mirror of
https://github.com/servo/servo.git
synced 2025-08-03 04:30:10 +01:00
parent
8d39fb6dcf
commit
15c90a58b2
5 changed files with 68 additions and 4 deletions
|
@ -194,7 +194,7 @@ pub struct HSTSEntry {
|
|||
pub host: String,
|
||||
pub include_subdomains: bool,
|
||||
pub max_age: Option<u64>,
|
||||
timestamp: Option<u64>
|
||||
pub timestamp: Option<u64>
|
||||
}
|
||||
|
||||
impl HSTSEntry {
|
||||
|
@ -211,12 +211,22 @@ impl HSTSEntry {
|
|||
}
|
||||
}
|
||||
|
||||
pub fn is_expired(&self) -> bool {
|
||||
match (self.max_age, self.timestamp) {
|
||||
(Some(max_age), Some(timestamp)) => {
|
||||
(time::get_time().sec as u64) - timestamp > max_age
|
||||
},
|
||||
|
||||
_ => false
|
||||
}
|
||||
}
|
||||
|
||||
fn matches_domain(&self, host: &str) -> bool {
|
||||
self.host == host
|
||||
!self.is_expired() && self.host == host
|
||||
}
|
||||
|
||||
fn matches_subdomain(&self, host: &str) -> bool {
|
||||
host.ends_with(&format!(".{}", self.host))
|
||||
!self.is_expired() && host.ends_with(&format!(".{}", self.host))
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -254,7 +264,7 @@ impl HSTSList {
|
|||
})
|
||||
}
|
||||
|
||||
pub fn has_subdomain(&self, host: String) -> bool {
|
||||
fn has_subdomain(&self, host: String) -> bool {
|
||||
self.entries.iter().any(|e| {
|
||||
e.matches_subdomain(&host)
|
||||
})
|
||||
|
|
1
components/servo/Cargo.lock
generated
1
components/servo/Cargo.lock
generated
|
@ -876,6 +876,7 @@ dependencies = [
|
|||
"net 0.0.1",
|
||||
"net_traits 0.0.1",
|
||||
"url 0.2.36 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"time 0.1.26 (registry+https://github.com/rust-lang/crates.io-index)",
|
||||
"util 0.0.1",
|
||||
]
|
||||
|
||||
|
|
|
@ -21,3 +21,4 @@ path = "../../../components/util"
|
|||
cookie = "0.1"
|
||||
hyper = "0.6"
|
||||
url = "0.2"
|
||||
time = "0.1"
|
||||
|
|
|
@ -8,6 +8,7 @@ extern crate net;
|
|||
extern crate net_traits;
|
||||
extern crate url;
|
||||
extern crate util;
|
||||
extern crate time;
|
||||
|
||||
#[cfg(test)] mod cookie;
|
||||
#[cfg(test)] mod data_loader;
|
||||
|
|
|
@ -11,6 +11,7 @@ use std::borrow::ToOwned;
|
|||
use std::collections::HashMap;
|
||||
use std::sync::mpsc::channel;
|
||||
use url::Url;
|
||||
use time;
|
||||
|
||||
|
||||
#[test]
|
||||
|
@ -19,6 +20,42 @@ fn test_exit() {
|
|||
resource_task.send(ControlMsg::Exit).unwrap();
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_entry_is_not_expired_when_it_has_no_timestamp() {
|
||||
let entry = HSTSEntry {
|
||||
host: "mozilla.org".to_string(),
|
||||
include_subdomains: false,
|
||||
max_age: Some(20),
|
||||
timestamp: None
|
||||
};
|
||||
|
||||
assert!(!entry.is_expired());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_entry_is_not_expired_when_it_has_no_max_age() {
|
||||
let entry = HSTSEntry {
|
||||
host: "mozilla.org".to_string(),
|
||||
include_subdomains: false,
|
||||
max_age: None,
|
||||
timestamp: Some(time::get_time().sec as u64)
|
||||
};
|
||||
|
||||
assert!(!entry.is_expired());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_entry_is_expired_when_it_has_reached_its_max_age() {
|
||||
let entry = HSTSEntry {
|
||||
host: "mozilla.org".to_string(),
|
||||
include_subdomains: false,
|
||||
max_age: Some(10),
|
||||
timestamp: Some(time::get_time().sec as u64 - 20u64)
|
||||
};
|
||||
|
||||
assert!(entry.is_expired());
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_entry_cant_be_created_with_ipv6_address_as_host() {
|
||||
let entry = HSTSEntry::new(
|
||||
|
@ -178,6 +215,20 @@ fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_always_secure() {
|
|||
assert!(hsts_list.always_secure("mozilla.org") == true);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_list_with_expired_entry_is_not_always_secure() {
|
||||
let hsts_list = HSTSList {
|
||||
entries: vec![HSTSEntry {
|
||||
host: "mozilla.org".to_string(),
|
||||
include_subdomains: false,
|
||||
max_age: Some(20),
|
||||
timestamp: Some(time::get_time().sec as u64 - 100u64)
|
||||
}]
|
||||
};
|
||||
|
||||
assert!(!hsts_list.always_secure("mozilla.org"));
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_make_hsts_secure_does_not_change_explicit_port() {
|
||||
let load_data = LoadData::new(Url::parse("http://mozilla.org:8080/").unwrap(), None);
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue