mirror of
				https://github.com/RGBCube/serenity
				synced 2025-10-25 02:22:32 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			118 lines
		
	
	
	
		
			3.1 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
			
		
		
	
	
			118 lines
		
	
	
	
		
			3.1 KiB
		
	
	
	
		
			C++
		
	
	
	
	
	
| /*
 | ||
|  * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
 | ||
|  *
 | ||
|  * SPDX-License-Identifier: BSD-2-Clause
 | ||
|  */
 | ||
| 
 | ||
| #include <AK/Array.h>
 | ||
| #include <AK/BinarySearch.h>
 | ||
| #include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
 | ||
| #include <LibWeb/Fetch/Infrastructure/PortBlocking.h>
 | ||
| #include <LibWeb/Fetch/Infrastructure/URL.h>
 | ||
| 
 | ||
| namespace Web::Fetch::Infrastructure {
 | ||
| 
 | ||
| // https://fetch.spec.whatwg.org/#block-bad-port
 | ||
| RequestOrResponseBlocking block_bad_port(Request const& request)
 | ||
| {
 | ||
|     // 1. Let url be request’s current URL.
 | ||
|     auto const& url = request.current_url();
 | ||
| 
 | ||
|     // 2. If url’s scheme is an HTTP(S) scheme and url’s port is a bad port, then return blocked.
 | ||
|     if (is_http_or_https_scheme(url.scheme()) && url.port().has_value() && is_bad_port(*url.port()))
 | ||
|         return RequestOrResponseBlocking::Blocked;
 | ||
| 
 | ||
|     // 3. Return allowed.
 | ||
|     return RequestOrResponseBlocking::Allowed;
 | ||
| }
 | ||
| 
 | ||
| // https://fetch.spec.whatwg.org/#bad-port
 | ||
| bool is_bad_port(u16 port)
 | ||
| {
 | ||
|     // A port is a bad port if it is listed in the first column of the following table.
 | ||
|     static constexpr auto bad_ports = Array {
 | ||
|         1,     // tcpmux
 | ||
|         7,     // echo
 | ||
|         9,     // discard
 | ||
|         11,    // systat
 | ||
|         13,    // daytime
 | ||
|         15,    // netstat
 | ||
|         17,    // qotd
 | ||
|         19,    // chargen
 | ||
|         20,    // ftp-data
 | ||
|         21,    // ftp
 | ||
|         22,    // ssh
 | ||
|         23,    // telnet
 | ||
|         25,    // smtp
 | ||
|         37,    // time
 | ||
|         42,    // name
 | ||
|         43,    // nicname
 | ||
|         53,    // domain
 | ||
|         69,    // tftp
 | ||
|         77,    // —
 | ||
|         79,    // finger
 | ||
|         87,    // —
 | ||
|         95,    // supdup
 | ||
|         101,   // hostname
 | ||
|         102,   // iso-tsap
 | ||
|         103,   // gppitnp
 | ||
|         104,   // acr-nema
 | ||
|         109,   // pop2
 | ||
|         110,   // pop3
 | ||
|         111,   // sunrpc
 | ||
|         113,   // auth
 | ||
|         115,   // sftp
 | ||
|         117,   // uucp-path
 | ||
|         119,   // nntp
 | ||
|         123,   // ntp
 | ||
|         135,   // epmap
 | ||
|         137,   // netbios-ns
 | ||
|         139,   // netbios-ssn
 | ||
|         143,   // imap
 | ||
|         161,   // snmp
 | ||
|         179,   // bgp
 | ||
|         389,   // ldap
 | ||
|         427,   // svrloc
 | ||
|         465,   // submissions
 | ||
|         512,   // exec
 | ||
|         513,   // login
 | ||
|         514,   // shell
 | ||
|         515,   // printer
 | ||
|         526,   // tempo
 | ||
|         530,   // courier
 | ||
|         531,   // chat
 | ||
|         532,   // netnews
 | ||
|         540,   // uucp
 | ||
|         548,   // afp
 | ||
|         554,   // rtsp
 | ||
|         556,   // remotefs
 | ||
|         563,   // nntps
 | ||
|         587,   // submission
 | ||
|         601,   // syslog-conn
 | ||
|         636,   // ldaps
 | ||
|         989,   // ftps-data
 | ||
|         990,   // ftps
 | ||
|         993,   // imaps
 | ||
|         995,   // pop3s
 | ||
|         1719,  // h323gatestat
 | ||
|         1720,  // h323hostcall
 | ||
|         1723,  // pptp
 | ||
|         2049,  // nfs
 | ||
|         3659,  // apple-sasl
 | ||
|         4045,  // npp
 | ||
|         5060,  // sip
 | ||
|         5061,  // sips
 | ||
|         6000,  // x11
 | ||
|         6566,  // sane-port
 | ||
|         6665,  // ircu
 | ||
|         6666,  // ircu
 | ||
|         6667,  // ircu
 | ||
|         6668,  // ircu
 | ||
|         6669,  // ircu
 | ||
|         6697,  // ircs-u
 | ||
|         10080, // amanda
 | ||
|     };
 | ||
|     return binary_search(bad_ports.span(), port);
 | ||
| }
 | ||
| 
 | ||
| }
 | 
