mirror of
https://github.com/servo/servo.git
synced 2025-06-12 10:24:43 +00:00
Remove customised implementation of hsts headers. (#30046)
This looks to have originally been implemented due to missing functionality in the headers crate, which has since been added and released.
This commit is contained in:
shanehandley
GitHub
parent
4127ffa3fc
commit
00241e84bc
1 changed files with 9 additions and 93 deletions
|
|
@ -3,7 +3,7 @@
|
||||||
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
use embedder_traits::resources::{self, Resource};
|
use embedder_traits::resources::{self, Resource};
|
||||||
use headers::{Header, HeaderMapExt, HeaderName, HeaderValue};
|
use headers::{HeaderMapExt, StrictTransportSecurity};
|
||||||
use http::HeaderMap;
|
use http::HeaderMap;
|
||||||
use net_traits::pub_domains::reg_suffix;
|
use net_traits::pub_domains::reg_suffix;
|
||||||
use net_traits::IncludeSubdomains;
|
use net_traits::IncludeSubdomains;
|
||||||
|
|
@ -187,18 +187,20 @@ impl HstsList {
|
||||||
|
|
||||||
if let Some(header) = headers.typed_get::<StrictTransportSecurity>() {
|
if let Some(header) = headers.typed_get::<StrictTransportSecurity>() {
|
||||||
if let Some(host) = url.domain() {
|
if let Some(host) = url.domain() {
|
||||||
let include_subdomains = if header.include_subdomains {
|
let include_subdomains = if header.include_subdomains() {
|
||||||
IncludeSubdomains::Included
|
IncludeSubdomains::Included
|
||||||
} else {
|
} else {
|
||||||
IncludeSubdomains::NotIncluded
|
IncludeSubdomains::NotIncluded
|
||||||
};
|
};
|
||||||
|
|
||||||
if let Some(entry) =
|
if let Some(entry) = HstsEntry::new(
|
||||||
HstsEntry::new(host.to_owned(), include_subdomains, Some(header.max_age))
|
host.to_owned(),
|
||||||
{
|
include_subdomains,
|
||||||
|
Some(header.max_age().as_secs()),
|
||||||
|
) {
|
||||||
info!("adding host {} to the strict transport security list", host);
|
info!("adding host {} to the strict transport security list", host);
|
||||||
info!("- max-age {}", header.max_age);
|
info!("- max-age {}", header.max_age().as_secs());
|
||||||
if header.include_subdomains {
|
if header.include_subdomains() {
|
||||||
info!("- includeSubdomains");
|
info!("- includeSubdomains");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -208,89 +210,3 @@ impl HstsList {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Remove this with the next update of the `headers` crate
|
|
||||||
// https://github.com/hyperium/headers/issues/61
|
|
||||||
#[derive(Clone, Debug, PartialEq)]
|
|
||||||
struct StrictTransportSecurity {
|
|
||||||
include_subdomains: bool,
|
|
||||||
max_age: u64,
|
|
||||||
}
|
|
||||||
|
|
||||||
enum Directive {
|
|
||||||
MaxAge(u64),
|
|
||||||
IncludeSubdomains,
|
|
||||||
Unknown,
|
|
||||||
}
|
|
||||||
|
|
||||||
// taken from https://github.com/hyperium/headers
|
|
||||||
impl Header for StrictTransportSecurity {
|
|
||||||
fn name() -> &'static HeaderName {
|
|
||||||
&http::header::STRICT_TRANSPORT_SECURITY
|
|
||||||
}
|
|
||||||
|
|
||||||
fn decode<'i, I: Iterator<Item = &'i HeaderValue>>(
|
|
||||||
values: &mut I,
|
|
||||||
) -> Result<Self, headers::Error> {
|
|
||||||
values
|
|
||||||
.just_one()
|
|
||||||
.and_then(|v| v.to_str().ok())
|
|
||||||
.map(|s| {
|
|
||||||
s.split(';')
|
|
||||||
.map(str::trim)
|
|
||||||
.map(|sub| {
|
|
||||||
if sub.eq_ignore_ascii_case("includeSubDomains") {
|
|
||||||
Some(Directive::IncludeSubdomains)
|
|
||||||
} else {
|
|
||||||
let mut sub = sub.splitn(2, '=');
|
|
||||||
match (sub.next(), sub.next()) {
|
|
||||||
(Some(left), Some(right))
|
|
||||||
if left.trim().eq_ignore_ascii_case("max-age") =>
|
|
||||||
{
|
|
||||||
right
|
|
||||||
.trim()
|
|
||||||
.trim_matches('"')
|
|
||||||
.parse()
|
|
||||||
.ok()
|
|
||||||
.map(Directive::MaxAge)
|
|
||||||
},
|
|
||||||
_ => Some(Directive::Unknown),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
})
|
|
||||||
.fold(Some((None, None)), |res, dir| match (res, dir) {
|
|
||||||
(Some((None, sub)), Some(Directive::MaxAge(age))) => Some((Some(age), sub)),
|
|
||||||
(Some((age, None)), Some(Directive::IncludeSubdomains)) => {
|
|
||||||
Some((age, Some(())))
|
|
||||||
},
|
|
||||||
(Some((Some(_), _)), Some(Directive::MaxAge(_))) |
|
|
||||||
(Some((_, Some(_))), Some(Directive::IncludeSubdomains)) |
|
|
||||||
(_, None) => None,
|
|
||||||
(res, _) => res,
|
|
||||||
})
|
|
||||||
.and_then(|res| match res {
|
|
||||||
(Some(age), sub) => Some(StrictTransportSecurity {
|
|
||||||
max_age: age,
|
|
||||||
include_subdomains: sub.is_some(),
|
|
||||||
}),
|
|
||||||
_ => None,
|
|
||||||
})
|
|
||||||
.ok_or_else(headers::Error::invalid)
|
|
||||||
})
|
|
||||||
.unwrap_or_else(|| Err(headers::Error::invalid()))
|
|
||||||
}
|
|
||||||
|
|
||||||
fn encode<E: Extend<HeaderValue>>(&self, _values: &mut E) {}
|
|
||||||
}
|
|
||||||
|
|
||||||
trait IterExt: Iterator {
|
|
||||||
fn just_one(&mut self) -> Option<Self::Item> {
|
|
||||||
let one = self.next()?;
|
|
||||||
match self.next() {
|
|
||||||
Some(_) => None,
|
|
||||||
None => Some(one),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
impl<T: Iterator> IterExt for T {}
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue