diff options
Diffstat (limited to 'components/net')
| -rw-r--r-- | components/net/Cargo.toml | 2 | ||||
| -rw-r--r-- | components/net/hsts.rs | 106 | ||||
| -rw-r--r-- | components/net/image_cache.rs | 4 | ||||
| -rw-r--r-- | components/net/resource_thread.rs | 8 | ||||
| -rw-r--r-- | components/net/storage_thread.rs | 42 | ||||
| -rw-r--r-- | components/net/tests/hsts.rs | 161 |
6 files changed, 159 insertions, 164 deletions
diff --git a/components/net/Cargo.toml b/components/net/Cargo.toml index 9af310f32bc..1945165b8c1 100644 --- a/components/net/Cargo.toml +++ b/components/net/Cargo.toml @@ -29,6 +29,7 @@ crossbeam-channel = { workspace = true } data-url = { workspace = true } devtools_traits = { workspace = true } embedder_traits = { workspace = true } +fst = "0.4" futures = { version = "0.3", package = "futures" } futures-core = { version = "0.3.30", default-features = false } futures-util = { version = "0.3.30", default-features = false } @@ -77,6 +78,7 @@ webrender_api = { workspace = true } [dev-dependencies] embedder_traits = { workspace = true, features = ["baked-default-resources"] } flate2 = "1" +fst = "0.4" futures = { version = "0.3", features = ["compat"] } hyper = { workspace = true, features = ["full"] } hyper-util = { workspace = true, features = ["server-graceful"] } diff --git a/components/net/hsts.rs b/components/net/hsts.rs index be955980d2b..c50f3304142 100644 --- a/components/net/hsts.rs +++ b/components/net/hsts.rs @@ -9,9 +9,11 @@ use std::sync::LazyLock; use std::time::Duration; use embedder_traits::resources::{self, Resource}; +use fst::{Map, MapBuilder}; use headers::{HeaderMapExt, StrictTransportSecurity}; use http::HeaderMap; use log::{debug, error, info}; +use malloc_size_of::{MallocSizeOf, MallocSizeOfOps}; use malloc_size_of_derive::MallocSizeOf; use net_traits::IncludeSubdomains; use net_traits::pub_domains::reg_suffix; @@ -85,99 +87,67 @@ pub struct HstsList { /// it is split out to allow sharing between the private and public http state /// as well as potentially swpaping out the underlying type to something immutable /// and more efficient like FSTs or DAFSA/DAWGs. -#[derive(Clone, Debug, Default, Deserialize, MallocSizeOf, Serialize)] -pub struct HstsPreloadList { - pub entries_map: HashMap<String, Vec<HstsEntry>>, +/// To generate a new version of the FST map file run `./mach update-hsts-preload` +#[derive(Clone, Debug)] +pub struct HstsPreloadList(pub fst::Map<Vec<u8>>); + +impl MallocSizeOf for HstsPreloadList { + #[allow(unsafe_code)] + fn size_of(&self, ops: &mut malloc_size_of::MallocSizeOfOps) -> usize { + unsafe { ops.malloc_size_of(self.0.as_fst().as_inner().as_ptr()) } + } } -pub static PRELOAD_LIST_ENTRIES: LazyLock<HstsPreloadList> = +static PRELOAD_LIST_ENTRIES: LazyLock<HstsPreloadList> = LazyLock::new(HstsPreloadList::from_servo_preload); +pub fn hsts_preload_size_of(ops: &mut MallocSizeOfOps) -> usize { + PRELOAD_LIST_ENTRIES.size_of(ops) +} + impl HstsPreloadList { /// Create an `HstsList` from the bytes of a JSON preload file. - pub fn from_preload(preload_content: &str) -> Option<HstsPreloadList> { - #[derive(Deserialize)] - struct HstsEntries { - entries: Vec<HstsEntry>, - } - - let hsts_entries: Option<HstsEntries> = serde_json::from_str(preload_content).ok(); - - hsts_entries.map(|hsts_entries| { - let mut hsts_list: HstsPreloadList = HstsPreloadList::default(); - - for hsts_entry in hsts_entries.entries { - hsts_list.push(hsts_entry); - } - - hsts_list - }) + pub fn from_preload(preload_content: Vec<u8>) -> Option<HstsPreloadList> { + Map::new(preload_content).map(HstsPreloadList).ok() } pub fn from_servo_preload() -> HstsPreloadList { debug!