Fixed an issue where redirects to socket path-based servers from any server was always allowed.

dimitribouniol · dimitribouniol · commit 6c87c342d786 · 2020-06-16T09:15:14.000-07:00
Motivation: An arbitrary HTTP(S) server should not be able to trigger redirects, and thus activity, to a local socket-path based server, though the opposite may be a valid scenario. Currently, requests in either direction are allowed since the checks don't actually check the destination scheme. Modifications: - Refactored `hostSchemes`/`unixSchemes` to `hostRestrictedSchemes`/`allSupportedSchemes`, which better describes what they do. - Refactored `Request.supports()` to `Request.supportsRedirects(to:)` since it is only used by Redirects now. - Check the destination URL's scheme rather than the current URL's scheme when validating a redirect. Result: Closes swift-server#230
diff --git a/Sources/AsyncHTTPClient/HTTPHandler.swift b/Sources/AsyncHTTPClient/HTTPHandler.swift
@@ -111,8 +111,8 @@ extension HTTPClient {
             /// UNIX Domain Socket HTTP request.
             case unixSocket(_ scheme: UnixScheme)
 
-            private static var hostSchemes = ["http", "https"]
-            private static var unixSchemes = ["unix", "http+unix", "https+unix"]
+            private static var hostRestrictedSchemes: Set = ["http", "https"]
+            private static var allSupportedSchemes: Set = ["http", "https", "unix", "http+unix", "https+unix"]
 
             init(forScheme scheme: String) throws {
                 switch scheme {
@@ -162,12 +162,14 @@ extension HTTPClient {
                 }
             }
 
-            func supports(scheme: String) -> Bool {
+            func supportsRedirects(to scheme: String?) -> Bool {
+                guard let scheme = scheme?.lowercased() else { return false }
+
                 switch self {
                 case .host:
-                    return Kind.hostSchemes.contains(scheme)
+                    return Kind.hostRestrictedSchemes.contains(scheme)
                 case .unixSocket:
-                    return Kind.unixSchemes.contains(scheme)
+                    return Kind.allSupportedSchemes.contains(scheme)
                 }
             }
         }
@@ -1023,7 +1025,7 @@ internal struct RedirectHandler<ResponseType> {
             return nil
         }
 
-        guard self.request.kind.supports(scheme: self.request.scheme) else {
+        guard self.request.kind.supportsRedirects(to: url.scheme) else {
             return nil
         }
 

Original file line number	Diff line number	Diff line change
`@@ -111,8 +111,8 @@ extension HTTPClient {`
`111`	`111`	`/// UNIX Domain Socket HTTP request.`
`112`	`112`	`case unixSocket(_ scheme: UnixScheme)`
`113`	`113`
`114`		`- private static var hostSchemes = ["http", "https"]`
`115`		`- private static var unixSchemes = ["unix", "http+unix", "https+unix"]`
	`114`	`+ private static var hostRestrictedSchemes: Set = ["http", "https"]`
	`115`	`+ private static var allSupportedSchemes: Set = ["http", "https", "unix", "http+unix", "https+unix"]`
`116`	`116`
`117`	`117`	`init(forScheme scheme: String) throws {`
`118`	`118`	`switch scheme {`
`@@ -162,12 +162,14 @@ extension HTTPClient {`
`162`	`162`	`}`
`163`	`163`	`}`
`164`	`164`
`165`		`- func supports(scheme: String) -> Bool {`
	`165`	`+ func supportsRedirects(to scheme: String?) -> Bool {`
	`166`	`+ guard let scheme = scheme?.lowercased() else { return false }`
	`167`	`+`
`166`	`168`	`switch self {`
`167`	`169`	`case .host:`
`168`		`- return Kind.hostSchemes.contains(scheme)`
	`170`	`+ return Kind.hostRestrictedSchemes.contains(scheme)`
`169`	`171`	`case .unixSocket:`
`170`		`- return Kind.unixSchemes.contains(scheme)`
	`172`	`+ return Kind.allSupportedSchemes.contains(scheme)`
`171`	`173`	`}`
`172`	`174`	`}`
`173`	`175`	`}`
`@@ -1023,7 +1025,7 @@ internal struct RedirectHandler<ResponseType> {`
`1023`	`1025`	`return nil`
`1024`	`1026`	`}`
`1025`	`1027`
`1026`		`- guard self.request.kind.supports(scheme: self.request.scheme) else {`
	`1028`	`+ guard self.request.kind.supportsRedirects(to: url.scheme) else {`
`1027`	`1029`	`return nil`
`1028`	`1030`	`}`
`1029`	`1031`