diff options
author | Rutger Broekhoff | 2023-12-29 21:31:53 +0100 |
---|---|---|
committer | Rutger Broekhoff | 2023-12-29 21:31:53 +0100 |
commit | 404aeae4545d2426c089a5f8d5e82dae56f5212b (patch) | |
tree | 2d84e00af272b39fc04f3795ae06bc48970e57b5 /vendor/golang.org/x/net/http/httpguts/httplex.go | |
parent | 209d8b0187ed025dec9ac149ebcced3462877bff (diff) | |
download | gitolfs3-404aeae4545d2426c089a5f8d5e82dae56f5212b.tar.gz gitolfs3-404aeae4545d2426c089a5f8d5e82dae56f5212b.zip |
Make Nix builds work
Diffstat (limited to 'vendor/golang.org/x/net/http/httpguts/httplex.go')
-rw-r--r-- | vendor/golang.org/x/net/http/httpguts/httplex.go | 352 |
1 files changed, 352 insertions, 0 deletions
diff --git a/vendor/golang.org/x/net/http/httpguts/httplex.go b/vendor/golang.org/x/net/http/httpguts/httplex.go new file mode 100644 index 0000000..6e071e8 --- /dev/null +++ b/vendor/golang.org/x/net/http/httpguts/httplex.go | |||
@@ -0,0 +1,352 @@ | |||
1 | // Copyright 2016 The Go Authors. All rights reserved. | ||
2 | // Use of this source code is governed by a BSD-style | ||
3 | // license that can be found in the LICENSE file. | ||
4 | |||
5 | package httpguts | ||
6 | |||
7 | import ( | ||
8 | "net" | ||
9 | "strings" | ||
10 | "unicode/utf8" | ||
11 | |||
12 | "golang.org/x/net/idna" | ||
13 | ) | ||
14 | |||
15 | var isTokenTable = [127]bool{ | ||
16 | '!': true, | ||
17 | '#': true, | ||
18 | '$': true, | ||
19 | '%': true, | ||
20 | '&': true, | ||
21 | '\'': true, | ||
22 | '*': true, | ||
23 | '+': true, | ||
24 | '-': true, | ||
25 | '.': true, | ||
26 | '0': true, | ||
27 | '1': true, | ||
28 | '2': true, | ||
29 | '3': true, | ||
30 | '4': true, | ||
31 | '5': true, | ||
32 | '6': true, | ||
33 | '7': true, | ||
34 | '8': true, | ||
35 | '9': true, | ||
36 | 'A': true, | ||
37 | 'B': true, | ||
38 | 'C': true, | ||
39 | 'D': true, | ||
40 | 'E': true, | ||
41 | 'F': true, | ||
42 | 'G': true, | ||
43 | 'H': true, | ||
44 | 'I': true, | ||
45 | 'J': true, | ||
46 | 'K': true, | ||
47 | 'L': true, | ||
48 | 'M': true, | ||
49 | 'N': true, | ||
50 | 'O': true, | ||
51 | 'P': true, | ||
52 | 'Q': true, | ||
53 | 'R': true, | ||
54 | 'S': true, | ||
55 | 'T': true, | ||
56 | 'U': true, | ||
57 | 'W': true, | ||
58 | 'V': true, | ||
59 | 'X': true, | ||
60 | 'Y': true, | ||
61 | 'Z': true, | ||
62 | '^': true, | ||
63 | '_': true, | ||
64 | '`': true, | ||
65 | 'a': true, | ||
66 | 'b': true, | ||
67 | 'c': true, | ||
68 | 'd': true, | ||
69 | 'e': true, | ||
70 | 'f': true, | ||
71 | 'g': true, | ||
72 | 'h': true, | ||
73 | 'i': true, | ||
74 | 'j': true, | ||
75 | 'k': true, | ||
76 | 'l': true, | ||
77 | 'm': true, | ||
78 | 'n': true, | ||
79 | 'o': true, | ||
80 | 'p': true, | ||
81 | 'q': true, | ||
82 | 'r': true, | ||
83 | 's': true, | ||
84 | 't': true, | ||
85 | 'u': true, | ||
86 | 'v': true, | ||
87 | 'w': true, | ||
88 | 'x': true, | ||
89 | 'y': true, | ||
90 | 'z': true, | ||
91 | '|': true, | ||
92 | '~': true, | ||
93 | } | ||
94 | |||
95 | func IsTokenRune(r rune) bool { | ||
96 | i := int(r) | ||
97 | return i < len(isTokenTable) && isTokenTable[i] | ||
98 | } | ||
99 | |||
100 | func isNotToken(r rune) bool { | ||
101 | return !IsTokenRune(r) | ||
102 | } | ||
103 | |||
