[HTTPS-E Rulesets] please give pointers on: "uri.host is explosive!"
Drake, Brian
brian at drakefamily.tk
Sun Jan 26 23:33:50 PST 2014
I had my own quick look at it. Firstly, I’m not sure where you pulled
that code from (the line numbers are two off for the latest stable
version and way off for the latest development version [1], which is
quoted below).
This is my first time doing this – hopefully it will preserve the
indentation, which is required for readability (for me, anyway).
// example.com. is equivalent to example.com
// example.com.. is invalid, but firefox would load it anyway
try {
if (uri.host)
try {
var h = uri.host;
if (h.charAt(h.length - 1) == ".") {
while (h.charAt(h.length - 1) == ".")
h = h.slice(0,-1);
uri = uri.clone();
uri.host = h;
}
} catch(e) {
this.log(WARN, "Failed to normalise domain: ");
try {this.log(WARN, input_uri.host);}
catch(e2) {this.log(WARN, "bang" + e + " & " + e2 + " & "+
input_uri);}
}
} catch(e3) {
this.log(INFO, "uri.host is explosive!");
try { this.log(INFO, "(" + uri.spec + ")"); } // happens
for about: uris and soforth
catch(e4) { this.log(WARN, "(and unprintable!!!!!!)"); }
}
return uri;
},
Here’s what it looks like to me:
1. This section of code is just stripping dots off the end of the host
(by the way, has anyone considered something like replacing /\.*$/
with "", then testing if the string changed?).
2. “e3” does mean “3rd error”.
3. “uri.host is explosive!” is the HTTPS Everywhere expression for
“Just trying to access uri.host gives an error (forget about trying to
process it)!”
While we’re looking at this section of code, I happened to notice the
lack of curly braces in the if statement, amongst many other style
issues. Ugh. Someone’s already made another thread for that [2], but I
don’t know if anything’s being done about it.
[1] https://gitweb.torproject.org/https-everywhere.git/blob/d9483734eb7cf9ce7db79f778664e7e2166b46ac:/src/chrome/content/code/HTTPSRules.js#l578
[2] https://lists.eff.org/pipermail/https-everywhere/2013-August/001787.html
--
Brian Drake
All content created by me: Copyright © 2014 Brian Drake. All rights reserved.
On Mon, Dec 30, 2013 at 1311 (UTC), Manne Laukkanen
<manne.laukkanen at sci.fi> wrote:
>
> Hi!
> With quick Googling did not find a full explanation on:
> "uri.host is explosive!"
>
> Skimming through code (not being familiar with slice function nor having time now to study it) , it seems to have something to do with encountering .something uri suffixes when resolving host...and if so..what? And it is in the case of catching... "e3"? Does this stand for "3rd error?" err...what?
>
> If you give me an explanation I am happy to pull the code, add the comments to the portion in the code and push just to help other people being equally confounded by this message. There are others. (e.g. https://groups.google.com/forum/#!msg/mozilla.support.firefox/f3T_Fyt13ZU/Gfn2l7vGI0UJ)
>
> Thank you and sorry to bug you and tell me what to do to open this bit of functioning of your good tool.
>
> SOURCE (most recent version?):
> // example.com. is equivalent to example.com
> 523 // example.com.. is invalid, but firefox would load it anyway
> 524 try {
> 525 if (uri.host)
> 526 try {
> 527 var h = uri.host;
> 528 if (h.charAt(h.length - 1) == ".") {
> 529 while (h.charAt(h.length - 1) == ".")
> 530 h = h.slice(0,-1);
> 531 uri = uri.clone();
> 532 uri.host = h;
> 533 }
> 534 } catch(e) {
> 535 this.log(WARN, "Failed to normalise domain: ");
> 536 try {this.log(WARN, input_uri.host);}
> 537 catch(e2) {this.log(WARN, "bang" + e + " & " + e2 + " & "+ input_uri);}
> 538 }
> 539 } catch(e3) {
> 540 this.log(WARN, "uri.host is explosive!");
> 541 try { this.log(WARN, "(" + uri.spec + ")"); }
> 542 catch(e4) { this.log(WARN, "(and unprintable)"); }
> 543 }
> 544 return uri;
> 545 },
More information about the HTTPS-Everywhere-Rules
mailing list