idna9.0.0.go 18 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681
  1. // Copyright 2016 The Go Authors. All rights reserved.
  2. // Use of this source code is governed by a BSD-style
  3. // license that can be found in the LICENSE file.
  4. // +build !go1.10
  5. //go:generate go run gen.go gen_trieval.go gen_common.go
  6. // Package idna implements IDNA2008 using the compatibility processing
  7. // defined by UTS (Unicode Technical Standard) #46, which defines a standard to
  8. // deal with the transition from IDNA2003.
  9. //
  10. // IDNA2008 (Internationalized Domain Names for Applications), is defined in RFC
  11. // 5890, RFC 5891, RFC 5892, RFC 5893 and RFC 5894.
  12. // UTS #46 is defined in https://www.unicode.org/reports/tr46.
  13. // See https://unicode.org/cldr/utility/idna.jsp for a visualization of the
  14. // differences between these two standards.
  15. package idna // import "golang.org/x/text/internal/export/idna"
  16. import (
  17. "fmt"
  18. "strings"
  19. "unicode/utf8"
  20. "golang.org/x/text/secure/bidirule"
  21. "golang.org/x/text/unicode/norm"
  22. )
  23. // NOTE: Unlike common practice in Go APIs, the functions will return a
  24. // sanitized domain name in case of errors. Browsers sometimes use a partially
  25. // evaluated string as lookup.
  26. // TODO: the current error handling is, in my opinion, the least opinionated.
  27. // Other strategies are also viable, though:
  28. // Option 1) Return an empty string in case of error, but allow the user to
  29. // specify explicitly which errors to ignore.
  30. // Option 2) Return the partially evaluated string if it is itself a valid
  31. // string, otherwise return the empty string in case of error.
  32. // Option 3) Option 1 and 2.
  33. // Option 4) Always return an empty string for now and implement Option 1 as
  34. // needed, and document that the return string may not be empty in case of
  35. // error in the future.
  36. // I think Option 1 is best, but it is quite opinionated.
  37. // ToASCII is a wrapper for Punycode.ToASCII.
  38. func ToASCII(s string) (string, error) {
  39. return Punycode.process(s, true)
  40. }
  41. // ToUnicode is a wrapper for Punycode.ToUnicode.
  42. func ToUnicode(s string) (string, error) {
  43. return Punycode.process(s, false)
  44. }
  45. // An Option configures a Profile at creation time.
  46. type Option func(*options)
  47. // Transitional sets a Profile to use the Transitional mapping as defined in UTS
  48. // #46. This will cause, for example, "ß" to be mapped to "ss". Using the
  49. // transitional mapping provides a compromise between IDNA2003 and IDNA2008
  50. // compatibility. It is used by most browsers when resolving domain names. This
  51. // option is only meaningful if combined with MapForLookup.
  52. func Transitional(transitional bool) Option {
  53. return func(o *options) { o.transitional = true }
  54. }
  55. // VerifyDNSLength sets whether a Profile should fail if any of the IDN parts
  56. // are longer than allowed by the RFC.
  57. func VerifyDNSLength(verify bool) Option {
  58. return func(o *options) { o.verifyDNSLength = verify }
  59. }
  60. // RemoveLeadingDots removes leading label separators. Leading runes that map to
  61. // dots, such as U+3002 IDEOGRAPHIC FULL STOP, are removed as well.
  62. //
  63. // This is the behavior suggested by the UTS #46 and is adopted by some
  64. // browsers.
  65. func RemoveLeadingDots(remove bool) Option {
  66. return func(o *options) { o.removeLeadingDots = remove }
  67. }
  68. // ValidateLabels sets whether to check the mandatory label validation criteria
  69. // as defined in Section 5.4 of RFC 5891. This includes testing for correct use
  70. // of hyphens ('-'), normalization, validity of runes, and the context rules.
  71. func ValidateLabels(enable bool) Option {
  72. return func(o *options) {
  73. // Don't override existing mappings, but set one that at least checks
  74. // normalization if it is not set.