104 | // HeaderValuesContainsToken reports whether any string in values | ||
105 | // contains the provided token, ASCII case-insensitively. | ||
106 | func HeaderValuesContainsToken(values []string, token string) bool { | ||
107 | for _, v := range values { | ||
108 | if headerValueContainsToken(v, token) { | ||
109 | return true | ||
110 | } | ||
111 | } | ||
112 | return false | ||
113 | } | ||
114 | |||
115 | // isOWS reports whether b is an optional whitespace byte, as defined | ||
116 | // by RFC 7230 section 3.2.3. | ||
117 | func isOWS(b byte) bool { return b == ' ' || b == '\t' } | ||
118 | |||
119 | // trimOWS returns x with all optional whitespace removes from the | ||
120 | // beginning and end. | ||
121 | func trimOWS(x string) string { | ||
122 | // TODO: consider using strings.Trim(x, " \t") instead, | ||
123 | // if and when it's fast enough. See issue 10292. | ||
124 | // But this ASCII-only code will probably always beat UTF-8 | ||
125 | // aware code. | ||
126 | for len(x) > 0 && isOWS(x[0]) { | ||
127 | x = x[1:] | ||
128 | } | ||
129 | for len(x) > 0 && isOWS(x[len(x)-1]) { | ||
130 | x = x[:len(x)-1] | ||
131 | } | ||
132 | return x | ||
133 | } | ||
134 | |||
135 | // headerValueContainsToken reports whether v (assumed to be a | ||
136 | // 0#element, in the ABNF extension described in RFC 7230 section 7) | ||
137 | // contains token amongst its comma-separated tokens, ASCII | ||
138 | // case-insensitively. | ||
139 | func headerValueContainsToken(v string, token string) bool { | ||
140 | for comma := strings.IndexByte(v, ','); comma != -1; comma = strings.IndexByte(v, ',') { | ||
141 | if tokenEqual(trimOWS(v[:comma]), token) { | ||
142 | return true | ||
143 | } | ||
144 | v = v[comma+1:] | ||
145 | } | ||
146 | return tokenEqual(trimOWS(v), token) | ||
147 | } | ||
148 | |||
149 | // lowerASCII returns the ASCII lowercase version of b. | ||
150 | func lowerASCII(b byte) byte { | ||
151 | if 'A' <= b && b <= 'Z' { | ||
152 | return b + ('a' - 'A') | ||
153 | } | ||
154 | return b | ||
155 | } | ||
156 | |||
157 | // tokenEqual reports whether t1 and t2 are equal, ASCII case-insensitively. | ||
158 | func tokenEqual(t1, t2 string) bool { | ||
159 | if len(t1) != len(t2) { | ||
160 | return false | ||
161 | } | ||
162 | for i, b := range t1 { | ||
163 | if b >= utf8.RuneSelf { | ||
164 | // No UTF-8 or non-ASCII allowed in tokens. | ||
165 | return false | ||
166 | } | ||
167 | if lowerASCII(byte(b)) != lowerASCII(t2[i]) { | ||
168 | return false | ||
169 | } | ||
170 | } | ||
171 | return true | ||
172 | } | ||
173 | |||
174 | // isLWS reports whether b is linear white space, according | ||
175 | // to http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2 | ||
176 | // | ||
177 | // LWS = [CRLF] 1*( SP | HT ) | ||
178 | func isLWS(b byte) bool { return b == ' ' || b == '\t' } | ||
179 | |||
180 | // isCTL reports whether b is a control byte, according | ||
181 | // to http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2 | ||
182 | // | ||
183 | // CTL = <any US-ASCII control character | ||
184 | // (octets 0 - 31) and DEL (127)> | ||
185 | func isCTL(b byte) bool { | ||
186 | const del = 0x7f // a CTL | ||
187 | return b < ' ' || b == del | ||
188 | } | ||
189 | |||
