Fix authority parsing in Closure URI parser.

PiperOrigin-RevId: 288978923
google · Jan 10, 2020 · ac0736b · ac0736b
1 parent bf42e87
commit ac0736b
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 1 deletion.
diff --git a/closure/goog/uri/utils.js b/closure/goog/uri/utils.js
@@ -195,7 +195,7 @@ goog.uri.utils.splitRe_ = new RegExp(
     '(?:([^/?#]*)@)?' +  // userInfo
     '([^/#?]*?)' +       // domain
     '(?::([0-9]+))?' +   // port
-    '(?=[/#?]|$)' +      // authority-terminating character
+    '(?=[/\\\\#?]|$)' +  // authority-terminating character
     ')?' +
     '([^?#]+)?' +          // path
     '(?:\\?([^#]*))?' +    // query

diff --git a/closure/goog/uri/utils_test.js b/closure/goog/uri/utils_test.js
@@ -106,6 +106,19 @@ testSuite({
     assertEquals('fragment', utils.getFragment(uri));
   },
 
+  testSplitMaliciousUri() {
+    const uri = 'https://malicious.com\\test.google.com';
+    assertEquals('https', utils.getScheme(uri));
+    assertEquals('malicious.com', utils.getDomain(uri));
+    assertEquals('malicious.com', utils.getDomainEncoded(uri));
+    assertNull(utils.getPort(uri));
+    assertEquals('\\test.google.com', utils.getPathEncoded(uri));
+    assertEquals('\\test.google.com', utils.getPath(uri));
+    assertNull(utils.getQueryData(uri));
+    assertNull(utils.getFragmentEncoded(uri));
+    assertNull(utils.getFragment(uri));
+  },
+
   testSplitBadAuthority() {
     // This URL has a syntax error per the RFC (port number must be digits, and
     // host cannot contain a colon except in [...]). This test is solely to