  75. if o.mapping == nil && enable {
  76. o.mapping = normalize
  77. }
  78. o.trie = trie
  79. o.validateLabels = enable
  80. o.fromPuny = validateFromPunycode
  81. }
  82. }
  83. // StrictDomainName limits the set of permissable ASCII characters to those
  84. // allowed in domain names as defined in RFC 1034 (A-Z, a-z, 0-9 and the
  85. // hyphen). This is set by default for MapForLookup and ValidateForRegistration.
  86. //
  87. // This option is useful, for instance, for browsers that allow characters
  88. // outside this range, for example a '_' (U+005F LOW LINE). See
  89. // http://www.rfc-editor.org/std/std3.txt for more details This option
  90. // corresponds to the UseSTD3ASCIIRules option in UTS #46.
  91. func StrictDomainName(use bool) Option {
  92. return func(o *options) {
  93. o.trie = trie
  94. o.useSTD3Rules = use
  95. o.fromPuny = validateFromPunycode
  96. }
  97. }
  98. // NOTE: the following options pull in tables. The tables should not be linked
  99. // in as long as the options are not used.
  100. // BidiRule enables the Bidi rule as defined in RFC 5893. Any application
  101. // that relies on proper validation of labels should include this rule.
  102. func BidiRule() Option {
  103. return func(o *options) { o.bidirule = bidirule.ValidString }
  104. }
  105. // ValidateForRegistration sets validation options to verify that a given IDN is
  106. // properly formatted for registration as defined by Section 4 of RFC 5891.
  107. func ValidateForRegistration() Option {
  108. return func(o *options) {
  109. o.mapping = validateRegistration
  110. StrictDomainName(true)(o)
  111. ValidateLabels(true)(o)
  112. VerifyDNSLength(true)(o)
  113. BidiRule()(o)
  114. }
  115. }
  116. // MapForLookup sets validation and mapping options such that a given IDN is
  117. // transformed for domain name lookup according to the requirements set out in
  118. // Section 5 of RFC 5891. The mappings follow the recommendations of RFC 5894,
  119. // RFC 5895 and UTS 46. It does not add the Bidi Rule. Use the BidiRule option
  120. // to add this check.
  121. //
  122. // The mappings include normalization and mapping case, width and other
  123. // compatibility mappings.
  124. func MapForLookup() Option {
  125. return func(o *options) {
  126. o.mapping = validateAndMap
  127. StrictDomainName(true)(o)
  128. ValidateLabels(true)(o)
  129. RemoveLeadingDots(true)(o)
  130. }
  131. }
  132. type options struct {
  133. transitional bool
  134. useSTD3Rules bool
  135. validateLabels bool
  136. verifyDNSLength bool
  137. removeLeadingDots bool
  138. trie *idnaTrie
  139. // fromPuny calls validation rules when converting A-labels to U-labels.
  140. fromPuny func(p *Profile, s string) error
  141. // mapping implements a validation and mapping step as defined in RFC 5895
  142. // or UTS 46, tailored to, for example, domain registration or lookup.
  143. mapping func(p *Profile, s string) (string, error)
  144. // bidirule, if specified, checks whether s conforms to the Bidi Rule
  145. // defined in RFC 5893.
  146. bidirule func(s string) bool
  147. }
  148. // A Profile defines the configuration of a IDNA mapper.
  149. type Profile struct {
  150. options
  151. }
  152. func apply(o *options, opts []Option) {
  153. for _, f := range opts {
  154. f(o)
  155. }
  156. }
  157. // New creates a new Profile.
  158. //
  159. // With no options, the returned Profile is the most permissive and equals the
  160. // Punycode Profile. Options can be passed to further restrict the Profile. The
  161. // MapForLookup and ValidateForRegistration options set a collection of options,
  162. // for lookup and registration purposes respectively, which can be tailored by
  163. // adding more fine-grained options, where later options override earlier
  164. // options.
