9ff56c9570
From-SVN: r173931
596 lines
16 KiB
Go
596 lines
16 KiB
Go
// Copyright 2009 The Go Authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
// Parse URLs (actually URIs, but that seems overly pedantic).
|
|
// RFC 3986
|
|
|
|
package http
|
|
|
|
import (
|
|
"os"
|
|
"strconv"
|
|
"strings"
|
|
)
|
|
|
|
// URLError reports an error and the operation and URL that caused it.
|
|
type URLError struct {
|
|
Op string
|
|
URL string
|
|
Error os.Error
|
|
}
|
|
|
|
func (e *URLError) String() string { return e.Op + " " + e.URL + ": " + e.Error.String() }
|
|
|
|
func ishex(c byte) bool {
|
|
switch {
|
|
case '0' <= c && c <= '9':
|
|
return true
|
|
case 'a' <= c && c <= 'f':
|
|
return true
|
|
case 'A' <= c && c <= 'F':
|
|
return true
|
|
}
|
|
return false
|
|
}
|
|
|
|
func unhex(c byte) byte {
|
|
switch {
|
|
case '0' <= c && c <= '9':
|
|
return c - '0'
|
|
case 'a' <= c && c <= 'f':
|
|
return c - 'a' + 10
|
|
case 'A' <= c && c <= 'F':
|
|
return c - 'A' + 10
|
|
}
|
|
return 0
|
|
}
|
|
|
|
type encoding int
|
|
|
|
const (
|
|
encodePath encoding = 1 + iota
|
|
encodeUserPassword
|
|
encodeQueryComponent
|
|
encodeFragment
|
|
encodeOpaque
|
|
)
|
|
|
|
|
|
type URLEscapeError string
|
|
|
|
func (e URLEscapeError) String() string {
|
|
return "invalid URL escape " + strconv.Quote(string(e))
|
|
}
|
|
|
|
// Return true if the specified character should be escaped when
|
|
// appearing in a URL string, according to RFC 2396.
|
|
// When 'all' is true the full range of reserved characters are matched.
|
|
func shouldEscape(c byte, mode encoding) bool {
|
|
// RFC 2396 §2.3 Unreserved characters (alphanum)
|
|
if 'A' <= c && c <= 'Z' || 'a' <= c && c <= 'z' || '0' <= c && c <= '9' {
|
|
return false
|
|
}
|
|
switch c {
|
|
case '-', '_', '.', '!', '~', '*', '\'', '(', ')': // §2.3 Unreserved characters (mark)
|
|
return false
|
|
|
|
case '$', '&', '+', ',', '/', ':', ';', '=', '?', '@': // §2.2 Reserved characters (reserved)
|
|
// Different sections of the URL allow a few of
|
|
// the reserved characters to appear unescaped.
|
|
switch mode {
|
|
case encodePath: // §3.3
|
|
// The RFC allows : @ & = + $ , but saves / ; for assigning
|
|
// meaning to individual path segments. This package
|
|
// only manipulates the path as a whole, so we allow those
|
|
// last two as well. Clients that need to distinguish between
|
|
// `/foo;y=z/bar` and `/foo%3by=z/bar` will have to re-decode RawPath.
|
|
// That leaves only ? to escape.
|
|
return c == '?'
|
|
|
|
case encodeUserPassword: // §3.2.2
|
|
// The RFC allows ; : & = + $ , in userinfo, so we must escape only @ and /.
|
|
// The parsing of userinfo treats : as special so we must escape that too.
|
|
return c == '@' || c == '/' || c == ':'
|
|
|
|
case encodeQueryComponent: // §3.4
|
|
// The RFC reserves (so we must escape) everything.
|
|
return true
|
|
|
|
case encodeFragment: // §4.1
|
|
// The RFC text is silent but the grammar allows
|
|
// everything, so escape nothing.
|
|
return false
|
|
|
|
case encodeOpaque: // §3 opaque_part
|
|
// The RFC allows opaque_part to use all characters
|
|
// except that the leading / must be escaped.
|
|
// (We implement that case in String.)
|
|
return false
|
|
}
|
|
}
|
|
|
|
// Everything else must be escaped.
|
|
return true
|
|
}
|
|
|
|
|
|
// URLUnescape unescapes a string in ``URL encoded'' form,
|
|
// converting %AB into the byte 0xAB and '+' into ' ' (space).
|
|
// It returns an error if any % is not followed
|
|
// by two hexadecimal digits.
|
|
// Despite the name, this encoding applies only to individual
|
|
// components of the query portion of the URL.
