1 // Copyright 2020 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_BASE_SCHEME_HOST_PORT_MATCHER_RULE_H_
6 #define NET_BASE_SCHEME_HOST_PORT_MATCHER_RULE_H_
7 
8 #include <memory>
9 #include <string>
10 
11 #include "net/base/ip_address.h"
12 #include "net/base/ip_endpoint.h"
13 #include "net/base/net_export.h"
14 #include "net/base/scheme_host_port_matcher_result.h"
15 #include "url/gurl.h"
16 
17 namespace net {
18 
19 // Interface for an individual SchemeHostPortMatcher rule.
20 class NET_EXPORT SchemeHostPortMatcherRule {
21  public:
22   SchemeHostPortMatcherRule() = default;
23   SchemeHostPortMatcherRule(const SchemeHostPortMatcherRule&) = delete;
24   SchemeHostPortMatcherRule& operator=(const SchemeHostPortMatcherRule&) =
25       delete;
26 
27   virtual ~SchemeHostPortMatcherRule() = default;
28 
29   // Creates a SchemeHostPortMatcherRule by best-effort parsing the string. If
30   // it can't parse, returns a nullptr. It only parses all the rule types in
31   // this header file. Types with other serializations will need to be handled
32   // by the caller.
33   static std::unique_ptr<SchemeHostPortMatcherRule> FromUntrimmedRawString(
34       const std::string& raw_untrimmed);
35 
36   // Evaluates the rule against |url|.
37   virtual SchemeHostPortMatcherResult Evaluate(const GURL& url) const = 0;
38   // Returns a string representation of this rule. The returned string will not
39   // match any distinguishable rule of any type.
40   virtual std::string ToString() const = 0;
41   // Returns true if |this| is an instance of
42   // SchemeHostPortMatcherHostnamePatternRule.
43   virtual bool IsHostnamePatternRule() const;
44 };
45 
46 // Rule that matches URLs with wildcard hostname patterns, and
47 // scheme/port restrictions.
48 //
49 // For example:
50 //   *.google.com
51 //   https://*.google.com
52 //   google.com:443
53 class NET_EXPORT SchemeHostPortMatcherHostnamePatternRule
54     : public SchemeHostPortMatcherRule {
55  public:
56   SchemeHostPortMatcherHostnamePatternRule(const std::string& optional_scheme,
57                                            const std::string& hostname_pattern,
58                                            int optional_port);
59   SchemeHostPortMatcherHostnamePatternRule(
60       const SchemeHostPortMatcherHostnamePatternRule&) = delete;
61   SchemeHostPortMatcherHostnamePatternRule& operator=(
62       const SchemeHostPortMatcherHostnamePatternRule&) = delete;
63 
64   // SchemeHostPortMatcherRule implementation:
65   SchemeHostPortMatcherResult Evaluate(const GURL& url) const override;
66   std::string ToString() const override;
67   bool IsHostnamePatternRule() const override;
68 
69   // Generates a new SchemeHostPortMatcherHostnamePatternRule based on the
70   // current rule. The new rule will do suffix matching if the current rule
71   // doesn't. For example, "google.com" would become "*google.com" and match
72   // "foogoogle.com".
73   std::unique_ptr<SchemeHostPortMatcherHostnamePatternRule>
74   GenerateSuffixMatchingRule() const;
75 
76  private:
77   const std::string optional_scheme_;
78   const std::string hostname_pattern_;
79   const int optional_port_;
80 };
81 
82 // Rule that matches URLs with IP address as hostname, and scheme/port
83 // restrictions. * only works in the host portion. i18n domain names must be
84 // input in punycode format.
85 //
86 // For example:
87 //   127.0.0.1,
88 //   http://127.0.0.1
89 //   [::1]
90 //   [0:0::1]
91 //   http://[::1]:99
92 class NET_EXPORT SchemeHostPortMatcherIPHostRule
93     : public SchemeHostPortMatcherRule {
94  public:
95   SchemeHostPortMatcherIPHostRule(const std::string& optional_scheme,
96                                   const IPEndPoint& ip_end_point);
97   SchemeHostPortMatcherIPHostRule(const SchemeHostPortMatcherIPHostRule&) =
98       delete;
99   SchemeHostPortMatcherIPHostRule& operator=(
100       const SchemeHostPortMatcherIPHostRule&) = delete;
101 
102   // SchemeHostPortMatcherRule implementation:
103   SchemeHostPortMatcherResult Evaluate(const GURL& url) const override;
104   std::string ToString() const override;
105 
106  private:
107   const std::string optional_scheme_;
108   const std::string ip_host_;
109   const int optional_port_;
110 };
111 
112 // Rule for matching a URL that is an IP address, if that IP address falls
113 // within a certain numeric range.
114 //
115 // For example:
116 //   127.0.0.1/8.
117 //   FE80::/10
118 //   but not http://127.0.0.1:7/8 or http://[FE80::]/10 (IPv6 with brackets).
119 class NET_EXPORT SchemeHostPortMatcherIPBlockRule
120     : public SchemeHostPortMatcherRule {
121  public:
122   // |ip_prefix| + |prefix_length| define the IP block to match.
123   SchemeHostPortMatcherIPBlockRule(const std::string& description,
124                                    const std::string& optional_scheme,
125                                    const IPAddress& ip_prefix,
126                                    size_t prefix_length_in_bits);
127   SchemeHostPortMatcherIPBlockRule(const SchemeHostPortMatcherIPBlockRule&) =
128       delete;
129   SchemeHostPortMatcherIPBlockRule& operator=(
130       const SchemeHostPortMatcherIPBlockRule&) = delete;
131 
132   // SchemeHostPortMatcherRule implementation:
133   SchemeHostPortMatcherResult Evaluate(const GURL& url) const override;
134   std::string ToString() const override;
135 
136  private:
137   const std::string description_;
138   const std::string optional_scheme_;
139   const IPAddress ip_prefix_;
140   const size_t prefix_length_in_bits_;
141 };
142 
143 }  // namespace net
144 
145 #endif  // NET_BASE_SCHEME_HOST_PORT_MATCHER_RULE_H_
146