From 8f6fe1de83b1f3dcd189358cc189c5959da4b279 Mon Sep 17 00:00:00 2001 From: Shannon Booth Date: Sat, 23 Nov 2024 20:10:34 +1300 Subject: [PATCH] LibURL+LibWeb: Make URL serialization return a String This can only ever fail from OOM, and will never by string containing random byte sequences. --- Libraries/LibURL/Origin.cpp | 11 ++++++----- Libraries/LibURL/Origin.h | 2 +- Libraries/LibWeb/DOMURL/DOMURL.cpp | 6 ++---- Libraries/LibWeb/DOMURL/DOMURL.h | 2 +- .../LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp | 2 +- Libraries/LibWeb/FileAPI/BlobURLStore.cpp | 2 +- Libraries/LibWeb/HTML/EventSource.cpp | 2 +- Libraries/LibWeb/HTML/HTMLHyperlinkElementUtils.cpp | 2 +- Libraries/LibWeb/HTML/Location.cpp | 4 +--- Libraries/LibWeb/HTML/Window.cpp | 4 ++-- Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.cpp | 6 ++---- Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.h | 2 +- Libraries/LibWeb/HTML/WorkerLocation.cpp | 5 ++--- Libraries/LibWeb/HTML/WorkerLocation.h | 2 +- Libraries/LibWeb/WebSockets/WebSocket.cpp | 2 +- 15 files changed, 24 insertions(+), 30 deletions(-) diff --git a/Libraries/LibURL/Origin.cpp b/Libraries/LibURL/Origin.cpp index e47e4e0d91f..2ce5a56fad8 100644 --- a/Libraries/LibURL/Origin.cpp +++ b/Libraries/LibURL/Origin.cpp @@ -10,11 +10,11 @@ namespace URL { // https://html.spec.whatwg.org/multipage/origin.html#ascii-serialisation-of-an-origin -ByteString Origin::serialize() const +String Origin::serialize() const { // 1. If origin is an opaque origin, then return "null" if (is_opaque()) - return "null"; + return "null"_string; // 2. Otherwise, let result be origin's scheme. StringBuilder result; @@ -24,15 +24,16 @@ ByteString Origin::serialize() const result.append("://"sv); // 4. Append origin's host, serialized, to result. - result.append(Parser::serialize_host(host()).release_value_but_fixme_should_propagate_errors().to_byte_string()); + result.append(MUST(Parser::serialize_host(host()))); // 5. If origin's port is non-null, append a U+003A COLON character (:), and origin's port, serialized, to result. if (port().has_value()) { result.append(':'); - result.append(ByteString::number(*port())); + result.append(String::number(*port())); } + // 6. Return result - return result.to_byte_string(); + return result.to_string_without_validation(); } } diff --git a/Libraries/LibURL/Origin.h b/Libraries/LibURL/Origin.h index 9232fabf91b..07901a1332b 100644 --- a/Libraries/LibURL/Origin.h +++ b/Libraries/LibURL/Origin.h @@ -71,7 +71,7 @@ public: } // https://html.spec.whatwg.org/multipage/origin.html#ascii-serialisation-of-an-origin - ByteString serialize() const; + String serialize() const; // https://html.spec.whatwg.org/multipage/origin.html#concept-origin-effective-domain Optional effective_domain() const diff --git a/Libraries/LibWeb/DOMURL/DOMURL.cpp b/Libraries/LibWeb/DOMURL/DOMURL.cpp index cf09682e70a..2a087ee6fc2 100644 --- a/Libraries/LibWeb/DOMURL/DOMURL.cpp +++ b/Libraries/LibWeb/DOMURL/DOMURL.cpp @@ -213,12 +213,10 @@ WebIDL::ExceptionOr DOMURL::set_href(String const& href) } // https://url.spec.whatwg.org/#dom-url-origin -WebIDL::ExceptionOr DOMURL::origin() const +String DOMURL::origin() const { - auto& vm = realm().vm(); - // The origin getter steps are to return the serialization of this’s URL’s origin. [HTML] - return TRY_OR_THROW_OOM(vm, String::from_byte_string(m_url.origin().serialize())); + return m_url.origin().serialize(); } // https://url.spec.whatwg.org/#dom-url-protocol diff --git a/Libraries/LibWeb/DOMURL/DOMURL.h b/Libraries/LibWeb/DOMURL/DOMURL.h index bb58d569d62..7dbe174b3c6 100644 --- a/Libraries/LibWeb/DOMURL/DOMURL.h +++ b/Libraries/LibWeb/DOMURL/DOMURL.h @@ -35,7 +35,7 @@ public: WebIDL::ExceptionOr href() const; WebIDL::ExceptionOr set_href(String const&); - WebIDL::ExceptionOr origin() const; + String origin() const; WebIDL::ExceptionOr protocol() const; WebIDL::ExceptionOr set_protocol(String const&); diff --git a/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp b/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp index 975970503ef..3765115878c 100644 --- a/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp +++ b/Libraries/LibWeb/Fetch/Infrastructure/HTTP/Requests.cpp @@ -194,7 +194,7 @@ String Request::serialize_origin() const return "null"_string; // 2. Return request’s origin, serialized. - return MUST(String::from_byte_string(m_origin.get().serialize())); + return m_origin.get().serialize(); } // https://fetch.spec.whatwg.org/#byte-serializing-a-request-origin diff --git a/Libraries/LibWeb/FileAPI/BlobURLStore.cpp b/Libraries/LibWeb/FileAPI/BlobURLStore.cpp index d27a42e561f..48e8c3b1178 100644 --- a/Libraries/LibWeb/FileAPI/BlobURLStore.cpp +++ b/Libraries/LibWeb/FileAPI/BlobURLStore.cpp @@ -43,7 +43,7 @@ ErrorOr generate_new_blob_url() // 6. If serialized is "null", set it to an implementation-defined value. if (serialized == "null"sv) - serialized = "ladybird"sv; + serialized = "ladybird"_string; // 7. Append serialized to result. TRY(result.try_append(serialized)); diff --git a/Libraries/LibWeb/HTML/EventSource.cpp b/Libraries/LibWeb/HTML/EventSource.cpp index 639b536ab05..cd91883c6f8 100644 --- a/Libraries/LibWeb/HTML/EventSource.cpp +++ b/Libraries/LibWeb/HTML/EventSource.cpp @@ -449,7 +449,7 @@ void EventSource::dispatch_the_event() // the value of the event type buffer. MessageEventInit init {}; init.data = JS::PrimitiveString::create(vm(), data_buffer); - init.origin = MUST(String::from_byte_string(m_url.origin().serialize())); + init.origin = m_url.origin().serialize(); init.last_event_id = last_event_id; auto type = m_event_type.is_empty() ? HTML::EventNames::message : m_event_type; diff --git a/Libraries/LibWeb/HTML/HTMLHyperlinkElementUtils.cpp b/Libraries/LibWeb/HTML/HTMLHyperlinkElementUtils.cpp index d574997db4a..e2d3aee52b4 100644 --- a/Libraries/LibWeb/HTML/HTMLHyperlinkElementUtils.cpp +++ b/Libraries/LibWeb/HTML/HTMLHyperlinkElementUtils.cpp @@ -52,7 +52,7 @@ String HTMLHyperlinkElementUtils::origin() const return String {}; // 3. Return the serialization of this element's url's origin. - return MUST(String::from_byte_string(m_url->origin().serialize())); + return m_url->origin().serialize(); } // https://html.spec.whatwg.org/multipage/links.html#dom-hyperlink-protocol diff --git a/Libraries/LibWeb/HTML/Location.cpp b/Libraries/LibWeb/HTML/Location.cpp index 8b18be3be3e..6e0105b546f 100644 --- a/Libraries/LibWeb/HTML/Location.cpp +++ b/Libraries/LibWeb/HTML/Location.cpp @@ -133,15 +133,13 @@ WebIDL::ExceptionOr Location::set_href(String const& new_href) // https://html.spec.whatwg.org/multipage/nav-history-apis.html#dom-location-origin WebIDL::ExceptionOr Location::origin() const { - auto& vm = this->vm(); - // 1. If this's relevant Document is non-null and its origin is not same origin-domain with the entry settings object's origin, then throw a "SecurityError" DOMException. auto const relevant_document = this->relevant_document(); if (relevant_document && !relevant_document->origin().is_same_origin_domain(entry_settings_object().origin())) return WebIDL::SecurityError::create(realm(), "Location's relevant document is not same origin-domain with the entry settings object's origin"_string); // 2. Return the serialization of this's url's origin. - return TRY_OR_THROW_OOM(vm, String::from_byte_string(url().origin().serialize())); + return url().origin().serialize(); } // https://html.spec.whatwg.org/multipage/history.html#dom-location-protocol diff --git a/Libraries/LibWeb/HTML/Window.cpp b/Libraries/LibWeb/HTML/Window.cpp index 7184cd9d360..771d6345ca9 100644 --- a/Libraries/LibWeb/HTML/Window.cpp +++ b/Libraries/LibWeb/HTML/Window.cpp @@ -1077,7 +1077,7 @@ WebIDL::ExceptionOr Window::window_post_message_steps(JS::Value message, W // with the origin attribute initialized to origin and the source attribute initialized to source, and then return. if (deserialize_record_or_error.is_exception()) { MessageEventInit message_event_init {}; - message_event_init.origin = MUST(String::from_byte_string(origin)); + message_event_init.origin = origin; message_event_init.source = GC::make_root(source); auto message_error_event = MessageEvent::create(target_realm, EventNames::messageerror, message_event_init); @@ -1103,7 +1103,7 @@ WebIDL::ExceptionOr Window::window_post_message_steps(JS::Value message, W // the source attribute initialized to source, the data attribute initialized to messageClone, and the ports attribute // initialized to newPorts. MessageEventInit message_event_init {}; - message_event_init.origin = MUST(String::from_byte_string(origin)); + message_event_init.origin = origin; message_event_init.source = GC::make_root(source); message_event_init.data = message_clone; message_event_init.ports = move(new_ports); diff --git a/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.cpp b/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.cpp index 4d93c84cc5d..29d2abe1578 100644 --- a/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.cpp +++ b/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.cpp @@ -83,12 +83,10 @@ void WindowOrWorkerGlobalScopeMixin::finalize() } // https://html.spec.whatwg.org/multipage/webappapis.html#dom-origin -WebIDL::ExceptionOr WindowOrWorkerGlobalScopeMixin::origin() const +String WindowOrWorkerGlobalScopeMixin::origin() const { - auto& vm = this_impl().vm(); - // The origin getter steps are to return this's relevant settings object's origin, serialized. - return TRY_OR_THROW_OOM(vm, String::from_byte_string(relevant_settings_object(this_impl()).origin().serialize())); + return relevant_settings_object(this_impl()).origin().serialize(); } // https://html.spec.whatwg.org/multipage/webappapis.html#dom-issecurecontext diff --git a/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.h b/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.h index 418ebc13ab2..4a651e96320 100644 --- a/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.h +++ b/Libraries/LibWeb/HTML/WindowOrWorkerGlobalScope.h @@ -33,7 +33,7 @@ public: virtual Bindings::PlatformObject const& this_impl() const = 0; // JS API functions - WebIDL::ExceptionOr origin() const; + String origin() const; bool is_secure_context() const; bool cross_origin_isolated() const; GC::Ref create_image_bitmap(ImageBitmapSource image, Optional options = {}) const; diff --git a/Libraries/LibWeb/HTML/WorkerLocation.cpp b/Libraries/LibWeb/HTML/WorkerLocation.cpp index 09687ac29d2..9a5232ccab5 100644 --- a/Libraries/LibWeb/HTML/WorkerLocation.cpp +++ b/Libraries/LibWeb/HTML/WorkerLocation.cpp @@ -22,11 +22,10 @@ WebIDL::ExceptionOr WorkerLocation::href() const } // https://html.spec.whatwg.org/multipage/workers.html#dom-workerlocation-origin -WebIDL::ExceptionOr WorkerLocation::origin() const +String WorkerLocation::origin() const { - auto& vm = realm().vm(); // The origin getter steps are to return the serialization of this's WorkerGlobalScope object's url's origin. - return TRY_OR_THROW_OOM(vm, String::from_byte_string(m_global_scope->url().origin().serialize())); + return m_global_scope->url().origin().serialize(); } // https://html.spec.whatwg.org/multipage/workers.html#dom-workerlocation-protocol diff --git a/Libraries/LibWeb/HTML/WorkerLocation.h b/Libraries/LibWeb/HTML/WorkerLocation.h index c60092f6b77..17f352bb03c 100644 --- a/Libraries/LibWeb/HTML/WorkerLocation.h +++ b/Libraries/LibWeb/HTML/WorkerLocation.h @@ -19,7 +19,7 @@ public: virtual ~WorkerLocation() override; WebIDL::ExceptionOr href() const; - WebIDL::ExceptionOr origin() const; + String origin() const; WebIDL::ExceptionOr protocol() const; WebIDL::ExceptionOr host() const; WebIDL::ExceptionOr hostname() const; diff --git a/Libraries/LibWeb/WebSockets/WebSocket.cpp b/Libraries/LibWeb/WebSockets/WebSocket.cpp index 754c4dc8a2c..51373086baa 100644 --- a/Libraries/LibWeb/WebSockets/WebSocket.cpp +++ b/Libraries/LibWeb/WebSockets/WebSocket.cpp @@ -124,7 +124,7 @@ ErrorOr WebSocket::establish_web_socket_connection(URL::URL& url_record, V auto* window_or_worker = dynamic_cast(&client.global_object()); VERIFY(window_or_worker); - auto origin_string = MUST(window_or_worker->origin()).to_byte_string(); + auto origin_string = window_or_worker->origin().to_byte_string(); Vector protcol_byte_strings; for (auto const& protocol : protocols)