONTROL_CHARS allows unescaping BiDi control characters.
263 // DO NOT use SPOOFING_AND_CONTROL_CHARS if the parsed URL is going to be
264 // displayed in the UI.
267 // Keep Arabic Language Mark escaped.
271 }
273 // Keep BiDi control char escaped.
277 }
279 // Keep banned char escaped.
283 }
284 }
287 // For 7-bit characters, the lookup table tells us all valid chars.
289 // ...and we allow some additional unescaping when flags are set.
291 // Allow any of the prohibited but non-control characters when
292 // we're doing "special" chars.
294 // Additionally allow non-display characters if requested.
297 // Use the unescaped version of the character.
303 // Keep escaped. Append a percent and we'll get the following two
304 // digits on the next loops through.
306 }
311 // Normal case for unescaped characters.
313 }
314 }
317 }
330 };
338 }
339 }
342 }
346 str result;
353 }
355 // Everything except alphanumerics and !'()*-._~
356 // See RFC 2396 for the list of reserved characters.
360 }};
362 // non-printable, non-7bit, and (including space) "#%:<>?[\]^`{|}
366 }};
368 #if defined(OS_MACOSX)
369 // non-printable, non-7bit, and (including space) "#%<>[\]^`{|}
373 }};
376 // non-printable, non-7bit, and (including space) ?>=<;+'&%$#"![\]^`{|}
380 }};
382 // non-7bit
386 }};
388 // Everything except alphanumerics, the reserved characters(;/?:@&=+$,) and
389 // !'()*-._~#[]
393 }};
399 }
403 }
405 #if defined(OS_MACOSX)
408 }
413 }
417 }
421 }
425 }
429 }
433 }
438 }
443 }
448 }
461 // Character set looks like it's valid.
464 adjustments);
465 }
467 }
468 // Character set is not valid. Return the escaped version.
470 }
482 };
492 // Potential ampersand encode char.
498 }
503 }
504 }
505 }
506 }
508 }