|
|
func URLUnescape(s string) (string, os.Error) {
|
|
return urlUnescape(s, encodeQueryComponent)
|
|
}
|
|
|
|
// urlUnescape is like URLUnescape but mode specifies
|
|
// which section of the URL is being unescaped.
|
|
func urlUnescape(s string, mode encoding) (string, os.Error) {
|
|
// Count %, check that they're well-formed.
|
|
n := 0
|
|
hasPlus := false
|
|
for i := 0; i < len(s); {
|
|
switch s[i] {
|
|
case '%':
|
|
n++
|
|
if i+2 >= len(s) || !ishex(s[i+1]) || !ishex(s[i+2]) {
|
|
s = s[i:]
|
|
if len(s) > 3 {
|
|
s = s[0:3]
|
|
}
|
|
return "", URLEscapeError(s)
|
|
}
|
|
i += 3
|
|
case '+':
|
|
hasPlus = mode == encodeQueryComponent
|
|
i++
|
|
default:
|
|
i++
|
|
}
|
|
}
|
|
|
|
if n == 0 && !hasPlus {
|
|
return s, nil
|
|
}
|
|
|
|
t := make([]byte, len(s)-2*n)
|
|
j := 0
|
|
for i := 0; i < len(s); {
|
|
switch s[i] {
|
|
case '%':
|
|
t[j] = unhex(s[i+1])<<4 | unhex(s[i+2])
|
|
j++
|
|
i += 3
|
|
case '+':
|
|
if mode == encodeQueryComponent {
|
|
t[j] = ' '
|
|
} else {
|
|
t[j] = '+'
|
|
}
|
|
j++
|
|
i++
|
|
default:
|
|
t[j] = s[i]
|
|
j++
|
|
i++
|
|
}
|
|
}
|
|
return string(t), nil
|
|
}
|
|
|
|
// URLEscape converts a string into ``URL encoded'' form.
|
|
// Despite the name, this encoding applies only to individual
|
|
// components of the query portion of the URL.
|
|
func URLEscape(s string) string {
|
|
return urlEscape(s, encodeQueryComponent)
|
|
}
|
|
|
|
func urlEscape(s string, mode encoding) string {
|
|
spaceCount, hexCount := 0, 0
|
|
for i := 0; i < len(s); i++ {
|
|
c := s[i]
|
|
if shouldEscape(c, mode) {
|
|
if c == ' ' && mode == encodeQueryComponent {
|
|
spaceCount++
|
|
} else {
|
|
hexCount++
|
|
}
|
|
}
|
|
}
|
|
|
|
if spaceCount == 0 && hexCount == 0 {
|
|
return s
|
|
}
|
|
|
|
t := make([]byte, len(s)+2*hexCount)
|
|
j := 0
|
|
for i := 0; i < len(s); i++ {
|
|
switch c := s[i]; {
|
|
case c == ' ' && mode == encodeQueryComponent:
|
|
t[j] = '+'
|
|
j++
|
|
case shouldEscape(c, mode):
|
|
t[j] = '%'
|
|
t[j+1] = "0123456789ABCDEF"[c>>4]
|
|
t[j+2] = "0123456789ABCDEF"[c&15]
|
|
j += 3
|
|
default:
|
|
t[j] = s[i]
|
|
j++
|
|
}
|
|
}
|
|
return string(t)
|
|
}
|
|
|
|
// UnescapeUserinfo parses the RawUserinfo field of a URL
|
|
// as the form user or user:password and unescapes and returns
|
|
// the two halves.
|
|
//
|
|
// This functionality should only be used with legacy web sites.
|
|
// RFC 2396 warns that interpreting Userinfo this way
|
|
// ``is NOT RECOMMENDED, because the passing of authentication
|
|
// information in clear text (such as URI) has proven to be a
|
|
// security risk in almost every case where it has been used.''
|
|
func UnescapeUserinfo(rawUserinfo string) (user, password string, err os.Error) {
|
|
u, p := split(rawUserinfo, ':', true)
|
|
if user, err = urlUnescape(u, encodeUserPassword); err != nil {
|
|
return "", "", err
|
|
}
|
|
if password, err = urlUnescape(p, encodeUserPassword); err != nil {
|
|
return "", "", err
|
|
}
|
|
return
|
|
}
|
|
|
|
// EscapeUserinfo combines user and password in the form
|
|
// user:password (or just user if password is empty) and then
|
|
// escapes it for use as the URL.RawUserinfo field.
|
|
//
|
|
// This functionality should only be used with legacy web sites.