190 | // ValidHeaderFieldName reports whether v is a valid HTTP/1.x header name. | ||
191 | // HTTP/2 imposes the additional restriction that uppercase ASCII | ||
192 | // letters are not allowed. | ||
193 | // | ||
194 | // RFC 7230 says: | ||
195 | // | ||
196 | // header-field = field-name ":" OWS field-value OWS | ||
197 | // field-name = token | ||
198 | // token = 1*tchar | ||
199 | // tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." / | ||
200 | // "^" / "_" / "`" / "|" / "~" / DIGIT / ALPHA | ||
201 | func ValidHeaderFieldName(v string) bool { | ||
202 | if len(v) == 0 { | ||
203 | return false | ||
204 | } | ||
205 | for _, r := range v { | ||
206 | if !IsTokenRune(r) { | ||
207 | return false | ||
208 | } | ||
209 | } | ||
210 | return true | ||
211 | } | ||
212 | |||
213 | // ValidHostHeader reports whether h is a valid host header. | ||
214 | func ValidHostHeader(h string) bool { | ||
215 | // The latest spec is actually this: | ||
216 | // | ||
217 | // http://tools.ietf.org/html/rfc7230#section-5.4 | ||
218 | // Host = uri-host [ ":" port ] | ||
219 | // | ||
220 | // Where uri-host is: | ||
221 | // http://tools.ietf.org/html/rfc3986#section-3.2.2 | ||
222 | // | ||
223 | // But we're going to be much more lenient for now and just | ||
224 | // search for any byte that's not a valid byte in any of those | ||
225 | // expressions. | ||
226 | for i := 0; i < len(h); i++ { | ||
227 | if !validHostByte[h[i]] { | ||
228 | return false | ||
229 | } | ||
230 | } | ||
231 | return true | ||
232 | } | ||
233 | |||
234 | // See the validHostHeader comment. | ||
235 | var validHostByte = [256]bool{ | ||
236 | '0': true, '1': true, '2': true, '3': true, '4': true, '5': true, '6': true, '7': true, | ||
237 | '8': true, '9': true, | ||
238 | |||
239 | 'a': true, 'b': true, 'c': true, 'd': true, 'e': true, 'f': true, 'g': true, 'h': true, | ||
240 | 'i': true, 'j': true, 'k': true, 'l': true, 'm': true, 'n': true, 'o': true, 'p': true, | ||
241 | 'q': true, 'r': true, 's': true, 't': true, 'u': true, 'v': true, 'w': true, 'x': true, | ||
242 | 'y': true, 'z': true, | ||
243 | |||
244 | 'A': true, 'B': true, 'C': true, 'D': true, 'E': true, 'F': true, 'G': true, 'H': true, | ||
245 | 'I': true, 'J': true, 'K': true, 'L': true, 'M': true, 'N': true, 'O': true, 'P': true, | ||
246 | 'Q': true, 'R': true, 'S': true, 'T': true, 'U': true, 'V': true, 'W': true, 'X': true, | ||
247 | 'Y': true, 'Z': true, | ||
248 | |||
249 | '!': true, // sub-delims | ||
250 | '$': true, // sub-delims | ||
251 | '%': true, // pct-encoded (and used in IPv6 zones) | ||
252 | '&': true, // sub-delims | ||
253 | '(': true, // sub-delims | ||
254 | ')': true, // sub-delims | ||
255 | '*': true, // sub-delims | ||
256 | '+': true, // sub-delims | ||
257 | ',': true, // sub-delims | ||
258 | '-': true, // unreserved | ||
259 | '.': true, // unreserved | ||
260 | ':': true, // IPv6address + Host expression's optional port | ||
261 | ';': true, // sub-delims | ||
262 | '=': true, // sub-delims | ||
263 | '[': true, | ||
264 | '\'': true, // sub-delims | ||
265 | ']': true, | ||
266 | '_': true, // unreserved | ||
267 | '~': true, // unreserved | ||
268 | } | ||
269 | |||
270 | // ValidHeaderFieldValue reports whether v is a valid "field-value" according to | ||
