Update PublicSuffixMatcher to use "formal algorithm" #566
Conversation
…o preserve old behaviour
Co-authored-by: Braedon Vickers <[email protected]>
…r to avoid re-execution of the original request in case of an i/o error
| @@ -111,7 +111,7 @@ void testParseLocal() { | |||
|
|
|||
| cookie.setDomain(".blah"); | |||
| cookie.setAttribute(Cookie.DOMAIN_ATTR, ".blah"); | |||
| Assertions.assertTrue(filter.match(cookie, new CookieOrigin("somehost.blah", 80, "/stuff", false))); | |||
| Assertions.assertFalse(filter.match(cookie, new CookieOrigin("somehost.blah", 80, "/stuff", false))); | |||
There was a problem hiding this comment.
One shouldn't be allowed to set a cookie for the "blah" TLD as this is a potential security risk so we inverted the assertion as we believe the new behaviour is more secure.
| @@ -258,11 +259,11 @@ void testIdentityMatching() { | |||
| Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher)); | |||
| Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "a.b.xxx.uk", publicSuffixMatcher)); | |||
|
|
|||
| Assertions.assertTrue(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher)); | |||
| Assertions.assertTrue(DefaultHostnameVerifier.matchIdentityStrict("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher)); | |||
| Assertions.assertFalse(DefaultHostnameVerifier.matchIdentity("a.b.xxx.uk", "*.b.xxx.uk", publicSuffixMatcher)); | |||
There was a problem hiding this comment.
Having a wildcard certificate for a whole public suffic ("b.xx.uk" in this case) feels like it shouldn't be allowed but we don't know enough about the rules of SSL certs to know for sure. For now we have updated the tests to pass according to the PSL algorithm but would value further input here.
There was a problem hiding this comment.
I'm wondering if the legacy mode should be an enum instead of a boolean. This would avoid futher API changes in case there are more changes needed. Let's see what @ok2c thinks.
@massdosage Let's simplify things. I do not think we need to preserve the old legacy behavior, especially it is wrong. Please drop the parameter and the related conditional code. |
|
@garydgregory @ok2c thanks for the prompt initial review. I've removed the |
|
@massdosage I am fine with your changes to the |
|
@massdosage These are the additional changes that I have made on top of your pull request: ok2c/httpcomponents-client@77aefb6. Please take a look. If they look reasonable to you, I will merge your pull request and apply my changes on top of it. |
|
@ok2c thanks, I took a look, we haven't used the |
|
@massdosage RFC 9525 is a new document which HttpClient does not conform to yet. What we need to ensure that HttpClient conforms to RFC2818
But it looks like they did. Please see https://issues.apache.org/jira/browse/HTTPCLIENT-2247 |
|
OK, for RFC2818 it looks like one just needs to implement the wildcard at the "level" in the domain name it's specified but not any "lower". One could do that with just string matching and not even involve the PublicSuffixList. Either way, you know more about the code here and why it is the way it currently is and what future plans are so I'm happy to go with this being merged and your changes being applied afterwards if that works for you. I'm also happy to help out here and in future if there is anything related I can do. |
|
@massdosage Committed as 715ec11 |
|
Great, thank you! We'll keep an eye out for the |
|
Hello @massdosage This PR apparently is reference on the ML at https://lists.apache.org/thread/mwhzx1n9v3317fj6x050nkozvdkszvo9 as the breaking change for local builds on my PC. With the HEAD of git master, running: I get: Running on: Please advise. Gary |
|
Let's discuss on the dev mailing list to keep things in one place if that's OK? |
👍 |
See https://issues.apache.org/jira/browse/HTTPCLIENT-2336 for context.
After porting over the tests for the formal algorithm from https://github.com/publicsuffix/list/blob/master/tests/test_psl.txt we then proceeded to make a number of changes to get them all to pass. Since this a non-backwards compatible (but hopefully more correct) change in behaviour we have introduced the concept of a "legacy mode" which could be enabled to ease a transition between behaviours but we have favoured the new behaviour and adjusted the existing tests accordingly.
There are obviously different ways we could approach this so would appreciate input and suggestions.