1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 // ICU-based IDNA converter.
6
7 #include <stdint.h>
8 #include <stdlib.h>
9 #include <string.h>
10
11 #include <ostream>
12
13 #include "base/check_op.h"
14 #include "base/numerics/safe_conversions.h"
15 #include "third_party/icu/source/common/unicode/uidna.h"
16 #include "third_party/icu/source/common/unicode/utypes.h"
17 #include "url/url_canon_icu.h"
18 #include "url/url_canon_internal.h" // for _itoa_s
19 #include "url/url_features.h"
20
21 namespace url {
22
23 namespace {
24
25 // Use UIDNA, a C pointer to a UTS46/IDNA 2008 handling object opened with
26 // uidna_openUTS46().
27 //
28 // We use UTS46 with BiDiCheck to migrate from IDNA 2003 (with unassigned
29 // code points allowed) to IDNA 2008 with the backward compatibility in mind.
30 // What it does:
31 //
32 // 1. Use the up-to-date Unicode data.
33 // 2. Define a case folding/mapping with the up-to-date Unicode data as
34 // in IDNA 2003.
35 // 3. If `use_idna_non_transitional` is true, use non-transitional mechanism for
36 // 4 deviation characters (sharp-s, final sigma, ZWJ and ZWNJ) per
37 // url.spec.whatwg.org.
38 // 4. Continue to allow symbols and punctuations.
39 // 5. Apply new BiDi check rules more permissive than the IDNA 2003 BiDI rules.
40 // 6. Do not apply STD3 rules
41 // 7. Do not allow unassigned code points.
42 //
43 // It also closely matches what IE 10 does except for the BiDi check (
44 // http://goo.gl/3XBhqw ).
45 // See http://http://unicode.org/reports/tr46/ and references therein
46 // for more details.
CreateIDNA(bool use_idna_non_transitional)47 UIDNA* CreateIDNA(bool use_idna_non_transitional) {
48 uint32_t options = UIDNA_CHECK_BIDI;
49 if (use_idna_non_transitional) {
50 // Use non-transitional processing if enabled. See
51 // https://url.spec.whatwg.org/#idna for details.
52 options |=
53 UIDNA_NONTRANSITIONAL_TO_ASCII | UIDNA_NONTRANSITIONAL_TO_UNICODE;
54 }
55 UErrorCode err = U_ZERO_ERROR;
56 UIDNA* idna = uidna_openUTS46(options, &err);
57 if (U_FAILURE(err)) {
58 CHECK(false) << "failed to open UTS46 data with error: " << u_errorName(err)
59 << ". If you see this error message in a test environment "
60 << "your test environment likely lacks the required data "
61 << "tables for libicu. See https://crbug.com/778929.";
62 idna = nullptr;
63 }
64 return idna;
65 }
66
GetUIDNA()67 UIDNA* GetUIDNA() {
68 // This logic results in having two UIDNA instances in tests. This is okay.
69 if (IsUsingIDNA2008NonTransitional()) {
70 static UIDNA* uidna = CreateIDNA(/*use_idna_non_transitional=*/true);
71 return uidna;
72 } else {
73 static UIDNA* uidna = CreateIDNA(/*use_idna_non_transitional=*/false);
74 return uidna;
75 }
76 }
77
78 } // namespace
79
80 // Converts the Unicode input representing a hostname to ASCII using IDN rules.
81 // The output must be ASCII, but is represented as wide characters.
82 //
83 // On success, the output will be filled with the ASCII host name and it will
84 // return true. Unlike most other canonicalization functions, this assumes that
85 // the output is empty. The beginning of the host will be at offset 0, and
86 // the length of the output will be set to the length of the new host name.
87 //
88 // On error, this will return false. The output in this case is undefined.
89 // TODO(jungshik): use UTF-8/ASCII version of nameToASCII.
90 // Change the function signature and callers accordingly to avoid unnecessary
91 // conversions in our code. In addition, consider using icu::IDNA's UTF-8/ASCII
92 // version with StringByteSink. That way, we can avoid C wrappers and additional
93 // string conversion.
IDNToASCII(std::u16string_view src,CanonOutputW * output)94 bool IDNToASCII(std::u16string_view src, CanonOutputW* output) {
95 DCHECK(output->length() == 0); // Output buffer is assumed empty.
96
97 UIDNA* uidna = GetUIDNA();
98 DCHECK(uidna != nullptr);
99 while (true) {
100 UErrorCode err = U_ZERO_ERROR;
101 UIDNAInfo info = UIDNA_INFO_INITIALIZER;
102 int output_length = uidna_nameToASCII(
103 uidna, src.data(), base::checked_cast<int32_t>(src.size()),
104 output->data(), output->capacity(), &info, &err);
105
106 // Ignore various errors for web compatibility. The options are specified
107 // by the WHATWG URL Standard. See
108 // - https://unicode.org/reports/tr46/
109 // - https://url.spec.whatwg.org/#concept-domain-to-ascii
110 // (we set beStrict to false)
111
112 // Disable the "CheckHyphens" option in UTS #46. See
113 // - https://crbug.com/804688
114 // - https://github.com/whatwg/url/issues/267
115 info.errors &= ~UIDNA_ERROR_HYPHEN_3_4;
116 info.errors &= ~UIDNA_ERROR_LEADING_HYPHEN;
117 info.errors &= ~UIDNA_ERROR_TRAILING_HYPHEN;
118
119 // Disable the "VerifyDnsLength" option in UTS #46.
120 info.errors &= ~UIDNA_ERROR_EMPTY_LABEL;
121 info.errors &= ~UIDNA_ERROR_LABEL_TOO_LONG;
122 info.errors &= ~UIDNA_ERROR_DOMAIN_NAME_TOO_LONG;
123
124 if (U_SUCCESS(err) && info.errors == 0) {
125 // Per WHATWG URL, it is a failure if the ToASCII output is empty.
126 //
127 // ICU would usually return UIDNA_ERROR_EMPTY_LABEL in this case, but we
128 // want to continue allowing http://abc..def/ while forbidding http:///.
129 //
130 if (output_length == 0) {
131 return false;
132 }
133
134 output->set_length(output_length);
135 return true;
136 }
137
138 if (err != U_BUFFER_OVERFLOW_ERROR || info.errors != 0)
139 return false; // Unknown error, give up.
140
141 // Not enough room in our buffer, expand.
142 output->Resize(output_length);
143 }
144 }
145
146 } // namespace url
147