Permalink
Browse files

Apply Whitelisting to URL rather than host.

This lets you match variants of hostnames (google.com vs www.google.com) more easily and also matches things like google.com/analytics without whitelisting the whole google.com empire.

Do this in a way that is quite conservative and will not match the path only but always require the host name to be involved.

I hope there isn't a big reason for just applying it to the host lurking in the background.

http://rentzsch.lighthouseapp.com/projects/24342/tickets/361-google-analytics-aka-support-for-url-paths-in-approved-list
  • Loading branch information...
1 parent 996c079 commit 22d64c26dd1fc880458ecdfd2aa0cfb5b4661f4a @ssp ssp committed Oct 7, 2009
Showing with 27 additions and 9 deletions.
  1. +27 −9 Plugin/CTFWhitelist.m
View
@@ -47,13 +47,31 @@ of this software and associated documentation files (the "Software"), to deal
{
NSDictionary *specificWhitelistItem = nil;
- int i = 0;
- CTFForEachObject( NSDictionary, item, set ) {
- if( [ [ item objectForKey: @"site" ] isEqualToString: site ] )
- specificWhitelistItem = item;
- ++i;
- }
-
+ NSURL * siteURL = [NSURL URLWithString:site];
+ NSString * host = [siteURL host];
+
+ if (siteURL != nil) {
+ CTFForEachObject( NSDictionary, item, set ) {
+ NSString * whitelistItem = [ item objectForKey: @"site" ];
+ NSInteger slashPosition = [whitelistItem rangeOfString:@"/"].location;
+ if( slashPosition == NSNotFound ) {
+ // no slash => just check host name
+ if ( [host rangeOfString: whitelistItem].location != NSNotFound ) {
+ specificWhitelistItem = item;
+ }
+ }
+ else {
+ // there is a slash => match the host name and path
+ NSString * hostSubstring = [whitelistItem substringToIndex:slashPosition];
+ NSString * pathSubstring = [whitelistItem substringFromIndex:slashPosition];
+ if ( ([[siteURL host] rangeOfString: hostSubstring options: NSBackwardsSearch || NSAnchoredSearch].location != NSNotFound)
+ && ([[siteURL path] rangeOfString: pathSubstring options: NSAnchoredSearch].location != NSNotFound) ){
+ specificWhitelistItem = item;
+ break;
+ }
+ }
+ }
+ }
return specificWhitelistItem;
}
@@ -152,14 +170,14 @@ - (BOOL) _isHostWhitelisted
return YES;
}
- return [self _isWhiteListedForHostString: [self host]];
+ return [self _isWhiteListedForHostString: [self baseURL]];
}
- (BOOL) _isWhiteListedForHostString:(NSString *)hostString
{
NSArray *hostWhitelistArray = [[CTFUserDefaultsController standardUserDefaults] arrayForKey: sHostSiteInfoDefaultsKey];
NSSet *hostWhitelistSet = [NSSet setWithArray:hostWhitelistArray];
- return hostWhitelistArray && itemForSite(hostWhitelistSet, hostString) != nil;
+ return hostWhitelistArray && itemForSite(hostWhitelistSet, hostString) != nil;
}
- (NSMutableSet *) _mutableSiteInfo

0 comments on commit 22d64c2

Please sign in to comment.