mirror of
https://github.com/servo/servo.git
synced 2025-08-25 15:18:22 +01:00
Auto merge of #14794 - mrnayak:hsts-refactor, r=emilio
Refactor HSTSList to use HashMap Refactored HSTSList to use HashMap, where the key of HashMap is the base domain. Every time when we check if a host is secure, we find the base domain of the host and get a vector of HSTS entries associated with the base domain. While this will not give O(1) look up time, we would have a smaller list to iterate for every lookup. I have added one unit test to validate `HashMap` changes. <!-- Please describe your changes on the following line: --> --- <!-- Thank you for contributing to Servo! Please replace each `[ ]` by `[X]` when the step is complete, and replace `__` with appropriate data: --> - [X] `./mach build -d` does not report any errors - [X] `./mach test-tidy` does not report any errors - [X] These changes fix #14756 <!-- Either: --> - [X] There are tests for these changes OR <!-- Pull requests that do not address these steps are welcome, but they will require additional verification as part of the review process. --> <!-- Reviewable:start --> --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14794) <!-- Reviewable:end -->
This commit is contained in:
bors-servo
GitHub
commit
b06f4aec67
2 changed files with 119 additions and 62 deletions
|
|
@ -5,6 +5,7 @@
|
|||
use net::hsts::{HstsEntry, HstsList};
|
||||
use net::hsts::secure_url;
|
||||
use net_traits::IncludeSubdomains;
|
||||
use std::collections::HashMap;
|
||||
use time;
|
||||
use url::Url;
|
||||
|
||||
|
|
@ -63,10 +64,31 @@ fn test_hsts_entry_cant_be_created_with_ipv4_address_as_host() {
|
|||
}
|
||||
|
||||
#[test]
|
||||
fn test_push_entry_with_0_max_age_evicts_entry_from_list() {
|
||||
fn test_base_domain_in_entries_map() {
|
||||
let entries_map = HashMap::new();
|
||||
|
||||
let mut list = HstsList {
|
||||
entries: vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, Some(500000u64)).unwrap())
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
list.push(HstsEntry::new("servo.mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap());
|
||||
list.push(HstsEntry::new("firefox.mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap());
|
||||
list.push(HstsEntry::new("bugzilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap());
|
||||
|
||||
assert_eq!(list.entries_map.len(), 2);
|
||||
assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 2);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_push_entry_with_0_max_age_evicts_entry_from_list() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, Some(500000u64)).unwrap()));
|
||||
let mut list = HstsList {
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
list.push(HstsEntry::new("mozilla.org".to_owned(),
|
||||
|
|
@ -77,22 +99,26 @@ fn test_push_entry_with_0_max_age_evicts_entry_from_list() {
|
|||
|
||||
#[test]
|
||||
fn test_push_entry_to_hsts_list_should_not_add_subdomains_whose_superdomain_is_already_matched() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()));
|
||||
let mut list = HstsList {
|
||||
entries: vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap())
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
list.push(HstsEntry::new("servo.mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap());
|
||||
|
||||
assert!(list.entries.len() == 1)
|
||||
assert!(list.entries_map.get("mozilla.org").unwrap().len() == 1)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_push_entry_to_hsts_list_should_update_existing_domain_entrys_include_subdomains() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()));
|
||||
let mut list = HstsList {
|
||||
entries: vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap())
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(list.is_host_secure("servo.mozilla.org"));
|
||||
|
|
@ -105,21 +131,23 @@ fn test_push_entry_to_hsts_list_should_update_existing_domain_entrys_include_sub
|
|||
|
||||
#[test]
|
||||
fn test_push_entry_to_hsts_list_should_not_create_duplicate_entry() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap()));
|
||||
let mut list = HstsList {
|
||||
entries: vec!(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap())
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
list.push(HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap());
|
||||
|
||||
assert!(list.entries.len() == 1)
|
||||
assert!(list.entries_map.get("mozilla.org").unwrap().len() == 1)
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_push_multiple_entrie_to_hsts_list_should_add_them_all() {
|
||||
let mut list = HstsList {
|
||||
entries: Vec::new()
|
||||
entries_map: HashMap::new()
|
||||
};
|
||||
|
||||
assert!(!list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -137,7 +165,7 @@ fn test_push_multiple_entrie_to_hsts_list_should_add_them_all() {