("Intializing HSTS Preload list"); - let list = resources::read_string(Resource::HstsPreloadList); - HstsPreloadList::from_preload(&list).unwrap_or_else(|| { + let map_bytes = resources::read_bytes(Resource::HstsPreloadList); + HstsPreloadList::from_preload(map_bytes).unwrap_or_else(|| { error!("HSTS preload file is invalid. Setting HSTS list to default values"); - HstsPreloadList { - entries_map: Default::default(), - } + HstsPreloadList(MapBuilder::memory().into_map()) }) } pub fn is_host_secure(&self, host: &str) -> bool { let base_domain = reg_suffix(host); - self.entries_map.get(base_domain).is_some_and(|entries| { - // No need to check for expiration in the preload list - entries.iter().any(|e| { - if e.include_subdomains { - e.matches_subdomain(host) || e.matches_domain(host) - } else { - e.matches_domain(host) - } - }) - }) - } + let parts = host[..host.len() - base_domain.len()].rsplit_terminator('.'); + let mut domain_to_test = base_domain.to_owned(); - pub fn has_domain(&self, host: &str, base_domain: &str) -> bool { - self.entries_map - .get(base_domain) - .is_some_and(|entries| entries.iter().any(|e| e.matches_domain(host))) - } - - pub fn has_subdomain(&self, host: &str, base_domain: &str) -> bool { - self.entries_map.get(base_domain).is_some_and(|entries| { - entries - .iter() - .any(|e| e.include_subdomains && e.matches_subdomain(host)) - }) - } - - pub fn push(&mut self, entry: HstsEntry) { - let host = entry.host.clone(); - let base_domain = reg_suffix(&host); - let have_domain = self.has_domain(&entry.host, base_domain); - let have_subdomain = self.has_subdomain(&entry.host, base_domain); + if self.0.get(&domain_to_test).is_some_and(|id| { + // The FST map ids were constructed such that the parity represents the includeSubdomain flag + id % 2 == 1 || domain_to_test == host + }) { + return true; + } - let entries = self.entries_map.entry(base_domain.to_owned()).or_default(); - if !have_domain && !have_subdomain { - entries.push(entry); - } else if !have_subdomain { - for e in entries { - if e.matches_domain(&entry.host) { - e.include_subdomains = entry.include_subdomains; - // TODO(sebsebmc): We could shrink the the HSTS preload memory use further by using a type - // that doesn't store an expiry since all preload entries should be "forever" - e.expires_at = entry.expires_at; - } + // Check all further subdomains up to the passed host + for part in parts { + domain_to_test = format!("{}.{}", part, domain_to_test); + if self.0.get(&domain_to_test).is_some_and(|id| { + // The FST map ids were constructed such that the parity represents the includeSubdomain flag + id % 2 == 1 || domain_to_test == host + }) { + return true; } } + false } } impl HstsList { pub fn is_host_secure(&self, host: &str) -> bool { - debug!("HSTS: is {host} secure?"); if PRELOAD_LIST_ENTRIES.is_host_secure(host) { info!("{host} is in the preload list"); return true; diff --git a/components/net/image_cache.rs b/components/net/image_cache.rs index 46a2a4ea111..8276baa07e7 100644 --- a/components/net/image_cache.rs +++ b/components/net/image_cache.rs @@ -66,10 +66,10 @@ fn set_webrender_image_key(compositor_api: &CrossProcessCompositorApi, image: &m return; } let mut bytes = Vec::new(); - let frame_bytes = image.bytes(); + let frame_bytes = image.first_frame().bytes; let is_opaque = match image.format { PixelFormat::BGRA8 => { - bytes.extend_from_slice(&frame_bytes); + bytes.extend_from_slice(frame_bytes); pixels::rgba8_premultiply_inplace(bytes.as_mut_slice()) }, PixelFormat::RGB8 => { diff --git a/components/net/resource_thread.rs b/components/net/resource_thread.rs index 89f76b3ca68..94592d19bed 100644 --- a/components/net/resource_thread.rs +++ b/components/net/resource_thread.rs @@ -21,7 +21,6 @@ use embedder_traits::EmbedderProxy; use hyper_serde::Serde; use ipc_channel::ipc::{self, IpcReceiver, IpcReceiverSet, IpcSender}; use