Userland/Libraries/LibWeb/Fetch/Infrastructure/PortBlocking.cpp at master

jcs.org / serenity
fork atom
Serenity Operating System
fork atom
serenity / Userland / Libraries / LibWeb / Fetch / Infrastructure / PortBlocking.cpp
at master 118 lines 3.1 kB view raw
wrap content
Linus Groh LibWeb: Implement 'Should request be blocked due to a bad port' AO 3y ago
62228f08
  1/*
  2 * Copyright (c) 2022, Linus Groh <linusg@serenityos.org>
  3 *
  4 * SPDX-License-Identifier: BSD-2-Clause
  5 */
  6
  7#include <AK/Array.h>
  8#include <AK/BinarySearch.h>
  9#include <LibWeb/Fetch/Infrastructure/HTTP/Requests.h>
 10#include <LibWeb/Fetch/Infrastructure/PortBlocking.h>
 11#include <LibWeb/Fetch/Infrastructure/URL.h>
 12
 13namespace Web::Fetch::Infrastructure {
 14
 15// https://fetch.spec.whatwg.org/#block-bad-port
 16RequestOrResponseBlocking block_bad_port(Request const& request)
 17{
 18    // 1. Let url be request’s current URL.
 19    auto const& url = request.current_url();
 20
 21    // 2. If url’s scheme is an HTTP(S) scheme and url’s port is a bad port, then return blocked.
 22    if (is_http_or_https_scheme(url.scheme()) && url.port().has_value() && is_bad_port(*url.port()))
 23        return RequestOrResponseBlocking::Blocked;
 24
 25    // 3. Return allowed.
 26    return RequestOrResponseBlocking::Allowed;
 27}
 28
 29// https://fetch.spec.whatwg.org/#bad-port
 30bool is_bad_port(u16 port)
 31{
 32    // A port is a bad port if it is listed in the first column of the following table.
 33    static constexpr auto bad_ports = Array {
 34        1,     // tcpmux
 35        7,     // echo
 36        9,     // discard
 37        11,    // systat
 38        13,    // daytime
 39        15,    // netstat
 40        17,    // qotd
 41        19,    // chargen
 42        20,    // ftp-data
 43        21,    // ftp
 44        22,    // ssh
 45        23,    // telnet
 46        25,    // smtp
 47        37,    // time
 48        42,    // name
 49        43,    // nicname
 50        53,    // domain
 51        69,    // tftp
 52        77,    // —
 53        79,    // finger
 54        87,    // —
 55        95,    // supdup
 56        101,   // hostname
 57        102,   // iso-tsap
 58        103,   // gppitnp
 59        104,   // acr-nema
 60        109,   // pop2
 61        110,   // pop3
 62        111,   // sunrpc
 63        113,   // auth
 64        115,   // sftp
 65        117,   // uucp-path
 66        119,   // nntp
 67        123,   // ntp
 68        135,   // epmap
 69        137,   // netbios-ns
 70        139,   // netbios-ssn
 71        143,   // imap
 72        161,   // snmp
 73        179,   // bgp
 74        389,   // ldap
 75        427,   // svrloc
 76        465,   // submissions
 77        512,   // exec
 78        513,   // login
 79        514,   // shell
 80        515,   // printer
 81        526,   // tempo
 82        530,   // courier
 83        531,   // chat
 84        532,   // netnews
 85        540,   // uucp
 86        548,   // afp
 87        554,   // rtsp
 88        556,   // remotefs
 89        563,   // nntps
 90        587,   // submission
 91        601,   // syslog-conn
 92        636,   // ldaps
 93        989,   // ftps-data
 94        990,   // ftps
 95        993,   // imaps
 96        995,   // pop3s
 97        1719,  // h323gatestat
 98        1720,  // h323hostcall
 99        1723,  // pptp
100        2049,  // nfs
101        3659,  // apple-sasl
102        4045,  // npp
103        5060,  // sip
104        5061,  // sips
105        6000,  // x11
106        6566,  // sane-port
107        6665,  // ircu
108        6666,  // ircu
109        6667,  // ircu
110        6668,  // ircu
111        6669,  // ircu
112        6697,  // ircs-u
113        10080, // amanda
114    };
115    return binary_search(bad_ports.span(), port);
116}
117
118}