[libsoup/hsts-policies-api: 1/2] HSTS: add API to get domains with policies

From: Claudio Saavedra <csaavedra src gnome org>
To: commits-list gnome org
Cc:
Subject: [libsoup/hsts-policies-api: 1/2] HSTS: add API to get domains with policies
Date: Fri, 2 Aug 2019 15:57:29 +0000 (UTC)
commit 1a573c607f50632e87d8148629b187fbea177847
Author: Claudio Saavedra <csaavedra igalia com>
Date:   Fri Aug 2 18:55:02 2019 +0300

    HSTS: add API to get domains with policies
    
    Add soup_hsts_enforcer_get_domains() which returns a list of domains
    for which there are HSTS policies. This API is needed to allow
    WebKit's data manager to handle HSTS policies.

 docs/reference/libsoup-2.4-sections.txt |  1 +
 libsoup/soup-hsts-enforcer.c            | 36 +++++++++++++++++++++++++++++++++
 libsoup/soup-hsts-enforcer.h            |  3 +++
 tests/hsts-test.c                       | 27 +++++++++++++++++++++++++
 4 files changed, 67 insertions(+)
---
diff --git a/docs/reference/libsoup-2.4-sections.txt b/docs/reference/libsoup-2.4-sections.txt
index b36a16e9..be87fb9d 100644
--- a/docs/reference/libsoup-2.4-sections.txt
+++ b/docs/reference/libsoup-2.4-sections.txt
@@ -1402,6 +1402,7 @@ soup_hsts_enforcer_is_persistent
 soup_hsts_enforcer_has_valid_policy
 soup_hsts_enforcer_set_policy
 soup_hsts_enforcer_set_session_policy
+soup_hsts_enforcer_get_domains
 <SUBSECTION>
 SoupHSTSPolicy
 soup_hsts_policy_new
diff --git a/libsoup/soup-hsts-enforcer.c b/libsoup/soup-hsts-enforcer.c
index 3e971e4e..0d99fad2 100644
--- a/libsoup/soup-hsts-enforcer.c
+++ b/libsoup/soup-hsts-enforcer.c
@@ -649,3 +649,39 @@ soup_hsts_enforcer_has_valid_policy (SoupHSTSEnforcer *hsts_enforcer,
 
        return retval;
 }
+
+static void
+add_domain_to_list (gpointer key,
+                   gpointer value,
+                   gpointer data)
+{
+       GList **domains = (GList **) data;
+       *domains = g_list_prepend (*domains, g_strdup ((char*)key));
+}
+
+/**
+ * soup_hsts_enforcer_get_domains:
+ * @hsts_enforcer: a #SoupHSTSEnforcer
+ *
+ * Gets a list of domains for which there are policies in
+ * @enforcer. Note that this returns both session and non-session
+ * policies.
+ *
+ * Since: 2.68
+ *
+ * Returns: (element-type utf8) (transfer full): a newly allocated
+ * list of domains. Use g_list_free_full() and g_free() to free the
+ * list.
+ **/
+GList*
+soup_hsts_enforcer_get_domains (SoupHSTSEnforcer *hsts_enforcer)
+{
+       GList *domains = NULL;
+
+       g_return_val_if_fail (SOUP_IS_HSTS_ENFORCER (hsts_enforcer), NULL);
+
+       g_hash_table_foreach (hsts_enforcer->priv->host_policies, add_domain_to_list, &domains);
+       g_hash_table_foreach (hsts_enforcer->priv->session_policies, add_domain_to_list, &domains);
+
+       return domains;
+}
diff --git a/libsoup/soup-hsts-enforcer.h b/libsoup/soup-hsts-enforcer.h
index f01e9256..5bbe5049 100644
--- a/libsoup/soup-hsts-enforcer.h
+++ b/libsoup/soup-hsts-enforcer.h
@@ -76,6 +76,9 @@ SOUP_AVAILABLE_IN_2_68
 void             soup_hsts_enforcer_set_policy                    (SoupHSTSEnforcer *hsts_enforcer,
                                                                    SoupHSTSPolicy   *policy);
 
+SOUP_AVAILABLE_IN_2_68
+GList            *soup_hsts_enforcer_get_domains                   (SoupHSTSEnforcer *hsts_enforcer);
+
 G_END_DECLS
 
 #endif /* __SOUP_HSTS_ENFORCER_H__ */
diff --git a/tests/hsts-test.c b/tests/hsts-test.c
index 6e383c08..de5e85d1 100644
--- a/tests/hsts-test.c
+++ b/tests/hsts-test.c
@@ -461,6 +461,32 @@ do_hsts_idna_addresses_test (void)
        g_object_unref (enforcer);
 }
 
+static void
+do_hsts_get_domains_test (void)
+{
+       SoupHSTSEnforcer *enforcer = soup_hsts_enforcer_new ();
+       SoupHSTSPolicy *policy = soup_hsts_policy_new ("gnome.org", 3600, FALSE);
+       GList* domains;
+
+       g_assert_nonnull (policy);
+       g_assert_null (soup_hsts_enforcer_get_domains (enforcer));
+       soup_hsts_enforcer_set_policy (enforcer, policy);
+       soup_hsts_policy_free (policy);
+
+       domains = soup_hsts_enforcer_get_domains (enforcer);
+       g_assert_nonnull (domains);
+       g_assert_cmpint (g_list_length (domains), ==, 1);
+       g_assert_cmpstr ((char*)domains->data, ==, "gnome.org");
+       g_list_free_full (domains, g_free);
+
+       policy = soup_hsts_policy_new ("gnome.org", SOUP_HSTS_POLICY_MAX_AGE_PAST, FALSE);
+       soup_hsts_enforcer_set_policy (enforcer, policy);
+       soup_hsts_policy_free (policy);
+
+       g_assert_null (soup_hsts_enforcer_get_domains (enforcer));
+       g_object_unref(enforcer);
+}
+
 int
 main (int argc, char **argv)
 {
@@ -506,6 +532,7 @@ main (int argc, char **argv)
        g_test_add_func ("/hsts/utf8-address", do_hsts_utf8_address_test);
        g_test_add_func ("/hsts/session-policy", do_hsts_session_policy_test);
        g_test_add_func ("/hsts/idna-addresses", do_hsts_idna_addresses_test);
+       g_test_add_func ("/hsts/get-domains", do_hsts_get_domains_test);
 
        ret = g_test_run ();
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]