Bug 1049583 - Allow sub-domain wildcard on ScreenSharing domain whitelist patterns. r=ethanhugg, r=mt

2024-09-13 09:24:08 -07:00 · 2014-08-07 15:12:26 -07:00 · 2014-08-07 15:12:26 -07:00 · 1fccfdb5dd
commit 1fccfdb5dd
parent 75848b38d7
1 changed files with 24 additions and 2 deletions
--- a/dom/media/MediaManager.cpp
+++ b/dom/media/MediaManager.cpp
@ -108,6 +108,28 @@ using dom::OwningBooleanOrMediaTrackConstraints;
 using dom::SupportedAudioConstraints;
 using dom::SupportedVideoConstraints;

+static bool
+HostInDomain(const nsCString &aHost, const nsCString &aPattern)
+{
+  PRInt32 patternOffset = 0;
+  PRInt32 hostOffset = 0;
+
+  // Act on '*.' wildcard in the left-most position in a domain pattern.
+  if (aPattern.Length() > 2 && aPattern[0] == '*' && aPattern[1] == '.') {
+    patternOffset = 2;
+
+    // Ignore the lowest level sub-domain for the hostname.
+    hostOffset = aHost.FindChar('.') + 1;
+
+    if (hostOffset <= 1) {
+      // Reject a match between a wildcard and a TLD or '.foo' form.
+      return false;
+    }
+  }
+
+  nsDependentCString hostRoot(aHost, hostOffset);
+  return hostRoot.EqualsIgnoreCase(aPattern.BeginReading() + patternOffset);
+}

 static bool
 HostHasPermission(nsIURI &docURI)
@ -133,7 +155,7 @@ HostHasPermission(nsIURI &docURI)
  uint32_t begin = 0;
  uint32_t end = 0;
  nsCString domainName;
-  /* 
+  /*
     Test each domain name in the comma separated list
     after converting from UTF8 to ASCII. Each domain
     must match exactly: no wildcards are used.
@ -148,7 +170,7 @@ HostHasPermission(nsIURI &docURI)
    rv = idnService->ConvertUTF8toACE(Substring(domainWhiteList, begin, end - begin),
                                      domainName);
    if (NS_SUCCEEDED(rv)) {
-      if (hostName.EqualsIgnoreCase(domainName.Data(), domainName.Length())) {
+      if (HostInDomain(hostName, domainName)) {
        return true;
      }
    } else {