commit ba9297eabfe89f9df07465c9ac5cf3d32bb3a874
parent 26bda4be1bac7ebc95ddf91d47e07b798c11d679
Author: Johann150 <johann.galle@protonmail.com>
Date: Wed, 7 Apr 2021 23:54:44 +0200
implement stricter requirements for request URLs
Addresses changes in the specification, namely these stricter requirements:
https://gitlab.com/gemini-specification/protocol/-/blob/0235100151b57d9f5c3384acdacb4ad9986f7ae4/specification.gmi#L153-155
Diffstat:
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/src/main.rs b/src/main.rs
@@ -379,11 +379,18 @@ impl RequestHandle {
let url = Url::parse(request).or(Err((59, "Invalid URL")))?;
- // Validate the URL, host and port.
+ // Validate the URL:
+ // correct scheme
if url.scheme() != "gemini" {
return Err((53, "Unsupported URL scheme"));
}
+ // no userinfo and no fragment
+ if url.password().is_some() || !url.username().is_empty() || url.fragment().is_some() {
+ return Err((59, "URL contains fragment or userinfo"));
+ }
+
+ // correct host
if let Some(host) = url.host() {
// do not use "contains" here since it requires the same type and does
// not allow to check for Host<&str> if the vec contains Hostname<String>
@@ -394,6 +401,7 @@ impl RequestHandle {
return Err((59, "URL does not contain a host"));
}
+ // correct port
if let Some(port) = url.port() {
// Validate that the port in the URL is the same as for the stream this request came in on.
if port != self.stream.get_ref().0.local_addr().unwrap().port() {