271 | // http://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2 : | ||
272 | // | ||
273 | // message-header = field-name ":" [ field-value ] | ||
274 | // field-value = *( field-content | LWS ) | ||
275 | // field-content = <the OCTETs making up the field-value | ||
276 | // and consisting of either *TEXT or combinations | ||
277 | // of token, separators, and quoted-string> | ||
278 | // | ||
279 | // http://www.w3.org/Protocols/rfc2616/rfc2616-sec2.html#sec2.2 : | ||
280 | // | ||
281 | // TEXT = <any OCTET except CTLs, | ||
282 | // but including LWS> | ||
283 | // LWS = [CRLF] 1*( SP | HT ) | ||
284 | // CTL = <any US-ASCII control character | ||
285 | // (octets 0 - 31) and DEL (127)> | ||
286 | // | ||
287 | // RFC 7230 says: | ||
288 | // | ||
289 | // field-value = *( field-content / obs-fold ) | ||
290 | // obj-fold = N/A to http2, and deprecated | ||
291 | // field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] | ||
292 | // field-vchar = VCHAR / obs-text | ||
293 | // obs-text = %x80-FF | ||
294 | // VCHAR = "any visible [USASCII] character" | ||
295 | // | ||
296 | // http2 further says: "Similarly, HTTP/2 allows header field values | ||
297 | // that are not valid. While most of the values that can be encoded | ||
298 | // will not alter header field parsing, carriage return (CR, ASCII | ||
299 | // 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII | ||
300 | // 0x0) might be exploited by an attacker if they are translated | ||
301 | // verbatim. Any request or response that contains a character not | ||
302 | // permitted in a header field value MUST be treated as malformed | ||
303 | // (Section 8.1.2.6). Valid characters are defined by the | ||
304 | // field-content ABNF rule in Section 3.2 of [RFC7230]." | ||
305 | // | ||
306 | // This function does not (yet?) properly handle the rejection of | ||
307 | // strings that begin or end with SP or HTAB. | ||
308 | func ValidHeaderFieldValue(v string) bool { | ||
309 | for i := 0; i < len(v); i++ { | ||
310 | b := v[i] | ||
311 | if isCTL(b) && !isLWS(b) { | ||
312 | return false | ||
313 | } | ||
314 | } | ||
315 | return true | ||
316 | } | ||
317 | |||
318 | func isASCII(s string) bool { | ||
319 | for i := 0; i < len(s); i++ { | ||
320 | if s[i] >= utf8.RuneSelf { | ||
321 | return false | ||
322 | } | ||
323 | } | ||
324 | return true | ||
325 | } | ||
326 | |||
327 | // PunycodeHostPort returns the IDNA Punycode version | ||
328 | // of the provided "host" or "host:port" string. | ||
329 | func PunycodeHostPort(v string) (string, error) { | ||
330 | if isASCII(v) { | ||
331 | return v, nil | ||
332 | } | ||
333 | |||
334 | host, port, err := net.SplitHostPort(v) | ||
335 | if err != nil { | ||
336 | // The input 'v' argument was just a "host" argument, | ||
337 | // without a port. This error should not be returned | ||
338 | // to the caller. | ||
339 | host = v | ||
340 | port = "" | ||
341 | } | ||
342 | host, err = idna.ToASCII(host) | ||
343 | if err != nil { | ||
344 | // Non-UTF-8? Not representable in Punycode, in any | ||
345 | // case. | ||
346 | return "", err | ||
347 | } | ||
348 | if port == "" { | ||
349 | return host, nil | ||
350 | } | ||
351 | return net.JoinHostPort(host, port), nil | ||
352 | } | ||