task.c

一个很有名的浏览器

/* Sessions task management */
/* $Id: task.c,v 1.146.2.7 2005/05/01 21:32:11 jonas Exp $ */

#ifdef HAVE_CONFIG_H
#include "config.h"
#endif

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include "elinks.h"

#include "bfu/menu.h"
#include "bfu/dialog.h"
#include "cache/cache.h"
#include "dialogs/status.h"
#include "document/document.h"
#include "document/html/parser.h"
#include "document/refresh.h"
#include "document/view.h"
#include "intl/gettext/libintl.h"
#include "lowlevel/select.h"
#include "protocol/protocol.h"
#include "protocol/uri.h"
#include "terminal/terminal.h"
#include "terminal/window.h"
#include "sched/download.h"
#include "sched/event.h"
#include "sched/session.h"
#include "sched/task.h"
#include "viewer/text/view.h"


static void
free_task(struct session *ses)
{
	assertm(ses->task.type, "Session has no task");
	if_assert_failed return;

	if (ses->loading_uri) {
		done_uri(ses->loading_uri);
		ses->loading_uri = NULL;
	}
	ses->task.type = TASK_NONE;
}

void
abort_preloading(struct session *ses, int interrupt)
{
	if (!ses->task.type) return;

	change_connection(&ses->loading, NULL, PRI_CANCEL, interrupt);
	free_task(ses);
}


struct task {
	struct session *ses;
	struct uri *uri;
	enum cache_mode cache_mode;
	enum task_type type;
	unsigned char *target_frame;
	struct location *target_location;
};

static void
post_yes(struct task *task)
{
	struct session *ses = task->ses;

	abort_preloading(task->ses, 0);

	ses->loading.callback = (void (*)(struct download *, void *)) loading_callback;
	ses->loading.data = task->ses;
	ses->loading_uri = task->uri; /* XXX: Make the session inherit the URI. */

	ses->task.type = task->type;
	ses->task.target_frame = task->target_frame;
	ses->task.target_location = task->target_location;

	load_uri(ses->loading_uri, ses->referrer, &ses->loading,
		 PRI_MAIN, task->cache_mode, -1);
}

static void
post_no(struct task *task)
{
	reload(task->ses, CACHE_MODE_NORMAL);
	done_uri(task->uri);
}

/* Check if the URI is obfuscated (bug 382). The problem is said to occur when
 * a URI designed to pass access a specific location with a supplied username,
 * contains misleading chars prior to the @ symbol.
 *
 * An attacker can exploit this issue by supplying a malicious URI pointing to
 * a page designed to mimic that of a trusted site, and tricking a victim who
 * follows a link into believing they are actually at the trusted location.
 *
 * Only the user ID (and not also the password) is checked because only the
 * user ID is displayed in the status bar. */
static int
check_malicious_uri(struct uri *uri)
{
	unsigned char *user, *pos;
	int warn = 0;

	assert(uri->user && uri->userlen);

	user = pos = memacpy(uri->user, uri->userlen);
	if (!user) return 0;

	decode_uri_for_display(user);

	while (*pos) {
		int length, trailing_dots;

		for (length = 0; pos[length] != '\0'; length++)
			if (!(isalnum(pos[length]) || pos[length] == '.'))
				break;

		/* Wind back so that the TLD part is checked correctly. */
		for (trailing_dots = 0; trailing_dots < length; trailing_dots++)
			if (!length || pos[length - trailing_dots - 1] != '.')
				break;

		/* Not perfect, but I am clueless as how to do better. Besides
		 * I don't really think it is an issue for ELinks. --jonas */
		if (end_with_known_tld(pos, length - trailing_dots) != -1) {
			warn = 1;
			break;
		}

		pos += length;

		while (*pos && (!isalnum(*pos) || *pos == '.'))
			pos++;
	}

	mem_free(user);

	return warn;
}

void
ses_goto(struct session *ses, struct uri *uri, unsigned char *target_frame,
	 struct location *target_location, enum cache_mode cache_mode,
	 enum task_type task_type, int redir)
{
	struct task *task = NULL;
	int referrer_incomplete = 0;
	int malicious_uri = 0;
	int confirm_submit = uri->form;
	unsigned char *m1 = NULL, *message = NULL;

	if (ses->doc_view
	    && ses->doc_view->document
	    && ses->doc_view->document->refresh) {
		kill_document_refresh(ses->doc_view->document->refresh);
	}

	assertm(!ses->loading_uri, "Buggy URI reference counting");

	/* Reset the redirect counter if this is not a redirect. */
	if (!redir) {
		ses->redirect_cnt = 0;
	}

	/* Figure out whether to confirm submit or not */

	/* Only confirm submit if we are posting form data or a misleading URI
	 * was detected. */
	/* Note uri->post might be empty here but we are still supposely
	 * posting form data so this should be more correct. */

	if (uri->user && uri->userlen
	    && get_opt_bool("document.browse.links.warn_malicious")
	    && check_malicious_uri(uri)) {
		malicious_uri = 1;
		confirm_submit = 1;

	} else if (!uri->form) {
		confirm_submit = 0;

	} else {
		struct cache_entry *cached;