log::{debug, trace, warn}; -use malloc_size_of::MallocSizeOf; use net_traits::blob_url_store::parse_blob_url; use net_traits::filemanager_thread::FileTokenCheck; use net_traits::pub_domains::public_suffix_list_size_of; @@ -98,14 +97,15 @@ pub fn new_resource_threads( let (public_core, private_core) = new_core_resource_thread( devtools_sender, time_profiler_chan, - mem_profiler_chan, + mem_profiler_chan.clone(), embedder_proxy, config_dir.clone(), ca_certificates, ignore_certificate_errors, protocols, ); - let storage: IpcSender<StorageThreadMsg> = StorageThreadFactory::new(config_dir); + let storage: IpcSender<StorageThreadMsg> = + StorageThreadFactory::new(config_dir, mem_profiler_chan); ( ResourceThreads::new(public_core, storage.clone()), ResourceThreads::new(private_core, storage), @@ -292,7 +292,7 @@ impl ResourceChannelManager { Report { path: path!["hsts-preload-list"], kind: ReportKind::ExplicitJemallocHeapSize, - size: hsts::PRELOAD_LIST_ENTRIES.size_of(ops), + size: hsts::hsts_preload_size_of(ops), }, Report { path: path!["public-suffix-list"], diff --git a/components/net/storage_thread.rs b/components/net/storage_thread.rs index dd058f17170..899214a450c 100644 --- a/components/net/storage_thread.rs +++ b/components/net/storage_thread.rs @@ -8,7 +8,12 @@ use std::path::PathBuf; use std::thread; use ipc_channel::ipc::{self, IpcReceiver, IpcSender}; +use malloc_size_of::MallocSizeOf; use net_traits::storage_thread::{StorageThreadMsg, StorageType}; +use profile_traits::mem::{ + ProcessReports, ProfilerChan as MemProfilerChan, Report, ReportKind, perform_memory_report, +}; +use profile_traits::path; use servo_url::ServoUrl; use crate::resource_thread; @@ -16,17 +21,26 @@ use crate::resource_thread; const QUOTA_SIZE_LIMIT: usize = 5 * 1024 * 1024; pub trait StorageThreadFactory { - fn new(config_dir: Option<PathBuf>) -> Self; + fn new(config_dir: Option<PathBuf>, mem_profiler_chan: MemProfilerChan) -> Self; } impl StorageThreadFactory for IpcSender<StorageThreadMsg> { /// Create a storage thread - fn new(config_dir: Option<PathBuf>) -> IpcSender<StorageThreadMsg> { + fn new( + config_dir: Option<PathBuf>, + mem_profiler_chan: MemProfilerChan, + ) -> IpcSender<StorageThreadMsg> { let (chan, port) = ipc::channel().unwrap(); + let chan2 = chan.clone(); thread::Builder::new() .name("StorageManager".to_owned()) .spawn(move || { - StorageManager::new(port, config_dir).start(); + mem_profiler_chan.run_with_memory_reporting( + || StorageManager::new(port, config_dir).start(), + String::from("storage-reporter"), + chan2, + StorageThreadMsg::CollectMemoryReport, + ); }) .expect("Thread spawning failed"); chan @@ -83,6 +97,10 @@ impl StorageManager { self.clear(sender, url, storage_type); self.save_state() }, + StorageThreadMsg::CollectMemoryReport(sender) => { + let reports = self.collect_memory_reports(); + sender.send(ProcessReports::new(reports)); + }, StorageThreadMsg::Exit(sender) => { // Nothing to do since we save localstorage set eagerly. let _ = sender.send(()); @@ -92,6 +110,24 @@ impl StorageManager { } } + fn collect_memory_reports(&self) -> Vec<Report> { + let mut reports = vec![]; + perform_memory_report(|ops| { + reports.push(Report { + path: path!["storage", "local"], + kind: ReportKind::ExplicitJemallocHeapSize, + size: self.local_data.size_of(ops), + }); + + reports.push(Report { + path: path!