  165. func New(o ...Option) *Profile {
  166. p := &Profile{}
  167. apply(&p.options, o)
  168. return p
  169. }
  170. // ToASCII converts a domain or domain label to its ASCII form. For example,
  171. // ToASCII("bücher.example.com") is "xn--bcher-kva.example.com", and
  172. // ToASCII("golang") is "golang". If an error is encountered it will return
  173. // an error and a (partially) processed result.
  174. func (p *Profile) ToASCII(s string) (string, error) {
  175. return p.process(s, true)
  176. }
  177. // ToUnicode converts a domain or domain label to its Unicode form. For example,
  178. // ToUnicode("xn--bcher-kva.example.com") is "bücher.example.com", and
  179. // ToUnicode("golang") is "golang". If an error is encountered it will return
  180. // an error and a (partially) processed result.
  181. func (p *Profile) ToUnicode(s string) (string, error) {
  182. pp := *p
  183. pp.transitional = false
  184. return pp.process(s, false)
  185. }
  186. // String reports a string with a description of the profile for debugging
  187. // purposes. The string format may change with different versions.
  188. func (p *Profile) String() string {
  189. s := ""
  190. if p.transitional {
  191. s = "Transitional"
  192. } else {
  193. s = "NonTransitional"
  194. }
  195. if p.useSTD3Rules {
  196. s += ":UseSTD3Rules"
  197. }
  198. if p.validateLabels {
  199. s += ":ValidateLabels"
  200. }
  201. if p.verifyDNSLength {
  202. s += ":VerifyDNSLength"
  203. }
  204. return s
  205. }
  206. var (
  207. // Punycode is a Profile that does raw punycode processing with a minimum
  208. // of validation.
  209. Punycode *Profile = punycode
  210. // Lookup is the recommended profile for looking up domain names, according
  211. // to Section 5 of RFC 5891. The exact configuration of this profile may
  212. // change over time.
  213. Lookup *Profile = lookup
  214. // Display is the recommended profile for displaying domain names.
  215. // The configuration of this profile may change over time.
  216. Display *Profile = display
  217. // Registration is the recommended profile for checking whether a given
  218. // IDN is valid for registration, according to Section 4 of RFC 5891.
  219. Registration *Profile = registration
  220. punycode = &Profile{}
  221. lookup = &Profile{options{
  222. transitional: true,
  223. useSTD3Rules: true,
  224. validateLabels: true,
  225. removeLeadingDots: true,
  226. trie: trie,
  227. fromPuny: validateFromPunycode,
  228. mapping: validateAndMap,
  229. bidirule: bidirule.ValidString,
  230. }}
  231. display = &Profile{options{
  232. useSTD3Rules: true,
  233. validateLabels: true,
  234. removeLeadingDots: true,
  235. trie: trie,
  236. fromPuny: validateFromPunycode,
  237. mapping: validateAndMap,
  238. bidirule: bidirule.ValidString,
  239. }}
  240. registration = &Profile{options{
  241. useSTD3Rules: true,
  242. validateLabels: true,
  243. verifyDNSLength: true,
  244. trie: trie,
  245. fromPuny: validateFromPunycode,
  246. mapping: validateRegistration,
  247. bidirule: bidirule.ValidString,
  248. }}
  249. // TODO: profiles
  250. // Register: recommended for approving domain names: don't do any mappings
  251. // but rather reject on invalid input. Bundle or block deviation characters.
  252. )
  253. type labelError struct{ label, code_ string }
  254. func (e labelError) code() string { return e.code_ }
  255. func (e labelError) Error() string {
  256. return fmt.Sprintf("idna: invalid label %q", e.label)
  257. }
  258. type runeError rune
  259. func (e runeError) code() string { return "P1" }
  260. func (e runeError) Error() string {
  261. return fmt.Sprintf("idna: disallowed rune %U", e)
  262. }
  263. // process implements the algorithm described in section 4 of UTS #46,
  264. // see https://www.unicode.org/reports/tr46.