		/* First check if the referring URI was incomplete. It
		 * indicates that the posted form data might be incomplete too.
		 * See bug 460. */
		if (ses->referrer) {
			cached = find_in_cache(ses->referrer);
			referrer_incomplete = (cached && cached->incomplete);
		}

		if (!get_opt_bool("document.browse.forms.confirm_submit")
		    && !referrer_incomplete) {
			confirm_submit = 0;

		} else if (get_validated_cache_entry(uri, cache_mode)) {
			confirm_submit = 0;
		}
	}

	if (!confirm_submit) {
		ses->loading.callback = (void (*)(struct download *, void *)) loading_callback;
		ses->loading.data = ses;
		ses->loading_uri = get_uri_reference(uri);

		ses->task.type = task_type;
		ses->task.target_frame = target_frame;
		ses->task.target_location = target_location;

		load_uri(ses->loading_uri, ses->referrer, &ses->loading,
			 PRI_MAIN, cache_mode, -1);

		return;
	}

	task = mem_alloc(sizeof(*task));
	if (!task) return;

	task->ses = ses;
	task->uri = get_uri_reference(uri);
	task->cache_mode = cache_mode;
	task->type = task_type;
	task->target_frame = target_frame;
	task->target_location = target_location;

	if (malicious_uri) {
		unsigned char *host = memacpy(uri->host, uri->hostlen);
		unsigned char *user = memacpy(uri->user, uri->userlen);
		unsigned char *uristring = get_uri_string(uri, URI_PUBLIC);

		message = msg_text(ses->tab->term,
			N_("The URL you are about to follow might be maliciously "
			"crafted in order to confuse you. By following the URL "
			"you will be connecting to host \"%s\" as user \"%s\".\n\n"
			"Do you want to go to URL %s?"), host, user, uristring);

		mem_free_if(host);
		mem_free_if(user);
		mem_free_if(uristring);

	} else if (redir) {
		m1 = N_("Do you want to follow the redirect and post form data "
			"to URL %s?");

	} else if (referrer_incomplete) {
		m1 = N_("The form data you are about to post might be incomplete.\n"
			"Do you want to post to URL %s?");

	} else if (task_type == TASK_FORWARD) {
		m1 = N_("Do you want to post form data to URL %s?");

	} else {
		m1 = N_("Do you want to repost form data to URL %s?");
	}

	if (!message && m1) {
		unsigned char *uristring = get_uri_string(uri, URI_PUBLIC);

		message = msg_text(ses->tab->term, m1, uristring);
		mem_free_if(uristring);
	}

	msg_box(ses->tab->term, getml(task, NULL), MSGBOX_FREE_TEXT,
		N_("Warning"), ALIGN_CENTER,
		message,
		task, 2,
		N_("~Yes"), post_yes, B_ENTER,
		N_("~No"), post_no, B_ESC);
}


/* If @loaded_in_frame is set, this was called just to indicate a move inside a
 * frameset, and we basically just reset the appropriate frame's view_state in
 * that case. When clicking on a link inside a frame, the frame URI is somehow
 * updated and added to the files-to-load queue, then ses_forward() is called
 * with @loaded_in_frame unset, duplicating the whole frameset's location, then
 * later the file-to-load callback calls it for the particular frame with
 * @loaded_in_frame set. */
struct view_state *
ses_forward(struct session *ses, int loaded_in_frame)
{
	struct location *loc = NULL;
	struct view_state *vs;

	if (!loaded_in_frame) {
		free_files(ses);
		mem_free_set(&ses->search_word, NULL);
	}

x:
	if (!loaded_in_frame) {
		loc = mem_calloc(1, sizeof(*loc));
		if (!loc) return NULL;
		copy_struct(&loc->download, &ses->loading);
	}

	if (ses->task.target_frame && *ses->task.target_frame) {
		struct frame *frame;

		assertm(have_location(ses), "no location yet");
		if_assert_failed return NULL;

		if (!loaded_in_frame) {
			copy_location(loc, cur_loc(ses));
			add_to_history(&ses->history, loc);
		}

		frame = ses_find_frame(ses, ses->task.target_frame);
		if (!frame) {
			if (!loaded_in_frame) {
				del_from_history(&ses->history, loc);
				destroy_location(loc);
			}
			ses->task.target_frame = NULL;
			goto x;
		}

		vs = &frame->vs;
		if (!loaded_in_frame) {
			destroy_vs(vs, 1);
			init_vs(vs, ses->loading_uri, vs->plain);
		} else {
			done_uri(vs->uri);
			vs->uri = get_uri_reference(ses->loading_uri);
			if (vs->doc_view) {
				/* vs->doc_view itself will get detached in
				 * render_document_frames(), but that's too
				 * late for us. */
				vs->doc_view->vs = NULL;
				vs->doc_view = NULL;
			}
#ifdef CONFIG_ECMASCRIPT
			vs->ecmascript_fragile = 1;
#endif
		}

	} else {
		assert(loc);
		if_assert_failed return NULL;

		init_list(loc->frames);
		vs = &loc->vs;
		init_vs(vs, ses->loading_uri, vs->plain);
		add_to_history(&ses->history, loc);
	}

	ses->status.visited = 0;

	/* This is another "branch" in the browsing, so throw away the current
	 * unhistory, we are venturing in another direction! */
	if (ses->task.type == TASK_FORWARD)
		clean_unhistory(&ses->history);
	return vs;
}