Rewrite without regex

Signed-off-by: Wetitpig <[email protected]>

besu/src/main/java/org/hyperledger/besu/cli/custom/CorsAllowedOriginsProperty.java

@@ -20,9 +20,6 @@
 import java.util.Collections;
 import java.util.Iterator;
 import java.util.List;
-import java.util.StringJoiner;
-import java.util.regex.Pattern;
-import java.util.regex.PatternSyntaxException;
 import javax.annotation.Nonnull;
 
 import com.google.common.base.Splitter;
@@ -85,14 +82,6 @@ public boolean addAll(final Collection<? extends String> collection) {
       if (domains.size() > 1) {
         throw new IllegalArgumentException("Values '*' or 'all' can't be used with other domains");
       }
-    } else {
-      try {
-        final StringJoiner stringJoiner = new StringJoiner("|");
-        domains.forEach(stringJoiner::add);
-        Pattern.compile(stringJoiner.toString());
-      } catch (final PatternSyntaxException e) {
-        throw new IllegalArgumentException("Domain values result in invalid regex pattern", e);
-      }
     }
 
     return domains.size() != initialSize;

besu/src/test/java/org/hyperledger/besu/cli/BesuCommandTest.java

@@ -3153,18 +3153,6 @@ public void rpcHttpCorsOriginsWildcardWithAnotherDomainMustFailAsFlags() {
         .contains("Values '*' or 'all' can't be used with other domains");
   }
 
-  @Test
-  public void rpcHttpCorsOriginsInvalidRegexShouldFail() {
-    final String[] origins = {"**"};
-    parseCommand("--rpc-http-cors-origins", String.join(",", origins));
-
-    Mockito.verifyNoInteractions(mockRunnerBuilder);
-
-    assertThat(commandOutput.toString(UTF_8)).isEmpty();
-    assertThat(commandErrorOutput.toString(UTF_8))
-        .contains("Domain values result in invalid regex pattern");
-  }
-
   @Test
   public void rpcHttpCorsOriginsEmptyValueFails() {
     parseCommand("--rpc-http-cors-origins=");

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/HttpConfiguration.java

@@ -48,7 +48,7 @@ public void setHost(final String host) {
     this.host = host;
   }
 
-  public Collection<String> getCorsAllowedDomains() {
+  public List<String> getCorsAllowedDomains() {
     return corsAllowedDomains;
   }
 
@@ -57,6 +57,7 @@ public void setCorsAllowedDomains(final List<String> corsAllowedDomains) {
       this.corsAllowedDomains =
           corsAllowedDomains.stream().filter(s -> !s.isEmpty()).collect(Collectors.toList());
     }
+    this.corsAllowedDomains.removeIf(s -> s.isEmpty());
   }
 
   public Collection<String> getHostsAllowlist() {

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/graphql/GraphQLHttpService.java

@@ -25,7 +25,6 @@
 import org.hyperledger.besu.ethereum.api.graphql.internal.response.GraphQLSuccessResponse;
 import org.hyperledger.besu.ethereum.api.handlers.HandlerFactory;
 import org.hyperledger.besu.ethereum.api.handlers.TimeoutOptions;
-import org.hyperledger.besu.ethereum.api.util.BuildCorsHandler;
 import org.hyperledger.besu.util.NetworkUtility;
 
 import java.net.InetSocketAddress;
@@ -144,7 +143,7 @@ public CompletableFuture<?> start() {
     // Verify Host header to avoid rebind attack.
     router.route().handler(HandlerFactory.validateHost(config));
 
-    router.route().handler(BuildCorsHandler.create(config));
+    router.route().handler(HandlerFactory.buildCors(config));
     router
         .route()
         .handler(

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/util/BuildCorsHandler.java → ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/handlers/BuildCorsHandler.java

@@ -12,35 +12,24 @@
  *
  * SPDX-License-Identifier: Apache-2.0
  */
-package org.hyperledger.besu.ethereum.api.util;
+package org.hyperledger.besu.ethereum.api.handlers;
 
 import org.hyperledger.besu.ethereum.api.HttpConfiguration;
 
-import java.util.StringJoiner;
-
 import io.vertx.core.Handler;
 import io.vertx.ext.web.RoutingContext;
 import io.vertx.ext.web.handler.CorsHandler;
 
 public class BuildCorsHandler {
   private BuildCorsHandler() {}
 
-  public static Handler<RoutingContext> create(final HttpConfiguration config) {
-    return CorsHandler.create(buildCorsRegexFromConfig(config))
-        .allowedHeader("*")
-        .allowedHeader("content-type");
-  }
-
-  private static String buildCorsRegexFromConfig(final HttpConfiguration config) {
+  public static Handler<RoutingContext> handler(final HttpConfiguration config) {
+    CorsHandler handle = CorsHandler.create().allowedHeader("*").allowedHeader("content-type");
     if (config.getCorsAllowedDomains().isEmpty()) {
-      return "";
-    }
-    if (config.getCorsAllowedDomains().contains("*")) {
-      return ".*";
-    } else {
-      final StringJoiner stringJoiner = new StringJoiner("|");
-      config.getCorsAllowedDomains().stream().filter(s -> !s.isEmpty()).forEach(stringJoiner::add);
-      return stringJoiner.toString();
+      handle.addRelativeOrigin("");
+    } else if (!config.getCorsAllowedDomains().contains("*")) {
+      handle.addOrigins(config.getCorsAllowedDomains());
     }
+    return handle;
   }
 }

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/handlers/HandlerFactory.java

@@ -65,4 +65,8 @@ public static Handler<HttpConnection> maxConnections(
   public static Handler<RoutingContext> validateHost(final HttpConfiguration config) {
     return HostValidator.handler(config);
   }
+
+  public static Handler<RoutingContext> buildCors(final HttpConfiguration config) {
+    return BuildCorsHandler.handler(config);
+  }
 }

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/handlers/HostValidator.java

@@ -57,7 +57,7 @@ private static Optional<String> getAndValidateHostHeader(final RoutingContext ev
     String hostname =
         event.request().getHeader(HttpHeaders.HOST) != null
             ? event.request().getHeader(HttpHeaders.HOST)
-            : event.request().host();
+            : event.request().authority().host();
     final Iterable<String> splitHostHeader = Splitter.on(':').split(hostname);
     final long hostPieces = stream(splitHostHeader).count();
     if (hostPieces > 1) {

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/EngineJsonRpcService.java

@@ -38,7 +38,6 @@
 import org.hyperledger.besu.ethereum.api.jsonrpc.websocket.subscription.SubscriptionManager;
 import org.hyperledger.besu.ethereum.api.tls.TlsClientAuthConfiguration;
 import org.hyperledger.besu.ethereum.api.tls.TlsConfiguration;
-import org.hyperledger.besu.ethereum.api.util.BuildCorsHandler;
 import org.hyperledger.besu.ethereum.eth.manager.EthScheduler;
 import org.hyperledger.besu.metrics.BesuMetricCategory;
 import org.hyperledger.besu.metrics.opentelemetry.OpenTelemetrySystem;
@@ -412,7 +411,7 @@ private Router buildRouter() {
     // Verify Host header to avoid rebind attack.
     router.route().handler(HandlerFactory.validateHost(config));
     router.errorHandler(403, new Logging403ErrorHandler());
-    router.route().handler(BuildCorsHandler.create(config));
+    router.route().handler(HandlerFactory.buildCors(config));
     router
         .route()
         .handler(

ethereum/api/src/main/java/org/hyperledger/besu/ethereum/api/jsonrpc/JsonRpcHttpService.java

@@ -31,7 +31,6 @@
 import org.hyperledger.besu.ethereum.api.jsonrpc.internal.methods.JsonRpcMethod;
 import org.hyperledger.besu.ethereum.api.tls.TlsClientAuthConfiguration;
 import org.hyperledger.besu.ethereum.api.tls.TlsConfiguration;
-import org.hyperledger.besu.ethereum.api.util.BuildCorsHandler;
 import org.hyperledger.besu.metrics.BesuMetricCategory;
 import org.hyperledger.besu.metrics.opentelemetry.OpenTelemetrySystem;
 import org.hyperledger.besu.nat.NatMethod;
@@ -276,7 +275,7 @@ private Router buildRouter() {
     // Verify Host header to avoid rebind attack.
     router.route().handler(HandlerFactory.validateHost(config));
     router.errorHandler(403, new Logging403ErrorHandler());
-    router.route().handler(BuildCorsHandler.create(config));
+    router.route().handler(HandlerFactory.buildCors(config));
     router
         .route()
         .handler(