|
|
// RFC 2396 warns that interpreting Userinfo this way
|
|
// ``is NOT RECOMMENDED, because the passing of authentication
|
|
// information in clear text (such as URI) has proven to be a
|
|
// security risk in almost every case where it has been used.''
|
|
func EscapeUserinfo(user, password string) string {
|
|
raw := urlEscape(user, encodeUserPassword)
|
|
if password != "" {
|
|
raw += ":" + urlEscape(password, encodeUserPassword)
|
|
}
|
|
return raw
|
|
}
|
|
|
|
// A URL represents a parsed URL (technically, a URI reference).
|
|
// The general form represented is:
|
|
// scheme://[userinfo@]host/path[?query][#fragment]
|
|
// The Raw, RawAuthority, RawPath, and RawQuery fields are in "wire format"
|
|
// (special characters must be hex-escaped if not meant to have special meaning).
|
|
// All other fields are logical values; '+' or '%' represent themselves.
|
|
//
|
|
// The various Raw values are supplied in wire format because
|
|
// clients typically have to split them into pieces before further
|
|
// decoding.
|
|
type URL struct {
|
|
Raw string // the original string
|
|
Scheme string // scheme
|
|
RawAuthority string // [userinfo@]host
|
|
RawUserinfo string // userinfo
|
|
Host string // host
|
|
RawPath string // /path[?query][#fragment]
|
|
Path string // /path
|
|
OpaquePath bool // path is opaque (unrooted when scheme is present)
|
|
RawQuery string // query
|
|
Fragment string // fragment
|
|
}
|
|
|
|
// Maybe rawurl is of the form scheme:path.
|
|
// (Scheme must be [a-zA-Z][a-zA-Z0-9+-.]*)
|
|
// If so, return scheme, path; else return "", rawurl.
|
|
func getscheme(rawurl string) (scheme, path string, err os.Error) {
|
|
for i := 0; i < len(rawurl); i++ {
|
|
c := rawurl[i]
|
|
switch {
|
|
case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z':
|
|
// do nothing
|
|
case '0' <= c && c <= '9' || c == '+' || c == '-' || c == '.':
|
|
if i == 0 {
|
|
return "", rawurl, nil
|
|
}
|
|
case c == ':':
|
|
if i == 0 {
|
|
return "", "", os.ErrorString("missing protocol scheme")
|
|
}
|
|
return rawurl[0:i], rawurl[i+1:], nil
|
|
default:
|
|
// we have encountered an invalid character,
|
|
// so there is no valid scheme
|
|
return "", rawurl, nil
|
|
}
|
|
}
|
|
return "", rawurl, nil
|
|
}
|
|
|
|
// Maybe s is of the form t c u.
|
|
// If so, return t, c u (or t, u if cutc == true).
|
|
// If not, return s, "".
|
|
func split(s string, c byte, cutc bool) (string, string) {
|
|
for i := 0; i < len(s); i++ {
|
|
if s[i] == c {
|
|
if cutc {
|
|
return s[0:i], s[i+1:]
|
|
}
|
|
return s[0:i], s[i:]
|
|
}
|
|
}
|
|
return s, ""
|
|
}
|
|
|
|
// ParseURL parses rawurl into a URL structure.
|
|
// The string rawurl is assumed not to have a #fragment suffix.
|
|
// (Web browsers strip #fragment before sending the URL to a web server.)
|
|
// The rawurl may be relative or absolute.
|
|
func ParseURL(rawurl string) (url *URL, err os.Error) {
|
|
return parseURL(rawurl, false)
|
|
}
|
|
|
|
// ParseRequestURL parses rawurl into a URL structure. It assumes that
|
|
// rawurl was received from an HTTP request, so the rawurl is interpreted
|
|
// only as an absolute URI or an absolute path.
|
|
// The string rawurl is assumed not to have a #fragment suffix.
|
|
// (Web browsers strip #fragment before sending the URL to a web server.)
|
|
func ParseRequestURL(rawurl string) (url *URL, err os.Error) {
|
|
return parseURL(rawurl, true)
|
|
}
|
|
|
|
// parseURL parses a URL from a string in one of two contexts. If
|
|
// viaRequest is true, the URL is assumed to have arrived via an HTTP request,
|
|
// in which case only absolute URLs or path-absolute relative URLs are allowed.
|
|
// If viaRequest is false, all forms of relative URLs are allowed.
|
|
func parseURL(rawurl string, viaRequest bool) (url *URL, err os.Error) {
|
|
if rawurl == "" {
|
|
err = os.ErrorString("empty url")
|
|
goto Error
|
|
}
|
|
url = new(URL)
|
|
url.Raw = rawurl
|
|
|
|
// Split off possible leading "http:", "mailto:", etc.
