From 8d39fb6dcf70ff15330cba340dc5f167d3586903 Mon Sep 17 00:00:00 2001
From: Sam Gibson <sam@ifdown.net>
Date: Mon, 22 Jun 2015 16:11:21 -0700
Subject: [PATCH] Shift checking for IP address host for HSTS entry to
 constructor

servo/servo#6105
---
 components/net/resource_task.rs | 20 +++++------
 tests/unit/net/resource_task.rs | 62 ++++++++++++++++-----------------
 2 files changed, 41 insertions(+), 41 deletions(-)

diff --git a/components/net/resource_task.rs b/components/net/resource_task.rs
index 04411fb0aed..94277ba1c36 100644
--- a/components/net/resource_task.rs
+++ b/components/net/resource_task.rs
@@ -198,12 +198,16 @@ pub struct HSTSEntry {
 }
 
 impl HSTSEntry {
-    pub fn new(host: String, include_subdomains: bool, max_age: Option<u64>) -> HSTSEntry {
-        HSTSEntry {
-            host: host,
-            include_subdomains: include_subdomains,
-            max_age: max_age,
-            timestamp: Some(time::get_time().sec as u64)
+    pub fn new(host: String, include_subdomains: bool, max_age: Option<u64>) -> Option<HSTSEntry> {
+        if IPV4_REGEX.is_match(&host) || IPV6_REGEX.is_match(&host) {
+            None
+        } else {
+            Some(HSTSEntry {
+                host: host,
+                include_subdomains: include_subdomains,
+                max_age: max_age,
+                timestamp: Some(time::get_time().sec as u64)
+            })
         }
     }
 
@@ -257,10 +261,6 @@ impl HSTSList {
     }
 
     pub fn push(&mut self, entry: HSTSEntry) {
-        if IPV4_REGEX.is_match(&entry.host) || IPV6_REGEX.is_match(&entry.host) {
-            return
-        }
-
         let have_domain = self.has_domain(entry.host.clone());
         let have_subdomain = self.has_subdomain(entry.host.clone());
 
diff --git a/tests/unit/net/resource_task.rs b/tests/unit/net/resource_task.rs
index 3ed2823365b..ecf4bea40d4 100644
--- a/tests/unit/net/resource_task.rs
+++ b/tests/unit/net/resource_task.rs
@@ -20,36 +20,36 @@ fn test_exit() {
 }
 
 #[test]
-fn test_push_entry_to_hsts_list_should_not_add_ipv6_addresses() {
-    let mut list = HSTSList {
-        entries: Vec::new()
-    };
-
-    list.push(HSTSEntry::new(
+fn test_hsts_entry_cant_be_created_with_ipv6_address_as_host() {
+    let entry = HSTSEntry::new(
         "2001:0db8:0000:0000:0000:ff00:0042:8329".to_string(), false, None
-    ));
+    );
 
-    assert!(list.entries.len() == 0)
+    match entry {
+        Some(_) => panic!("able to create HSTSEntry with IPv6 host"),
+        None => ()
+    }
 }
 
 #[test]
-fn test_push_entry_to_hsts_list_should_not_add_ipv4_addresses() {
-    let mut list = HSTSList {
-        entries: Vec::new()
-    };
+fn test_hsts_entry_cant_be_created_with_ipv4_address_as_host() {
+    let entry = HSTSEntry::new(
+        "4.4.4.4".to_string(), false, None
+    );
 
-    list.push(HSTSEntry::new("8.8.8.8".to_string(), false, None));
-
-    assert!(list.entries.len() == 0)
+    match entry {
+        Some(_) => panic!("able to create HSTSEntry with IPv6 host"),
+        None => ()
+    }
 }
 
 #[test]
 fn test_push_entry_to_hsts_list_should_not_add_subdomains_whose_superdomain_is_already_matched() {
     let mut list = HSTSList {
-        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), true, None))
+        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap())
     };
 
-    list.push(HSTSEntry::new("servo.mozilla.org".to_string(), false, None));
+    list.push(HSTSEntry::new("servo.mozilla.org".to_string(), false, None).unwrap());
 
     assert!(list.entries.len() == 1)
 }
@@ -57,12 +57,12 @@ fn test_push_entry_to_hsts_list_should_not_add_subdomains_whose_superdomain_is_a
 #[test]
 fn test_push_entry_to_hsts_list_should_update_existing_domain_entrys_include_subdomains() {
     let mut list = HSTSList {
-        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), true, None))
+        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap())
     };
 
     assert!(list.always_secure("servo.mozilla.org"));
 