["storage", "session"], + kind: ReportKind::ExplicitJemallocHeapSize, + size: self.session_data.size_of(ops), + }); + }); + reports + } + fn save_state(&self) { if let Some(ref config_dir) = self.config_dir { resource_thread::write_json_to_file(&self.local_data, config_dir, "local_data.json"); diff --git a/components/net/tests/hsts.rs b/components/net/tests/hsts.rs index e1e754beb3c..3598b232111 100644 --- a/components/net/tests/hsts.rs +++ b/components/net/tests/hsts.rs @@ -6,13 +6,14 @@ use std::collections::HashMap; use std::num::NonZeroU64; use std::time::Duration as StdDuration; +use base64::Engine; use net::hsts::{HstsEntry, HstsList, HstsPreloadList}; use net_traits::IncludeSubdomains; #[test] fn test_hsts_entry_is_not_expired_when_it_has_no_expires_at() { let entry = HstsEntry { - host: "mozilla.org".to_owned(), + host: "example.com".to_owned(), include_subdomains: false, expires_at: None, }; @@ -23,7 +24,7 @@ fn test_hsts_entry_is_not_expired_when_it_has_no_expires_at() { #[test] fn test_hsts_entry_is_expired_when_it_has_reached_its_max_age() { let entry = HstsEntry { - host: "mozilla.org".to_owned(), + host: "example.com".to_owned(), include_subdomains: false, expires_at: Some(NonZeroU64::new(1).unwrap()), }; @@ -59,7 +60,7 @@ fn test_base_domain_in_entries_map() { list.push( HstsEntry::new( - "servo.mozilla.org".to_owned(), + "servo.example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -67,7 +68,7 @@ fn test_base_domain_in_entries_map() { ); list.push( HstsEntry::new( - "firefox.mozilla.org".to_owned(), + "firefox.example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -75,7 +76,7 @@ fn test_base_domain_in_entries_map() { ); list.push( HstsEntry::new( - "bugzilla.org".to_owned(), + "example.org".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -83,17 +84,17 @@ fn test_base_domain_in_entries_map() { ); assert_eq!(list.entries_map.len(), 2); - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 2); + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 2); } #[test] fn test_push_entry_with_0_max_age_is_not_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, Some(StdDuration::from_secs(500000)), ) @@ -106,23 +107,23 @@ fn test_push_entry_with_0_max_age_is_not_secure() { list.push( HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, Some(StdDuration::ZERO), ) .unwrap(), ); - assert_eq!(list.is_host_secure("mozilla.org"), false) + assert_eq!(list.is_host_secure("example.com"), false) } fn test_push_entry_with_0_max_age_evicts_entry_from_list() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, Some(StdDuration::from_secs(500000)), ) @@ -133,25 +134,25 @@ fn test_push_entry_with_0_max_age_evicts_entry_from_list() { entries_map: entries_map, }; - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 1); + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 1); list.push( HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, Some(StdDuration::ZERO), ) .unwrap(), ); - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 0); + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 0); } #[test] fn test_push_entry_to_hsts_list_should_not_add_subdomains_whose_superdomain_is_already_matched() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), - vec![HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()], + "example.com".to_owned(), + vec![HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()], ); let mut list = HstsList { entries_map: entries_map, @@ -159,24 +160,24 @@ fn test_push_entry_to_hsts_list_should_not_add_subdomains_whose_superdomain_is_a list.push( HstsEntry::new( - "servo.mozilla.org".to_owned(), + "servo.example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) .unwrap(), ); - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 1) + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 1) } #[test] fn test_push_entry_to_hsts_list_should_add_subdomains_whose_superdomain_doesnt_include() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -189,49 +190,49 @@ fn test_push_entry_to_hsts_list_should_add_subdomains_whose_superdomain_doesnt_i list.push( HstsEntry::new( - "servo.mozilla.org".to_owned(), + "servo.example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) .unwrap(), ); - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 2) + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 2) } #[test] fn test_push_entry_to_hsts_list_should_update_existing_domain_entrys_include_subdomains() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), - vec![HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()], + "example.com".to_owned(), + vec![HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()], ); let mut list = HstsList { entries_map: entries_map, }; - assert!