netwerk/dns/nsIDNService.h

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* This Source Code Form is subject to the terms of the Mozilla Public
   3  * License, v. 2.0. If a copy of the MPL was not distributed with this
   4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   5
   6 #ifndef nsIDNService_h__
   7 #define nsIDNService_h__
   8
   9 #include "nsIIDNService.h"
  10 #include "nsCOMPtr.h"
  11
  12 #include "mozilla/RWLock.h"
  13 #include "mozilla/intl/UnicodeScriptCodes.h"
  14 #include "mozilla/net/IDNBlocklistUtils.h"
  15 #include "mozilla/intl/IDNA.h"
  16 #include "mozilla/UniquePtr.h"
  17
  18 #include "nsString.h"
  19
  20 class nsIPrefBranch;
  21
  22 //-----------------------------------------------------------------------------
  23 // nsIDNService
  24 //-----------------------------------------------------------------------------
  25
  26 namespace mozilla::net {
  27 enum ScriptCombo : int32_t;
  28 }
  29
  30 class nsIDNService final : public nsIIDNService {
  31  public:
  32   NS_DECL_THREADSAFE_ISUPPORTS
  33   NS_DECL_NSIIDNSERVICE
  34
  35   nsIDNService();
  36
  37   nsresult Init();
  38
  39  protected:
  40   virtual ~nsIDNService();
  41
  42  private:
  43   enum stringPrepFlag {
  44     eStringPrepForDNS,
  45     eStringPrepForUI,
  46     eStringPrepIgnoreErrors
  47   };
  48
  49   /**
  50    * Convert the following characters that must be recognized as label
  51    *  separators per RFC 3490 to ASCII full stop characters
  52    *
  53    * U+3002 (ideographic full stop)
  54    * U+FF0E (fullwidth full stop)
  55    * U+FF61 (halfwidth ideographic full stop)
  56    */
  57   void normalizeFullStops(nsAString& s);
  58
  59   /**
  60    * Convert and encode a DNS label in ACE/punycode.
  61    * @param flag
  62    *        if eStringPrepIgnoreErrors, all non-ASCII labels are
  63    *           converted to punycode.
  64    *        if eStringPrepForUI, only labels that are considered safe
  65    *           for display are converted.
  66    *           @see isLabelSafe
  67    *        if eStringPrepForDNS and stringPrep finds an illegal
  68    *           character, returns NS_FAILURE and out is empty
  69    */
  70   nsresult stringPrepAndACE(const nsAString& in, nsACString& out,
  71                             stringPrepFlag flag);
  72
  73   /**
  74    * Convert a DNS label using the stringprep profile defined in RFC 3454
  75    */
  76   nsresult stringPrep(const nsAString& in, nsAString& out, stringPrepFlag flag);
  77
  78   /**
  79    * Decode an ACE-encoded DNS label to UTF-8
  80    *
  81    * @param flag
  82    *        if eStringPrepForUI and the label is not considered safe to
  83    *           display, the output is the same as the input
  84    *        @see isLabelSafe
  85    */
  86   nsresult decodeACE(const nsACString& in, nsACString& out,
  87                      stringPrepFlag flag);
  88
  89   /**
  90    * Convert complete domain names between UTF8 and ACE and vice versa
  91    *
  92    * @param flag is passed to decodeACE or stringPrepAndACE for each
  93    *  label individually, so the output may contain some labels in
  94    *  punycode and some in UTF-8
  95    */
  96   nsresult UTF8toACE(const nsACString& input, nsACString& ace,
  97                      stringPrepFlag flag);
  98   nsresult ACEtoUTF8(const nsACString& input, nsACString& _retval,
  99                      stringPrepFlag flag);
 100
 101   void prefsChanged(const char* pref);
 102
 103   static void PrefChanged(const char* aPref, void* aSelf) {
 104     auto* self = static_cast<nsIDNService*>(aSelf);
 105     self->prefsChanged(aPref);
 106   }
 107
 108   /**
 109    * Determine whether a label is considered safe to display to the user
 110    * according to the algorithm defined in UTR 39 and the profile
 111    * selected in mRestrictionProfile.
 112    *
 113    * For the ASCII-only profile, returns false for all labels containing
 114    * non-ASCII characters.
 115    *
 116    * For the other profiles, returns false for labels containing any of
 117    * the following:
 118    *
 119    *  Characters in scripts other than the "recommended scripts" and
 120    *   "aspirational scripts" defined in
 121    *   http://www.unicode.org/reports/tr31/#Table_Recommended_Scripts
 122    *   and http://www.unicode.org/reports/tr31/#Aspirational_Use_Scripts
 123    *  This includes codepoints that are not defined as Unicode
 124    *   characters
 125    *
 126    *  Illegal combinations of scripts (@see illegalScriptCombo)
 127    *
 128    *  Numbers from more than one different numbering system
 129    *
 130    *  Sequences of the same non-spacing mark
 131    *
 132    *  Both simplified-only and traditional-only Chinese characters
 133    *   XXX this test was disabled by bug 857481
 134    */
 135   bool isLabelSafe(const nsAString& label) MOZ_EXCLUDES(mLock);
 136
 137   /**
 138    * Determine whether a combination of scripts in a single label is
 139    * permitted according to the algorithm defined in UTR 39 and the
 140    * profile selected in mRestrictionProfile.
 141    *
 142    * For the "Highly restrictive" profile, all characters in each
 143    * identifier must be from a single script, or from the combinations:
 144    *  Latin + Han + Hiragana + Katakana;
 145    *  Latin + Han + Bopomofo; or
 146    *  Latin + Han + Hangul
 147    *
 148    * For the "Moderately restrictive" profile, Latin is also allowed
 149    *  with other scripts except Cyrillic and Greek
 150    */
 151   bool illegalScriptCombo(mozilla::intl::Script script,
 152                           mozilla::net::ScriptCombo& savedScript)
 153       MOZ_REQUIRES_SHARED(mLock);
 154
 155   /**
 156    * Convert a DNS label from ASCII to Unicode using IDNA2008
 157    */
 158   nsresult IDNA2008ToUnicode(const nsACString& input, nsAString& output);
 159
 160   /**
 161    * Convert a DNS label to a normalized form conforming to IDNA2008
 162    */
 163   nsresult IDNA2008StringPrep(const nsAString& input, nsAString& output,
 164                               stringPrepFlag flag);
 165
 166   // never mutated after initializing.
 167   mozilla::UniquePtr<mozilla::intl::IDNA> mIDNA;
 168
 169   // We use this rwlock to guard access to:
 170   // |mIDNBlocklist|, |mRestrictionProfile|
 171   mozilla::RWLock mLock{"nsIDNService"};
 172
 173   // guarded by mLock
 174   nsTArray<mozilla::net::BlocklistRange> mIDNBlocklist MOZ_GUARDED_BY(mLock);
 175
 176   /**
 177    * Restriction-level Detection profiles defined in UTR 39
 178    * http://www.unicode.org/reports/tr39/#Restriction_Level_Detection,
 179    * and selected by the pref network.IDN.restriction_profile
 180    */
 181   enum restrictionProfile {
 182     eASCIIOnlyProfile,
 183     eHighlyRestrictiveProfile,
 184     eModeratelyRestrictiveProfile
 185   };
 186   // guarded by mLock;
 187   restrictionProfile mRestrictionProfile MOZ_GUARDED_BY(mLock){
 188       eASCIIOnlyProfile};
 189 };
 190
 191 #endif  // nsIDNService_h__