-    list.push(HSTSEntry::new("mozilla.org".to_string(), false, None));
+    list.push(HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap());
 
     assert!(!list.always_secure("servo.mozilla.org"))
 }
@@ -70,10 +70,10 @@ fn test_push_entry_to_hsts_list_should_update_existing_domain_entrys_include_sub
 #[test]
 fn test_push_entry_to_hsts_list_should_not_create_duplicate_entry() {
     let mut list = HSTSList {
-        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), false, None))
+        entries: vec!(HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap())
     };
 
-    list.push(HSTSEntry::new("mozilla.org".to_string(), false, None));
+    list.push(HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap());
 
     assert!(list.entries.len() == 1)
 }
@@ -86,7 +86,7 @@ fn test_push_entry_to_hsts_list_should_add_an_entry() {
 
     assert!(!list.always_secure("mozilla.org"));
 
-    list.push(HSTSEntry::new("mozilla.org".to_string(), true, None));
+    list.push(HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap());
 
     assert!(list.always_secure("mozilla.org"));
 }
@@ -136,7 +136,7 @@ fn test_hsts_list_with_no_entries_does_not_always_secure() {
 #[test]
 fn test_hsts_list_with_exact_domain_entry_is_always_secure() {
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap()]
     };
 
     assert!(hsts_list.always_secure("mozilla.org") == true);
@@ -145,7 +145,7 @@ fn test_hsts_list_with_exact_domain_entry_is_always_secure() {
 #[test]
 fn test_hsts_list_with_subdomain_when_include_subdomains_is_true_is_always_secure() {
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap()]
     };
 
     assert!(hsts_list.always_secure("servo.mozilla.org") == true);
@@ -154,7 +154,7 @@ fn test_hsts_list_with_subdomain_when_include_subdomains_is_true_is_always_secur
 #[test]
 fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_always_secure() {
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap()]
     };
 
     assert!(hsts_list.always_secure("servo.mozilla.org") == false);
@@ -163,7 +163,7 @@ fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_always_
 #[test]
 fn test_hsts_list_with_subdomain_when_host_is_not_a_subdomain_is_not_always_secure() {
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap()]
     };
 
     assert!(hsts_list.always_secure("servo-mozilla.org") == false);
@@ -172,7 +172,7 @@ fn test_hsts_list_with_subdomain_when_host_is_not_a_subdomain_is_not_always_secu
 #[test]
 fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_always_secure() {
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap()]
     };
 
     assert!(hsts_list.always_secure("mozilla.org") == true);
@@ -182,7 +182,7 @@ fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_always_secure() {
 fn test_make_hsts_secure_does_not_change_explicit_port() {
     let load_data = LoadData::new(Url::parse("http://mozilla.org:8080/").unwrap(), None);
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap()]
     };
     let secure_load_data = hsts_list.make_hsts_secure(load_data);
 
@@ -193,7 +193,7 @@ fn test_make_hsts_secure_does_not_change_explicit_port() {
 fn test_make_hsts_secure_doesnt_affect_non_http_schemas() {
     let load_data = LoadData::new(Url::parse("file://mozilla.org").unwrap(), None);
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap()]
     };
     let secure_load_data = hsts_list.make_hsts_secure(load_data);
 
@@ -204,7 +204,7 @@ fn test_make_hsts_secure_doesnt_affect_non_http_schemas() {
 fn test_make_hsts_secure_sets_secure_schema_on_subdomains_when_include_subdomains_is_true() {
     let load_data = LoadData::new(Url::parse("http://servo.mozilla.org").unwrap(), None);
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), true, None).unwrap()]
     };
     let secure_load_data = hsts_list.make_hsts_secure(load_data);
 
@@ -215,7 +215,7 @@ fn test_make_hsts_secure_sets_secure_schema_on_subdomains_when_include_subdomain
 fn test_make_hsts_secure_forces_an_http_host_in_list_to_https() {
     let load_data = LoadData::new(Url::parse("http://mozilla.org").unwrap(), None);
     let hsts_list = HSTSList {
-        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None)]
+        entries: vec![HSTSEntry::new("mozilla.org".to_string(), false, None).unwrap()]
     };
     let secure_load_data = hsts_list.make_hsts_secure(load_data);