security/manager/ssl/nsSecurityHeaderParser.h

   1 /* This Source Code Form is subject to the terms of the Mozilla Public
   2  * License, v. 2.0. If a copy of the MPL was not distributed with this
   3  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   4
   5 #ifndef nsSecurityHeaderParser_h
   6 #define nsSecurityHeaderParser_h
   7
   8 #include "mozilla/LinkedList.h"
   9 #include "mozilla/Maybe.h"
  10 #include "nsCOMPtr.h"
  11 #include "nsString.h"
  12
  13 // Utility class for handing back parsed directives and (optional) values
  14 class nsSecurityHeaderDirective
  15     : public mozilla::LinkedListElement<nsSecurityHeaderDirective> {
  16  public:
  17   // The name of the directive.
  18   nsCString mName;
  19   // The value of the directive, if any. Will be Some if and only if a '='
  20   // followed the directive name (the value itself may be the empty string).
  21   mozilla::Maybe<nsCString> mValue;
  22 };
  23
  24 // This class parses security-related HTTP headers like
  25 // Strict-Transport-Security. The Augmented Backus-Naur Form syntax for this
  26 // header is reproduced below, for reference:
  27 //
  28 //   Strict-Transport-Security = "Strict-Transport-Security" ":"
  29 //                               [ directive ]  *( ";" [ directive ] )
  30 //
  31 //   directive                 = directive-name [ "=" directive-value ]
  32 //   directive-name            = token
  33 //   directive-value           = token | quoted-string
  34 //
  35 //   where:
  36 //
  37 //   token          = <token, defined in [RFC2616], Section 2.2>
  38 //   quoted-string  = <quoted-string, defined in [RFC2616], Section 2.2>/
  39 //
  40 // For further reference, see [RFC6797], Section 6.1
  41
  42 class nsSecurityHeaderParser {
  43  public:
  44   // The input to this class must be null-terminated, and must have a lifetime
  45   // greater than or equal to the lifetime of the created
  46   // nsSecurityHeaderParser.
  47   explicit nsSecurityHeaderParser(const nsCString& aHeader);
  48   ~nsSecurityHeaderParser();
  49
  50   // Only call Parse once.
  51   nsresult Parse();
  52   // The caller does not take ownership of the memory returned here.
  53   mozilla::LinkedList<nsSecurityHeaderDirective>* GetDirectives();
  54
  55  private:
  56   bool Accept(char aChr);
  57   bool Accept(bool (*aClassifier)(signed char));
  58   void Expect(char aChr);
  59   void Advance();
  60   void Header();          // header = [ directive ] *( ";" [ directive ] )
  61   void Directive();       // directive = directive-name [ "=" directive-value ]
  62   void DirectiveName();   // directive-name = token
  63   void DirectiveValue();  // directive-value = token | quoted-string
  64   void Token();           // token = 1*<any CHAR except CTLs or separators>
  65   void QuotedString();    // quoted-string = (<"> *( qdtext | quoted-pair ) <">)
  66   void QuotedText();      // qdtext = <any TEXT except <"> and "\">
  67   void QuotedPair();      // quoted-pair = "\" CHAR
  68
  69   // LWS = [CRLF] 1*( SP | HT )
  70   void LWSMultiple();  // Handles *( LWS )
  71   void LWSCRLF();      // Handles the [CRLF] part of LWS
  72   void LWS();          // Handles the 1*( SP | HT ) part of LWS
  73
  74   mozilla::LinkedList<nsSecurityHeaderDirective> mDirectives;
  75   const char* mCursor;
  76   nsSecurityHeaderDirective* mDirective;
  77
  78   nsCString mOutput;
  79   bool mError;
  80 };
  81
  82 #endif  // nsSecurityHeaderParser_h