  265. func (p *Profile) process(s string, toASCII bool) (string, error) {
  266. var err error
  267. if p.mapping != nil {
  268. s, err = p.mapping(p, s)
  269. }
  270. // Remove leading empty labels.
  271. if p.removeLeadingDots {
  272. for ; len(s) > 0 && s[0] == '.'; s = s[1:] {
  273. }
  274. }
  275. // It seems like we should only create this error on ToASCII, but the
  276. // UTS 46 conformance tests suggests we should always check this.
  277. if err == nil && p.verifyDNSLength && s == "" {
  278. err = &labelError{s, "A4"}
  279. }
  280. labels := labelIter{orig: s}
  281. for ; !labels.done(); labels.next() {
  282. label := labels.label()
  283. if label == "" {
  284. // Empty labels are not okay. The label iterator skips the last
  285. // label if it is empty.
  286. if err == nil && p.verifyDNSLength {
  287. err = &labelError{s, "A4"}
  288. }
  289. continue
  290. }
  291. if strings.HasPrefix(label, acePrefix) {
  292. u, err2 := decode(label[len(acePrefix):])
  293. if err2 != nil {
  294. if err == nil {
  295. err = err2
  296. }
  297. // Spec says keep the old label.
  298. continue
  299. }
  300. labels.set(u)
  301. if err == nil && p.validateLabels {
  302. err = p.fromPuny(p, u)
  303. }
  304. if err == nil {
  305. // This should be called on NonTransitional, according to the
  306. // spec, but that currently does not have any effect. Use the
  307. // original profile to preserve options.
  308. err = p.validateLabel(u)
  309. }
  310. } else if err == nil {
  311. err = p.validateLabel(label)
  312. }
  313. }
  314. if toASCII {
  315. for labels.reset(); !labels.done(); labels.next() {
  316. label := labels.label()
  317. if !ascii(label) {
  318. a, err2 := encode(acePrefix, label)
  319. if err == nil {
  320. err = err2
  321. }
  322. label = a
  323. labels.set(a)
  324. }
  325. n := len(label)
  326. if p.verifyDNSLength && err == nil && (n == 0 || n > 63) {
  327. err = &labelError{label, "A4"}
  328. }
  329. }
  330. }
  331. s = labels.result()
  332. if toASCII && p.verifyDNSLength && err == nil {
  333. // Compute the length of the domain name minus the root label and its dot.
  334. n := len(s)
  335. if n > 0 && s[n-1] == '.' {
  336. n--
  337. }
  338. if len(s) < 1 || n > 253 {
  339. err = &labelError{s, "A4"}
  340. }
  341. }
  342. return s, err
  343. }
  344. func normalize(p *Profile, s string) (string, error) {
  345. return norm.NFC.String(s), nil
  346. }
  347. func validateRegistration(p *Profile, s string) (string, error) {
  348. if !norm.NFC.IsNormalString(s) {
  349. return s, &labelError{s, "V1"}
  350. }
  351. for i := 0; i < len(s); {
  352. v, sz := trie.lookupString(s[i:])
  353. // Copy bytes not copied so far.
  354. switch p.simplify(info(v).category()) {
  355. // TODO: handle the NV8 defined in the Unicode idna data set to allow
  356. // for strict conformance to IDNA2008.
  357. case valid, deviation:
  358. case disallowed, mapped, unknown, ignored:
  359. r, _ := utf8.DecodeRuneInString(s[i:])
  360. return s, runeError(r)
  361. }
  362. i += sz
  363. }
  364. return s, nil
  365. }
  366. func validateAndMap(p *Profile, s string) (string, error) {
  367. var (
  368. err error
  369. b []byte
  370. k int
  371. )
  372. for i := 0; i < len(s); {
  373. v, sz := trie.lookupString(s[i:])
  374. start := i
  375. i += sz
  376. // Copy bytes not copied so far.
  377. switch p.simplify(info(v).category()) {
  378. case valid:
  379. continue
  380. case disallowed:
  381. if err == nil {
  382. r, _ := utf8.DecodeRuneInString(s[start:])
  383. err = runeError(r)
  384. }
  385. continue
  386. case mapped, deviation:
  387. b = append(b, s[k:start]...)