|
|
// Cannot contain escaped characters.
|
|
var path string
|
|
if url.Scheme, path, err = getscheme(rawurl); err != nil {
|
|
goto Error
|
|
}
|
|
|
|
leadingSlash := strings.HasPrefix(path, "/")
|
|
|
|
if url.Scheme != "" && !leadingSlash {
|
|
// RFC 2396:
|
|
// Absolute URI (has scheme) with non-rooted path
|
|
// is uninterpreted. It doesn't even have a ?query.
|
|
// This is the case that handles mailto:name@example.com.
|
|
url.RawPath = path
|
|
|
|
if url.Path, err = urlUnescape(path, encodeOpaque); err != nil {
|
|
goto Error
|
|
}
|
|
url.OpaquePath = true
|
|
} else {
|
|
if viaRequest && !leadingSlash {
|
|
err = os.ErrorString("invalid URI for request")
|
|
goto Error
|
|
}
|
|
|
|
// Split off query before parsing path further.
|
|
url.RawPath = path
|
|
path, query := split(path, '?', false)
|
|
if len(query) > 1 {
|
|
url.RawQuery = query[1:]
|
|
}
|
|
|
|
// Maybe path is //authority/path
|
|
if (url.Scheme != "" || !viaRequest) &&
|
|
strings.HasPrefix(path, "//") && !strings.HasPrefix(path, "///") {
|
|
url.RawAuthority, path = split(path[2:], '/', false)
|
|
url.RawPath = url.RawPath[2+len(url.RawAuthority):]
|
|
}
|
|
|
|
// Split authority into userinfo@host.
|
|
// If there's no @, split's default is wrong. Check explicitly.
|
|
var rawHost string
|
|
if strings.Index(url.RawAuthority, "@") < 0 {
|
|
rawHost = url.RawAuthority
|
|
} else {
|
|
url.RawUserinfo, rawHost = split(url.RawAuthority, '@', true)
|
|
}
|
|
|
|
// We leave RawAuthority only in raw form because clients
|
|
// of common protocols should be using Userinfo and Host
|
|
// instead. Clients that wish to use RawAuthority will have to
|
|
// interpret it themselves: RFC 2396 does not define the meaning.
|
|
|
|
if strings.Contains(rawHost, "%") {
|
|
// Host cannot contain escaped characters.
|
|
err = os.ErrorString("hexadecimal escape in host")
|
|
goto Error
|
|
}
|
|
url.Host = rawHost
|
|
|
|
if url.Path, err = urlUnescape(path, encodePath); err != nil {
|
|
goto Error
|
|
}
|
|
}
|
|
return url, nil
|
|
|
|
Error:
|
|
return nil, &URLError{"parse", rawurl, err}
|
|
|
|
}
|
|
|
|
// ParseURLReference is like ParseURL but allows a trailing #fragment.
|
|
func ParseURLReference(rawurlref string) (url *URL, err os.Error) {
|
|
// Cut off #frag.
|
|
rawurl, frag := split(rawurlref, '#', false)
|
|
if url, err = ParseURL(rawurl); err != nil {
|
|
return nil, err
|
|
}
|
|
url.Raw += frag
|
|
url.RawPath += frag
|
|
if len(frag) > 1 {
|
|
frag = frag[1:]
|
|
if url.Fragment, err = urlUnescape(frag, encodeFragment); err != nil {
|
|
return nil, &URLError{"parse", rawurl, err}
|
|
}
|
|
}
|
|
return url, nil
|
|
}
|
|
|
|
// String reassembles url into a valid URL string.
|
|
//
|
|
// There are redundant fields stored in the URL structure:
|
|
// the String method consults Scheme, Path, Host, RawUserinfo,
|
|
// RawQuery, and Fragment, but not Raw, RawPath or RawAuthority.
|
|
func (url *URL) String() string {
|
|
result := ""
|
|
if url.Scheme != "" {
|
|
result += url.Scheme + ":"
|
|
}
|
|
if url.Host != "" || url.RawUserinfo != "" {
|
|
result += "//"
|
|
if url.RawUserinfo != "" {
|
|
// hide the password, if any
|
|
info := url.RawUserinfo
|
|
if i := strings.Index(info, ":"); i >= 0 {
|
|
info = info[0:i] + ":******"
|
|
}
|
|
result += info + "@"
|
|
}
|
|
result += url.Host
|
|
}
|
|
if url.OpaquePath {
|
|
path := url.Path
|
|
if strings.HasPrefix(path, "/") {
|
|
result += "%2f"
|
|
path = path[1:]
|
|
}
|
|
result += urlEscape(path, encodeOpaque)
|
|
} else {
|
|
result += urlEscape(url.Path, encodePath)
|
|
}
|
|
if url.RawQuery != "" {
|
|
result += "?" + url.RawQuery
|
|
}
|
|
if url.Fragment != "" {
|
|
result += "#" + urlEscape(url.Fragment, encodeFragment)
|
|
}
|
|
return result
|
|
}
|
|
|
|
// EncodeQuery encodes the query represented as a multimap.
