Line data Source code
1 : /* This Source Code Form is subject to the terms of the Mozilla Public
2 : * License, v. 2.0. If a copy of the MPL was not distributed with this
3 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 :
5 : #ifndef nsSecurityHeaderParser_h
6 : #define nsSecurityHeaderParser_h
7 :
8 : #include "mozilla/LinkedList.h"
9 : #include "nsCOMPtr.h"
10 : #include "nsString.h"
11 :
12 : // Utility class for handing back parsed directives and (optional) values
13 0 : class nsSecurityHeaderDirective : public mozilla::LinkedListElement<nsSecurityHeaderDirective> {
14 : public:
15 : nsCString mName;
16 : nsCString mValue;
17 : };
18 :
19 : // This class parses security-related HTTP headers like
20 : // Strict-Transport-Security. The Augmented Backus-Naur Form syntax for this
21 : // header is reproduced below, for reference:
22 : //
23 : // Strict-Transport-Security = "Strict-Transport-Security" ":"
24 : // [ directive ] *( ";" [ directive ] )
25 : //
26 : // directive = directive-name [ "=" directive-value ]
27 : // directive-name = token
28 : // directive-value = token | quoted-string
29 : //
30 : // where:
31 : //
32 : // token = <token, defined in [RFC2616], Section 2.2>
33 : // quoted-string = <quoted-string, defined in [RFC2616], Section 2.2>/
34 : //
35 : // For further reference, see [RFC6797], Section 6.1
36 :
37 : class nsSecurityHeaderParser {
38 : public:
39 : // The input to this class must be null-terminated, and must have a lifetime
40 : // greater than or equal to the lifetime of the created nsSecurityHeaderParser.
41 : explicit nsSecurityHeaderParser(const nsCString& aHeader);
42 : ~nsSecurityHeaderParser();
43 :
44 : // Only call Parse once.
45 : nsresult Parse();
46 : // The caller does not take ownership of the memory returned here.
47 : mozilla::LinkedList<nsSecurityHeaderDirective> *GetDirectives();
48 :
49 : private:
50 : bool Accept(char aChr);
51 : bool Accept(bool (*aClassifier) (signed char));
52 : void Expect(char aChr);
53 : void Advance();
54 : void Header(); // header = [ directive ] *( ";" [ directive ] )
55 : void Directive(); // directive = directive-name [ "=" directive-value ]
56 : void DirectiveName(); // directive-name = token
57 : void DirectiveValue(); // directive-value = token | quoted-string
58 : void Token(); // token = 1*<any CHAR except CTLs or separators>
59 : void QuotedString(); // quoted-string = (<"> *( qdtext | quoted-pair ) <">)
60 : void QuotedText(); // qdtext = <any TEXT except <"> and "\">
61 : void QuotedPair(); // quoted-pair = "\" CHAR
62 :
63 : // LWS = [CRLF] 1*( SP | HT )
64 : void LWSMultiple(); // Handles *( LWS )
65 : void LWSCRLF(); // Handles the [CRLF] part of LWS
66 : void LWS(); // Handles the 1*( SP | HT ) part of LWS
67 :
68 : mozilla::LinkedList<nsSecurityHeaderDirective> mDirectives;
69 : const char *mCursor;
70 : nsSecurityHeaderDirective *mDirective;
71 :
72 : nsCString mOutput;
73 : bool mError;
74 : };
75 :
76 : #endif // nsSecurityHeaderParser_h
|