  388. b = info(v).appendMapping(b, s[start:i])
  389. case ignored:
  390. b = append(b, s[k:start]...)
  391. // drop the rune
  392. case unknown:
  393. b = append(b, s[k:start]...)
  394. b = append(b, "\ufffd"...)
  395. }
  396. k = i
  397. }
  398. if k == 0 {
  399. // No changes so far.
  400. s = norm.NFC.String(s)
  401. } else {
  402. b = append(b, s[k:]...)
  403. if norm.NFC.QuickSpan(b) != len(b) {
  404. b = norm.NFC.Bytes(b)
  405. }
  406. // TODO: the punycode converters require strings as input.
  407. s = string(b)
  408. }
  409. return s, err
  410. }
  411. // A labelIter allows iterating over domain name labels.
  412. type labelIter struct {
  413. orig string
  414. slice []string
  415. curStart int
  416. curEnd int
  417. i int
  418. }
  419. func (l *labelIter) reset() {
  420. l.curStart = 0
  421. l.curEnd = 0
  422. l.i = 0
  423. }
  424. func (l *labelIter) done() bool {
  425. return l.curStart >= len(l.orig)
  426. }
  427. func (l *labelIter) result() string {
  428. if l.slice != nil {
  429. return strings.Join(l.slice, ".")
  430. }
  431. return l.orig
  432. }
  433. func (l *labelIter) label() string {
  434. if l.slice != nil {
  435. return l.slice[l.i]
  436. }
  437. p := strings.IndexByte(l.orig[l.curStart:], '.')
  438. l.curEnd = l.curStart + p
  439. if p == -1 {
  440. l.curEnd = len(l.orig)
  441. }
  442. return l.orig[l.curStart:l.curEnd]
  443. }
  444. // next sets the value to the next label. It skips the last label if it is empty.
  445. func (l *labelIter) next() {
  446. l.i++
  447. if l.slice != nil {
  448. if l.i >= len(l.slice) || l.i == len(l.slice)-1 && l.slice[l.i] == "" {
  449. l.curStart = len(l.orig)
  450. }
  451. } else {
  452. l.curStart = l.curEnd + 1
  453. if l.curStart == len(l.orig)-1 && l.orig[l.curStart] == '.' {
  454. l.curStart = len(l.orig)
  455. }
  456. }
  457. }
  458. func (l *labelIter) set(s string) {
  459. if l.slice == nil {
  460. l.slice = strings.Split(l.orig, ".")
  461. }
  462. l.slice[l.i] = s
  463. }
  464. // acePrefix is the ASCII Compatible Encoding prefix.
  465. const acePrefix = "xn--"
  466. func (p *Profile) simplify(cat category) category {
  467. switch cat {
  468. case disallowedSTD3Mapped:
  469. if p.useSTD3Rules {
  470. cat = disallowed
  471. } else {
  472. cat = mapped
  473. }
  474. case disallowedSTD3Valid:
  475. if p.useSTD3Rules {
  476. cat = disallowed
  477. } else {
  478. cat = valid
  479. }
  480. case deviation:
  481. if !p.transitional {
  482. cat = valid
  483. }
  484. case validNV8, validXV8:
  485. // TODO: handle V2008
  486. cat = valid
  487. }
  488. return cat
  489. }
  490. func validateFromPunycode(p *Profile, s string) error {
  491. if !norm.NFC.IsNormalString(s) {
  492. return &labelError{s, "V1"}
  493. }
  494. for i := 0; i < len(s); {
  495. v, sz := trie.lookupString(s[i:])
  496. if c := p.simplify(info(v).category()); c != valid && c != deviation {
  497. return &labelError{s, "V6"}
  498. }
  499. i += sz
  500. }
  501. return nil
  502. }
  503. const (
  504. zwnj = "\u200c"
  505. zwj = "\u200d"
  506. )
  507. type joinState int8
