diff options
| author | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-08 23:25:04 +0000 |
|---|---|---|
| committer | eroman@chromium.org <eroman@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-06-08 23:25:04 +0000 |
| commit | 5439283ff95a6f7d8b9e6d86c0fd178b0238acaa (patch) | |
| tree | 6b067f14016e3c39adf8eb654ff18fc2ff1886de /net/proxy/proxy_bypass_rules.cc | |
| parent | ec561333496a9b4f7f29718aef43094596f2d489 (diff) | |
| download | chromium_src-5439283ff95a6f7d8b9e6d86c0fd178b0238acaa.zip chromium_src-5439283ff95a6f7d8b9e6d86c0fd178b0238acaa.tar.gz chromium_src-5439283ff95a6f7d8b9e6d86c0fd178b0238acaa.tar.bz2 | |
Allow bypassing a block of IP addresses using CIDR notation in the proxy bypass list.
For example:
10.3.1.3/16
2020:ffff::/96
Note that similar to firefox, this is only applied to IP literals in URLs, and NOT to the resolved addresses of URLs.
BUG=9835
Review URL: http://codereview.chromium.org/2663001
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@49211 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'net/proxy/proxy_bypass_rules.cc')
| -rw-r--r-- | net/proxy/proxy_bypass_rules.cc | 57 |
1 files changed, 54 insertions, 3 deletions
diff --git a/net/proxy/proxy_bypass_rules.cc b/net/proxy/proxy_bypass_rules.cc index 0fb14a7..50481c4 100644 --- a/net/proxy/proxy_bypass_rules.cc +++ b/net/proxy/proxy_bypass_rules.cc @@ -66,6 +66,50 @@ class BypassLocalRule : public ProxyBypassRules::Rule { } }; +// Rule for matching a URL that is an IP address, if that IP address falls +// within a certain numeric range. For example, you could use this rule to +// match all the IPs in the CIDR block 10.10.3.4/24. +class BypassIPBlockRule : public ProxyBypassRules::Rule { + public: + // |ip_prefix| + |prefix_length| define the IP block to match. + BypassIPBlockRule(const std::string& description, + const std::string& optional_scheme, + const IPAddressNumber& ip_prefix, + size_t prefix_length_in_bits) + : description_(description), + optional_scheme_(optional_scheme), + ip_prefix_(ip_prefix), + prefix_length_in_bits_(prefix_length_in_bits) { + } + + virtual bool Matches(const GURL& url) const { + if (!url.HostIsIPAddress()) + return false; + + if (!optional_scheme_.empty() && url.scheme() != optional_scheme_) + return false; // Didn't match scheme expectation. + + // Parse the input IP literal to a number. + IPAddressNumber ip_number; + if (!ParseIPLiteralToNumber(url.HostNoBrackets(), &ip_number)) + return false; + + // Test if it has the expected prefix. + return IPNumberMatchesPrefix(ip_number, ip_prefix_, + prefix_length_in_bits_); + } + + virtual std::string ToString() const { + return description_; + } + + private: + const std::string description_; + const std::string optional_scheme_; + const IPAddressNumber ip_prefix_; + const size_t prefix_length_in_bits_; +}; + // Returns true if the given string represents an IP address. bool IsIPAddress(const std::string& domain) { // From GURL::HostIsIPAddress() @@ -175,9 +219,16 @@ bool ProxyBypassRules::AddRuleFromStringInternal( // If there is a forward slash in the input, it is probably a CIDR style // mask. if (raw.find('/') != std::string::npos) { - // TODO(eroman): support CIDR-style proxy bypass entries - // (http://crbug.com/9835) - return false; + IPAddressNumber ip_prefix; + size_t prefix_length_in_bits; + + if (!ParseCIDRBlock(raw, &ip_prefix, &prefix_length_in_bits)) + return false; + + rules_.push_back( + new BypassIPBlockRule(raw, scheme, ip_prefix, prefix_length_in_bits)); + + return true; } // Check if we have an <ip-address>[:port] input. We need to treat this |