From 09d9e0378e82412a9be8cff31355b4a1a83a56e0 Mon Sep 17 00:00:00 2001
From: Andrew Paseltiner <apaseltiner@google.com>
Date: Tue, 10 Dec 2024 08:44:16 -0500
Subject: [PATCH] Report invalid public suffix inputs as error instead of
 warning

For example, previously https://com would be reported as the warning
"URL components other than site (https://null) will be ignored".
---
 ts/src/header-validator/source.test.ts | 10 ++++++++
 ts/src/header-validator/validate.ts    | 32 ++++++++++++++------------
 2 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/ts/src/header-validator/source.test.ts b/ts/src/header-validator/source.test.ts
index d6cba708ef..9d398c2f30 100644
--- a/ts/src/header-validator/source.test.ts
+++ b/ts/src/header-validator/source.test.ts
@@ -283,6 +283,16 @@ const testCases: TestCase[] = [
       },
     ],
   },
+  {
+    name: 'destination-uses-public-suffix',
+    input: `{"destination": "https://com"}`,
+    expectedErrors: [
+      {
+        msg: 'hostname com does not correspond to a valid site',
+        path: ['destination'],
+      },
+    ],
+  },
 
   {
     name: 'filter-data-wrong-type',
diff --git a/ts/src/header-validator/validate.ts b/ts/src/header-validator/validate.ts
index d3d9fdb237..3a46807d70 100644
--- a/ts/src/header-validator/validate.ts
+++ b/ts/src/header-validator/validate.ts
@@ -340,7 +340,7 @@ function suitableScope(
   s: string,
   ctx: Context,
   label: string,
-  scope: (url: URL) => string
+  scope: (url: URL, ctx: Context) => Maybe<string>
 ): Maybe<string> {
   let url
   try {
@@ -361,24 +361,26 @@ function suitableScope(
     return Maybe.None
   }
 
-  const scoped = scope(url)
-  if (url.toString() !== new URL(scoped).toString()) {
-    ctx.warning(
-      `URL components other than ${label} (${scoped}) will be ignored`
-    )
-  }
-  return Maybe.some(scoped)
+  return scope(url, ctx).peek((scoped) => {
+    if (url.toString() !== new URL(scoped).toString()) {
+      ctx.warning(
+        `URL components other than ${label} (${scoped}) will be ignored`
+      )
+    }
+  })
 }
 
 export function suitableOrigin(s: string, ctx: Context): Maybe<string> {
-  return suitableScope(s, ctx, 'origin', (u) => u.origin)
+  return suitableScope(s, ctx, 'origin', (u) => Maybe.some(u.origin))
 }
 
 export function suitableSite(s: string, ctx: Context): Maybe<string> {
-  return suitableScope(
-    s,
-    ctx,
-    'site',
-    (u) => `${u.protocol}//${psl.get(u.hostname)}`
-  )
+  return suitableScope(s, ctx, 'site', (u, ctx) => {
+    const site = psl.get(u.hostname)
+    if (site === null) {
+      ctx.error(`hostname ${u.hostname} does not correspond to a valid site`)
+      return Maybe.None
+    }
+    return Maybe.some(`${u.protocol}//${site}`)
+  })
 }