  508. const (
  509. stateStart joinState = iota
  510. stateVirama
  511. stateBefore
  512. stateBeforeVirama
  513. stateAfter
  514. stateFAIL
  515. )
  516. var joinStates = [][numJoinTypes]joinState{
  517. stateStart: {
  518. joiningL: stateBefore,
  519. joiningD: stateBefore,
  520. joinZWNJ: stateFAIL,
  521. joinZWJ: stateFAIL,
  522. joinVirama: stateVirama,
  523. },
  524. stateVirama: {
  525. joiningL: stateBefore,
  526. joiningD: stateBefore,
  527. },
  528. stateBefore: {
  529. joiningL: stateBefore,
  530. joiningD: stateBefore,
  531. joiningT: stateBefore,
  532. joinZWNJ: stateAfter,
  533. joinZWJ: stateFAIL,
  534. joinVirama: stateBeforeVirama,
  535. },
  536. stateBeforeVirama: {
  537. joiningL: stateBefore,
  538. joiningD: stateBefore,
  539. joiningT: stateBefore,
  540. },
  541. stateAfter: {
  542. joiningL: stateFAIL,
  543. joiningD: stateBefore,
  544. joiningT: stateAfter,
  545. joiningR: stateStart,
  546. joinZWNJ: stateFAIL,
  547. joinZWJ: stateFAIL,
  548. joinVirama: stateAfter, // no-op as we can't accept joiners here
  549. },
  550. stateFAIL: {
  551. 0: stateFAIL,
  552. joiningL: stateFAIL,
  553. joiningD: stateFAIL,
  554. joiningT: stateFAIL,
  555. joiningR: stateFAIL,
  556. joinZWNJ: stateFAIL,
  557. joinZWJ: stateFAIL,
  558. joinVirama: stateFAIL,
  559. },
  560. }
  561. // validateLabel validates the criteria from Section 4.1. Item 1, 4, and 6 are
  562. // already implicitly satisfied by the overall implementation.
  563. func (p *Profile) validateLabel(s string) error {
  564. if s == "" {
  565. if p.verifyDNSLength {
  566. return &labelError{s, "A4"}
  567. }
  568. return nil
  569. }
  570. if p.bidirule != nil && !p.bidirule(s) {
  571. return &labelError{s, "B"}
  572. }
  573. if !p.validateLabels {
  574. return nil
  575. }
  576. trie := p.trie // p.validateLabels is only set if trie is set.
  577. if len(s) > 4 && s[2] == '-' && s[3] == '-' {
  578. return &labelError{s, "V2"}
  579. }
  580. if s[0] == '-' || s[len(s)-1] == '-' {
  581. return &labelError{s, "V3"}
  582. }
  583. // TODO: merge the use of this in the trie.
  584. v, sz := trie.lookupString(s)
  585. x := info(v)
  586. if x.isModifier() {
  587. return &labelError{s, "V5"}
  588. }
  589. // Quickly return in the absence of zero-width (non) joiners.
  590. if strings.Index(s, zwj) == -1 && strings.Index(s, zwnj) == -1 {
  591. return nil
  592. }
  593. st := stateStart
  594. for i := 0; ; {
  595. jt := x.joinType()
  596. if s[i:i+sz] == zwj {
  597. jt = joinZWJ
  598. } else if s[i:i+sz] == zwnj {
  599. jt = joinZWNJ
  600. }
  601. st = joinStates[st][jt]
  602. if x.isViramaModifier() {
  603. st = joinStates[st][joinVirama]
  604. }
  605. if i += sz; i == len(s) {
  606. break
  607. }
  608. v, sz = trie.lookupString(s[i:])
  609. x = info(v)
  610. }
  611. if st == stateFAIL || st == stateAfter {
  612. return &labelError{s, "C"}
  613. }
  614. return nil
  615. }
  616. func ascii(s string) bool {
  617. for i := 0; i < len(s); i++ {
  618. if s[i] >= utf8.RuneSelf {
  619. return false
  620. }
  621. }
  622. return true
  623. }