|
|||
#[test]
|
||||
fn test_push_entry_to_hsts_list_should_add_an_entry() {
|
||||
let mut list = HstsList {
|
||||
entries: Vec::new()
|
||||
entries_map: HashMap::new()
|
||||
};
|
||||
|
||||
assert!(!list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -155,7 +183,7 @@ fn test_parse_hsts_preload_should_return_none_when_json_invalid() {
|
|||
}
|
||||
|
||||
#[test]
|
||||
fn test_parse_hsts_preload_should_return_none_when_json_contains_no_entries_key() {
|
||||
fn test_parse_hsts_preload_should_return_none_when_json_contains_no_entries_map_key() {
|
||||
let mock_preload_content = b"{\"nothing\": \"to see here\"}";
|
||||
assert!(HstsList::from_preload(mock_preload_content).is_none(), "invalid preload list should not have parsed")
|
||||
}
|
||||
|
|
@ -169,16 +197,16 @@ fn test_parse_hsts_preload_should_decode_host_and_includes_subdomains() {
|
|||
]\
|
||||
}";
|
||||
let hsts_list = HstsList::from_preload(mock_preload_content);
|
||||
let entries = hsts_list.unwrap().entries;
|
||||
let entries_map = hsts_list.unwrap().entries_map;
|
||||
|
||||
assert_eq!(entries[0].host, "mozilla.org");
|
||||
assert!(!entries[0].include_subdomains);
|
||||
assert_eq!(entries_map.get("mozilla.org").unwrap()[0].host, "mozilla.org");
|
||||
assert!(!entries_map.get("mozilla.org").unwrap()[0].include_subdomains);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn test_hsts_list_with_no_entries_does_not_is_host_secure() {
|
||||
fn test_hsts_list_with_no_entries_map_does_not_is_host_secure() {
|
||||
let hsts_list = HstsList {
|
||||
entries: Vec::new()
|
||||
entries_map: HashMap::new()
|
||||
};
|
||||
|
||||
assert!(!hsts_list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -186,9 +214,12 @@ fn test_hsts_list_with_no_entries_does_not_is_host_secure() {
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_exact_domain_entry_is_is_host_secure() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap()]);
|
||||
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap()]
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(hsts_list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -196,9 +227,11 @@ fn test_hsts_list_with_exact_domain_entry_is_is_host_secure() {
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_subdomain_when_include_subdomains_is_true_is_is_host_secure() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]);
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(hsts_list.is_host_secure("servo.mozilla.org"));
|
||||
|
|
@ -206,9 +239,11 @@ fn test_hsts_list_with_subdomain_when_include_subdomains_is_true_is_is_host_secu
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_is_host_secure() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap()]);
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::NotIncluded, None).unwrap()]
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(!hsts_list.is_host_secure("servo.mozilla.org"));
|
||||
|
|
@ -216,9 +251,11 @@ fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_is_host
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_subdomain_when_host_is_not_a_subdomain_is_not_is_host_secure() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]);
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(!hsts_list.is_host_secure("servo-mozilla.org"));
|
||||
|
|
@ -226,9 +263,11 @@ fn test_hsts_list_with_subdomain_when_host_is_not_a_subdomain_is_not_is_host_sec
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_is_host_secure() {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]);
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry::new("mozilla.org".to_owned(),
|
||||
IncludeSubdomains::Included, None).unwrap()]
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(hsts_list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -236,13 +275,15 @@ fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_is_host_secure() {
|
|||
|
||||
#[test]
|
||||
fn test_hsts_list_with_expired_entry_is_not_is_host_secure() {
|
||||
let hsts_list = HstsList {
|
||||
entries: vec![HstsEntry {
|
||||
let mut entries_map = HashMap::new();
|
||||
entries_map.insert("mozilla.org".to_owned(), vec![HstsEntry {
|
||||
host: "mozilla.org".to_owned(),
|
||||
include_subdomains: false,
|
||||
max_age: Some(20),
|
||||
timestamp: Some(time::get_time().sec as u64 - 100u64)
|
||||
}]
|
||||
}]);
|
||||
let hsts_list = HstsList {
|
||||
entries_map: entries_map
|
||||
};
|
||||
|
||||
assert!(!hsts_list.is_host_secure("mozilla.org"));
|
||||
|
|
@ -251,7 +292,7 @@ fn test_hsts_list_with_expired_entry_is_not_is_host_secure() {
|
|||
#[test]
|
||||
fn test_preload_hsts_domains_well_formed() {
|
||||
let hsts_list = HstsList::from_servo_preload();
|
||||
assert!(!hsts_list.entries.is_empty());
|
||||
assert!(!hsts_list.entries_map.is_empty());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue