Auto merge of #14623 - DominoTree:master, r=<try>

bors-servo · web-flow · commit 166b4de58982 · 2016-12-19T00:32:24.000-08:00
Add check for bad ports to http_fetch(), return NetworkError::Internal if bad port/schema combination is seen. Test added ---  - [x] `./mach build -d` does not report any errors - [x] `./mach test-tidy` does not report any errors - [x] These changes fix #14514 (github issue number if applicable).  - [x] There are tests for these changes OR   --- This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/servo/14623)
diff --git a/components/net/http_loader.rs b/components/net/http_loader.rs
@@ -537,6 +537,23 @@ pub fn http_fetch(request: Rc<Request>,
                   done_chan: &mut DoneChannel,
                   context: &FetchContext)
                   -> Response {
+    // Bad port blocking - https://fetch.spec.whatwg.org/#block-bad-port
+    match request.url().port() {
+        Some(port) => {
+            let is_ftp: bool = request.url().scheme() == "ftp" && (port == 20 || port == 21);
+            let bad_ports: Vec<u16> = vec![1, 7, 9, 11, 13, 15, 17, 19, 20, 21, 22, 23, 25, 37, 42,
+                                           43, 53, 77, 79, 87, 95, 101, 102, 103, 104, 109, 110,
+                                           111, 113, 115, 117, 119, 123, 135, 139, 143, 179, 389,
+                                           465, 512, 513, 514, 515, 526, 530, 531, 532, 540, 556,
+                                           563, 587, 601, 636, 993, 995, 2049, 3659, 4045, 6000,
+                                           6665, 6666, 6667, 6668, 6669];
+            if !is_ftp && bad_ports.contains(&port) {
+                return Response::network_error(NetworkError::BadPort);
+            }
+        },
+        None => {}
+    }
+
     // This is a new async fetch, reset the channel we are waiting on
     *done_chan = None;
     // Step 1
diff --git a/components/net_traits/lib.rs b/components/net_traits/lib.rs
@@ -525,6 +525,8 @@ pub enum ConstellationMsg {
 /// Network errors that have to be exported out of the loaders
 #[derive(Clone, PartialEq, Eq, Debug, Deserialize, Serialize, HeapSizeOf)]
 pub enum NetworkError {
+    /// Request attempted on bad port - https://fetch.spec.whatwg.org/#block-bad-port
+    BadPort,
     /// Could be any of the internal errors, like unsupported scheme, connection errors, etc.
     Internal(String),
     LoadCancelled,
diff --git a/tests/unit/net/fetch.rs b/tests/unit/net/fetch.rs
@@ -23,6 +23,7 @@ use hyper::status::StatusCode;
 use hyper::uri::RequestUri;
 use msg::constellation_msg::TEST_PIPELINE_ID;
 use net::fetch::cors_cache::CorsCache;
+use net_traits::NetworkError;
 use net_traits::ReferrerPolicy;
 use net_traits::request::{Origin, RedirectMode, Referrer, Request, RequestMode};
 use net_traits::response::{CacheState, Response, ResponseBody, ResponseType};
@@ -59,6 +60,18 @@ fn test_fetch_response_is_not_network_error() {
     }
 }
 
+#[test]
+fn test_fetch_on_bad_port_is_network_error() {
+    let url = ServoUrl::parse("http://www.example.org:6667").unwrap();
+    let origin = Origin::Origin(url.origin());
+    let request = Request::new(url, Some(origin), false, None);
+    *request.referrer.borrow_mut() = Referrer::NoReferrer;
+    let fetch_response = fetch(request, None);
+    assert!(fetch_response.is_network_error());
+    let fetch_error = fetch_response.get_network_error().unwrap();
+    assert!(fetch_error == &NetworkError::BadPort)
+}
+
 #[test]
 fn test_fetch_response_body_matches_const_message() {
     static MESSAGE: &'static [u8] = b"Hello World!";
