Skip to content
Permalink
Browse files

Fix authority parsing in Closure URI parser.

PiperOrigin-RevId: 288978923
  • Loading branch information
12wrigja authored and kjin committed Jan 9, 2020
1 parent bf42e87 commit ac0736b578df04ca23cc0fbf157824e57631c840
Showing with 14 additions and 1 deletion.
  1. +1 −1 closure/goog/uri/utils.js
  2. +13 −0 closure/goog/uri/utils_test.js
@@ -195,7 +195,7 @@ goog.uri.utils.splitRe_ = new RegExp(
'(?:([^/?#]*)@)?' + // userInfo
'([^/#?]*?)' + // domain
'(?::([0-9]+))?' + // port
'(?=[/#?]|$)' + // authority-terminating character
'(?=[/\\\\#?]|$)' + // authority-terminating character
')?' +
'([^?#]+)?' + // path
'(?:\\?([^#]*))?' + // query
@@ -106,6 +106,19 @@ testSuite({
assertEquals('fragment', utils.getFragment(uri));
},

testSplitMaliciousUri() {
const uri = 'https://malicious.com\\test.google.com';
assertEquals('https', utils.getScheme(uri));
assertEquals('malicious.com', utils.getDomain(uri));
assertEquals('malicious.com', utils.getDomainEncoded(uri));
assertNull(utils.getPort(uri));
assertEquals('\\test.google.com', utils.getPathEncoded(uri));
assertEquals('\\test.google.com', utils.getPath(uri));
assertNull(utils.getQueryData(uri));
assertNull(utils.getFragmentEncoded(uri));
assertNull(utils.getFragment(uri));
},

testSplitBadAuthority() {
// This URL has a syntax error per the RFC (port number must be digits, and
// host cannot contain a colon except in [...]). This test is solely to

0 comments on commit ac0736b

Please sign in to comment.
You can’t perform that action at this time.