(list.is_host_secure("servo.mozilla.org")); + assert!(list.is_host_secure("servo.example.com")); list.push( HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) .unwrap(), ); - assert!(!list.is_host_secure("servo.mozilla.org")) + assert!(!list.is_host_secure("servo.example.com")) } #[test] fn test_push_entry_to_hsts_list_should_not_create_duplicate_entry() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -244,14 +245,14 @@ fn test_push_entry_to_hsts_list_should_not_create_duplicate_entry() { list.push( HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) .unwrap(), ); - assert_eq!(list.entries_map.get("mozilla.org").unwrap().len(), 1) + assert_eq!(list.entries_map.get("example.com").unwrap().len(), 1) } #[test] @@ -260,16 +261,14 @@ fn test_push_multiple_entrie_to_hsts_list_should_add_them_all() { entries_map: HashMap::new(), }; - assert!(!list.is_host_secure("mozilla.org")); - assert!(!list.is_host_secure("bugzilla.org")); + assert!(!list.is_host_secure("example.com")); + assert!(!list.is_host_secure("example.org")); - list.push(HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()); - list.push( - HstsEntry::new("bugzilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap(), - ); + list.push(HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()); + list.push(HstsEntry::new("example.org".to_owned(), IncludeSubdomains::Included, None).unwrap()); - assert!(list.is_host_secure("mozilla.org")); - assert!(list.is_host_secure("bugzilla.org")); + assert!(list.is_host_secure("example.com")); + assert!(list.is_host_secure("example.org")); } #[test] @@ -278,25 +277,16 @@ fn test_push_entry_to_hsts_list_should_add_an_entry() { entries_map: HashMap::new(), }; - assert!(!list.is_host_secure("mozilla.org")); + assert!(!list.is_host_secure("example.com")); - list.push(HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()); + list.push(HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()); - assert!(list.is_host_secure("mozilla.org")); + assert!(list.is_host_secure("example.com")); } #[test] fn test_parse_hsts_preload_should_return_none_when_json_invalid() { - let mock_preload_content = "derp"; - assert!( - HstsPreloadList::from_preload(mock_preload_content).is_none(), - "invalid preload list should not have parsed" - ) -} - -#[test] -fn test_parse_hsts_preload_should_return_none_when_json_contains_no_entries_map_key() { - let mock_preload_content = "{\"nothing\": \"to see here\"}"; + let mock_preload_content = "derp".as_bytes().to_vec(); assert!( HstsPreloadList::from_preload(mock_preload_content).is_none(), "invalid preload list should not have parsed" @@ -305,20 +295,17 @@ fn test_parse_hsts_preload_should_return_none_when_json_contains_no_entries_map_ #[test] fn test_parse_hsts_preload_should_decode_host_and_includes_subdomains() { - let mock_preload_content = "{\ - \"entries\": [\ - {\"host\": \"mozilla.org\",\ - \"include_subdomains\": false}\ - ]\ - }"; - let hsts_list = HstsPreloadList::from_preload(mock_preload_content); - let entries_map = hsts_list.unwrap().entries_map; - - assert_eq!( - entries_map.get("mozilla.org").unwrap()[0].host, - "mozilla.org" - ); - assert!