|
|
func EncodeQuery(m map[string][]string) string {
|
|
parts := make([]string, 0, len(m)) // will be large enough for most uses
|
|
for k, vs := range m {
|
|
prefix := URLEscape(k) + "="
|
|
for _, v := range vs {
|
|
parts = append(parts, prefix+URLEscape(v))
|
|
}
|
|
}
|
|
return strings.Join(parts, "&")
|
|
}
|
|
|
|
// resolvePath applies special path segments from refs and applies
|
|
// them to base, per RFC 2396.
|
|
func resolvePath(basepath string, refpath string) string {
|
|
base := strings.Split(basepath, "/", -1)
|
|
refs := strings.Split(refpath, "/", -1)
|
|
if len(base) == 0 {
|
|
base = []string{""}
|
|
}
|
|
for idx, ref := range refs {
|
|
switch {
|
|
case ref == ".":
|
|
base[len(base)-1] = ""
|
|
case ref == "..":
|
|
newLen := len(base) - 1
|
|
if newLen < 1 {
|
|
newLen = 1
|
|
}
|
|
base = base[0:newLen]
|
|
base[len(base)-1] = ""
|
|
default:
|
|
if idx == 0 || base[len(base)-1] == "" {
|
|
base[len(base)-1] = ref
|
|
} else {
|
|
base = append(base, ref)
|
|
}
|
|
}
|
|
}
|
|
return strings.Join(base, "/")
|
|
}
|
|
|
|
// IsAbs returns true if the URL is absolute.
|
|
func (url *URL) IsAbs() bool {
|
|
return url.Scheme != ""
|
|
}
|
|
|
|
// ParseURL parses a URL in the context of a base URL. The URL in ref
|
|
// may be relative or absolute. ParseURL returns nil, err on parse
|
|
// failure, otherwise its return value is the same as ResolveReference.
|
|
func (base *URL) ParseURL(ref string) (*URL, os.Error) {
|
|
refurl, err := ParseURL(ref)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return base.ResolveReference(refurl), nil
|
|
}
|
|
|
|
// ResolveReference resolves a URI reference to an absolute URI from
|
|
// an absolute base URI, per RFC 2396 Section 5.2. The URI reference
|
|
// may be relative or absolute. ResolveReference always returns a new
|
|
// URL instance, even if the returned URL is identical to either the
|
|
// base or reference. If ref is an absolute URL, then ResolveReference
|
|
// ignores base and returns a copy of ref.
|
|
func (base *URL) ResolveReference(ref *URL) *URL {
|
|
url := new(URL)
|
|
switch {
|
|
case ref.IsAbs():
|
|
*url = *ref
|
|
default:
|
|
// relativeURI = ( net_path | abs_path | rel_path ) [ "?" query ]
|
|
*url = *base
|
|
if ref.RawAuthority != "" {
|
|
// The "net_path" case.
|
|
url.RawAuthority = ref.RawAuthority
|
|
url.Host = ref.Host
|
|
url.RawUserinfo = ref.RawUserinfo
|
|
}
|
|
switch {
|
|
case url.OpaquePath:
|
|
url.Path = ref.Path
|
|
url.RawPath = ref.RawPath
|
|
url.RawQuery = ref.RawQuery
|
|
case strings.HasPrefix(ref.Path, "/"):
|
|
// The "abs_path" case.
|
|
url.Path = ref.Path
|
|
url.RawPath = ref.RawPath
|
|
url.RawQuery = ref.RawQuery
|
|
default:
|
|
// The "rel_path" case.
|
|
path := resolvePath(base.Path, ref.Path)
|
|
if !strings.HasPrefix(path, "/") {
|
|
path = "/" + path
|
|
}
|
|
url.Path = path
|
|
url.RawPath = url.Path
|
|
url.RawQuery = ref.RawQuery
|
|
if ref.RawQuery != "" {
|
|
url.RawPath += "?" + url.RawQuery
|
|
}
|
|
}
|
|
|
|
url.Fragment = ref.Fragment
|
|
}
|
|
url.Raw = url.String()
|
|
return url
|
|
}
|