netwerk/dns/nsIDNService.h

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* This Source Code Form is subject to the terms of the Mozilla Public
   3  * License, v. 2.0. If a copy of the MPL was not distributed with this
   4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   5
   6 #ifndef nsIDNService_h__
   7 #define nsIDNService_h__
   8
   9 #include "nsIIDNService.h"
  10 #include "nsCOMPtr.h"
  11
  12 #include "mozilla/RWLock.h"
  13 #include "mozilla/intl/UnicodeScriptCodes.h"
  14 #include "mozilla/net/IDNBlocklistUtils.h"
  15 #include "mozilla/intl/IDNA.h"
  16 #include "mozilla/UniquePtr.h"
  17
  18 #include "nsString.h"
  19 #include "nsStringFwd.h"
  20
  21 class nsIPrefBranch;
  22
  23 //-----------------------------------------------------------------------------
  24 // nsIDNService
  25 //-----------------------------------------------------------------------------
  26
  27 namespace mozilla::net {
  28 enum ScriptCombo : int32_t;
  29 }
  30
  31 class nsIDNService final : public nsIIDNService {
  32  public:
  33   NS_DECL_THREADSAFE_ISUPPORTS
  34   NS_DECL_NSIIDNSERVICE
  35
  36   nsIDNService();
  37
  38   nsresult Init();
  39
  40  protected:
  41   virtual ~nsIDNService();
  42
  43  private:
  44   enum stringPrepFlag {
  45     eStringPrepForDNS,
  46     eStringPrepForUI,
  47     eStringPrepIgnoreErrors
  48   };
  49
  50   /**
  51    * Convert the following characters that must be recognized as label
  52    *  separators per RFC 3490 to ASCII full stop characters
  53    *
  54    * U+3002 (ideographic full stop)
  55    * U+FF0E (fullwidth full stop)
  56    * U+FF61 (halfwidth ideographic full stop)
  57    */
  58   void normalizeFullStops(nsAString& s);
  59
  60   /**
  61    * Convert and encode a DNS label in ACE/punycode.
  62    * @param flag
  63    *        if eStringPrepIgnoreErrors, all non-ASCII labels are
  64    *           converted to punycode.
  65    *        if eStringPrepForUI, only labels that are considered safe
  66    *           for display are converted.
  67    *           @see isLabelSafe
  68    *        if eStringPrepForDNS and stringPrep finds an illegal
  69    *           character, returns NS_FAILURE and out is empty
  70    */
  71   nsresult stringPrepAndACE(const nsAString& in, nsACString& out,
  72                             stringPrepFlag flag);
  73
  74   /**
  75    * Convert a DNS label using the stringprep profile defined in RFC 3454
  76    */
  77   nsresult stringPrep(const nsAString& in, nsAString& out, stringPrepFlag flag);
  78
  79   /**
  80    * Decode an ACE-encoded DNS label to UTF-8
  81    *
  82    * @param flag
  83    *        if eStringPrepForUI and the label is not considered safe to
  84    *           display, the output is the same as the input
  85    *        @see isLabelSafe
  86    */
  87   nsresult decodeACE(const nsACString& in, nsACString& out, stringPrepFlag flag,
  88                      const nsACString& tld);
  89
  90   /**
  91    * Convert complete domain names between UTF8 and ACE and vice versa
  92    *
  93    * @param flag is passed to decodeACE or stringPrepAndACE for each
  94    *  label individually, so the output may contain some labels in
  95    *  punycode and some in UTF-8
  96    */
  97   nsresult UTF8toACE(const nsACString& input, nsACString& ace,
  98                      stringPrepFlag flag);
  99   nsresult ACEtoUTF8(const nsACString& input, nsACString& _retval,
 100                      stringPrepFlag flag);
 101
 102   nsresult Normalize(const nsACString& input, nsACString& output);
 103
 104   void prefsChanged(const char* pref);
 105
 106   static void PrefChanged(const char* aPref, void* aSelf) {
 107     auto* self = static_cast<nsIDNService*>(aSelf);
 108     self->prefsChanged(aPref);
 109   }
 110
 111   /**
 112    * Determine whether a label is considered safe to display to the user
 113    * according to the algorithm defined in UTR 39 and the profile
 114    * selected in mRestrictionProfile.
 115    *
 116    * For the ASCII-only profile, returns false for all labels containing
 117    * non-ASCII characters.
 118    *
 119    * For the other profiles, returns false for labels containing any of
 120    * the following:
 121    *
 122    *  Characters in scripts other than the "recommended scripts" and
 123    *   "aspirational scripts" defined in
 124    *   http://www.unicode.org/reports/tr31/#Table_Recommended_Scripts
 125    *   and http://www.unicode.org/reports/tr31/#Aspirational_Use_Scripts
 126    *  This includes codepoints that are not defined as Unicode
 127    *   characters
 128    *
 129    *  Illegal combinations of scripts (@see illegalScriptCombo)
 130    *
 131    *  Numbers from more than one different numbering system
 132    *
 133    *  Sequences of the same non-spacing mark
 134    *
 135    *  Both simplified-only and traditional-only Chinese characters
 136    *   XXX this test was disabled by bug 857481
 137    */
 138   bool isLabelSafe(const nsAString& label, const nsAString& tld)
 139       MOZ_EXCLUDES(mLock);
 140
 141   /**
 142    * Restriction-level Detection profiles defined in UTR 39
 143    * http://www.unicode.org/reports/tr39/#Restriction_Level_Detection,
 144    * and selected by the pref network.IDN.restriction_profile
 145    */
 146   enum restrictionProfile {
 147     eASCIIOnlyProfile,
 148     eHighlyRestrictiveProfile,
 149     eModeratelyRestrictiveProfile
 150   };
 151
 152   /**
 153    * Determine whether a combination of scripts in a single label is
 154    * permitted according to the algorithm defined in UTR 39 and the
 155    * profile selected in mRestrictionProfile.
 156    *
 157    * For the "Highly restrictive" profile, all characters in each
 158    * identifier must be from a single script, or from the combinations:
 159    *  Latin + Han + Hiragana + Katakana;
 160    *  Latin + Han + Bopomofo; or
 161    *  Latin + Han + Hangul
 162    *
 163    * For the "Moderately restrictive" profile, Latin is also allowed
 164    *  with other scripts except Cyrillic and Greek
 165    */
 166   bool illegalScriptCombo(restrictionProfile profile,
 167                           mozilla::intl::Script script,
 168                           mozilla::net::ScriptCombo& savedScript);
 169
 170   /**
 171    * Convert a DNS label from ASCII to Unicode using IDNA2008
 172    */
 173   nsresult IDNA2008ToUnicode(const nsACString& input, nsAString& output);
 174
 175   /**
 176    * Convert a DNS label to a normalized form conforming to IDNA2008
 177    */
 178   nsresult IDNA2008StringPrep(const nsAString& input, nsAString& output,
 179                               stringPrepFlag flag);
 180
 181   // never mutated after initializing.
 182   mozilla::UniquePtr<mozilla::intl::IDNA> mIDNA;
 183
 184   // We use this rwlock to guard access to:
 185   // |mIDNBlocklist|, |mRestrictionProfile|
 186   mozilla::RWLock mLock{"nsIDNService"};
 187
 188   // guarded by mLock
 189   nsTArray<mozilla::net::BlocklistRange> mIDNBlocklist MOZ_GUARDED_BY(mLock);
 190
 191   // guarded by mLock;
 192   restrictionProfile mRestrictionProfile MOZ_GUARDED_BY(mLock){
 193       eASCIIOnlyProfile};
 194 };
 195
 196 #endif  // nsIDNService_h__