Introduce fetch::methods::should_be_blocked_due_to_bad_port

2025-07-23 07:13:52 +01:00 · 2017-03-23 14:48:23 +01:00 · 2017-03-23 14:48:23 +01:00 · fb2c9e7bf5
commit fb2c9e7bf5
parent 9894dca86c
1 changed files with 50 additions and 11 deletions
--- a/components/net/fetch/methods.rs
+++ b/components/net/fetch/methods.rs
@ -20,6 +20,7 @@ use net_traits::{FetchTaskTarget, NetworkError, ReferrerPolicy};
 use net_traits::request::{Referrer, Request, RequestMode, ResponseTainting};
 use net_traits::request::{Type, Origin, Window};
 use net_traits::response::{Response, ResponseBody, ResponseType};
+use servo_url::ServoUrl;
 use std::borrow::Cow;
 use std::fmt;
 use std::fs::File;
@ -148,17 +149,8 @@ pub fn main_fetch(request: Rc<Request>,

    // Step 5
    // TODO this step (CSP port/content blocking)
-    if let Some(port) = request.url().port() {
-        let is_ftp = request.url().scheme() == "ftp" && (port == 20 || port == 21);
-        static BAD_PORTS: [u16; 64] = [1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42,
-                                       43, 53, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110, 111,
-                                       113, 115, 117, 119, 123, 135, 139, 143, 179, 389, 465, 512,
-                                       513, 514, 515, 526, 530, 531, 532, 540, 556, 563, 587, 601,
-                                       636, 993, 995, 2049, 3659, 4045, 6000, 6665, 6666, 6667,
-                                       6668, 6669];
-        if !is_ftp && BAD_PORTS.binary_search(&port).is_ok() {
-            response = Some(Response::network_error(NetworkError::Internal("Request attempted on bad port".into())));
-        }
+    if should_be_blocked_due_to_bad_port(&request.url()) {
+        response = Some(Response::network_error(NetworkError::Internal("Request attempted on bad port".into())));
    }

    // Step 6
@ -623,3 +615,50 @@ fn should_block_nosniff(request: &Request, response: &Response) -> bool {
        _ => false
    };
 }
+
+/// https://fetch.spec.whatwg.org/#block-bad-port
+fn should_be_blocked_due_to_bad_port(url: &ServoUrl) -> bool {
+    // Step 1 is not applicable, this function just takes the URL directly.
+
+    // Step 2.
+    let scheme = url.scheme();
+
+    // Step 3.
+    // If there is no explicit port, this means the default one is used for
+    // the given scheme, and thus this means the request should not be blocked
+    // due to a bad port.
+    let port = if let Some(port) = url.port() { port } else { return false };
+
+    // Step 4.
+    if scheme == "ftp" && (port == 20 || port == 21) {
+        return false;
+    }
+
+
+    // Step 5.
+    if is_network_scheme(scheme) && is_bad_port(port) {
+        return true;
+    }
+
+    // Step 6.
+    false
+}
+
+/// https://fetch.spec.whatwg.org/#network-scheme
+fn is_network_scheme(scheme: &str) -> bool {
+    scheme == "ftp" || scheme == "http" || scheme == "https"
+}
+
+/// https://fetch.spec.whatwg.org/#bad-port
+fn is_bad_port(port: u16) -> bool {
+    static BAD_PORTS: [u16; 64] = [
+        1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42,
+        43, 53, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110, 111,
+        113, 115, 117, 119, 123, 135, 139, 143, 179, 389, 465, 512,
+        513, 514, 515, 526, 530, 531, 532, 540, 556, 563, 587, 601,
+        636, 993, 995, 2049, 3659, 4045, 6000, 6665, 6666, 6667,
+        6668, 6669
+    ];
+
+    BAD_PORTS.binary_search(&port).is_ok()
+}