(!entries_map.get("mozilla.org").unwrap()[0].include_subdomains); + // Generated with `fst map --sorted` on a csv of "example.com,0\nexample.org,3" + let mock_preload_content = base64::engine::general_purpose::STANDARD + .decode("AwAAAAAAAAAAAAAAAAAAAAAQkMQAEJfHAwABBW9jEQLNws/J0MXqwgIAAAAAAAAAJwAAAAAAAADVOFe6") + .unwrap(); + let hsts_list = HstsPreloadList::from_preload(mock_preload_content).unwrap(); + + assert_eq!(hsts_list.is_host_secure("derp"), false); + assert_eq!(hsts_list.is_host_secure("example.com"), true); + assert_eq!(hsts_list.is_host_secure("servo.example.com"), false); + assert_eq!(hsts_list.is_host_secure("example.org"), true); + assert_eq!(hsts_list.is_host_secure("servo.example.org"), true); } #[test] @@ -327,17 +314,17 @@ fn test_hsts_list_with_no_entries_map_does_not_is_host_secure() { entries_map: HashMap::new(), }; - assert!(!hsts_list.is_host_secure("mozilla.org")); + assert!(!hsts_list.is_host_secure("example.com")); } #[test] fn test_hsts_list_with_exact_domain_entry_is_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -349,31 +336,31 @@ fn test_hsts_list_with_exact_domain_entry_is_is_host_secure() { entries_map: entries_map, }; - assert!(hsts_list.is_host_secure("mozilla.org")); + assert!(hsts_list.is_host_secure("example.com")); } #[test] fn test_hsts_list_with_subdomain_when_include_subdomains_is_true_is_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), - vec![HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()], + "example.com".to_owned(), + vec![HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()], ); let hsts_list = HstsList { entries_map: entries_map, }; - assert!(hsts_list.is_host_secure("servo.mozilla.org")); + assert!(hsts_list.is_host_secure("servo.example.com")); } #[test] fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![ HstsEntry::new( - "mozilla.org".to_owned(), + "example.com".to_owned(), IncludeSubdomains::NotIncluded, None, ) @@ -384,44 +371,44 @@ fn test_hsts_list_with_subdomain_when_include_subdomains_is_false_is_not_is_host entries_map: entries_map, }; - assert!(!hsts_list.is_host_secure("servo.mozilla.org")); + assert!(!hsts_list.is_host_secure("servo.example.com")); } #[test] fn test_hsts_list_with_subdomain_when_host_is_not_a_subdomain_is_not_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), - vec![HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()], + "example.com".to_owned(), + vec![HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()], ); let hsts_list = HstsList { entries_map: entries_map, }; - assert!(!hsts_list.is_host_secure("servo-mozilla.org")); + assert!(!hsts_list.is_host_secure("servo-example.com")); } #[test] fn test_hsts_list_with_subdomain_when_host_is_exact_match_is_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), - vec![HstsEntry::new("mozilla.org".to_owned(), IncludeSubdomains::Included, None).unwrap()], + "example.com".to_owned(), + vec![HstsEntry::new("example.com".to_owned(), IncludeSubdomains::Included, None).unwrap()], ); let hsts_list = HstsList { entries_map: entries_map, }; - assert!(hsts_list.is_host_secure("mozilla.org")); + assert!(hsts_list.is_host_secure("example.com")); } #[test] fn test_hsts_list_with_expired_entry_is_not_is_host_secure() { let mut entries_map = HashMap::new(); entries_map.insert( - "mozilla.org".to_owned(), + "example.com".to_owned(), vec![HstsEntry { - host: "mozilla.org".to_owned(), + host: "example.com".to_owned(), include_subdomains: false, expires_at: Some(NonZeroU64::new(1).unwrap()), }], @@ -430,11 +417,11 @@ fn test_hsts_list_with_expired_entry_is_not_is_host_secure() { entries_map: entries_map, }; - assert!(!hsts_list.is_host_secure("mozilla.org")); + assert!(!hsts_list.is_host_secure("example.com")); } #[test] fn test_preload_hsts_domains_well_formed() { let hsts_list = HstsPreloadList::from_servo_preload(); - assert!(!hsts_list.entries_map.is_empty()); + assert_ne!(hsts_list.0.len(), 0); } |