Drop from DIAL-1.0.5-7635a6c.tar.gz
Change-Id: I3dc895e04fe45e34e419bbef3f00cc1bede31dbf
diff --git a/Changelog b/Changelog
index 1b47bfc..85f5bfe 100644
--- a/Changelog
+++ b/Changelog
@@ -1,4 +1,18 @@
---------------------------------------------------------------------
+Version 1.0.5 (06edbce)
+---------------------------------------------------------------------
+Server changes:
+ - CORE compliance security patch
+ - Added CORS compliance test scripts
+
+---------------------------------------------------------------------
+Version 1.0.4 (1673785)
+---------------------------------------------------------------------
+Server changes:
+ - Update to DIAL specificiation 1.7
+ - Catch SIGTERM so that we don't self terminate.
+
+---------------------------------------------------------------------
Version 1.0.2 (1673785)
---------------------------------------------------------------------
Server changes:
diff --git a/LICENSE b/LICENSE
index cfc42fa..0ab73c0 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,4 +1,4 @@
-Copyright (c) 2012 Netflix, Inc.
+Copyright (c) 2015 Netflix, Inc.
All rights reserved.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
diff --git a/README b/README
index be020f5..befd198 100644
--- a/README
+++ b/README
@@ -4,13 +4,11 @@
1) Define the TARGET environment variable to point to the CC compiler prefix
for your target platform.
- For example, using the NRDP-3.2 x86 desktop toolchain, the CC is located at:
- /usr/local/i686-netflix-linux-gnu-3.2/bin/i686-netflix-linux-gnu-gcc
2) Run make, passing in your TARGET value.
For example:
- TARGET=/usr/local/i686-netflix-linux-gnu-3.2/bin/i686-netflix-linux-gnu- make
+ TARGET=/usr/local/i686-DIAL-EXAMPLE/bin/i686-DIAL-EXAMPLE make
--------------------------------------------------------------------------------
Running the DIAL server
@@ -19,7 +17,6 @@
has been initialized, and it should remain running at all times (a daemon
process in the system).
-Sample SysV init scripts are available on the Netflix NRD Partner portal.
--------------------------------------------------------------------------------
Building the DIAL client
@@ -30,16 +27,8 @@
your desktop (development) machine.
The DIAL client uses CURL to send HTTP REST commands to the DIAL server, so to
-build the client, you need to ensure that the CURL dependecies are
-defined properly. If you are a Netflix NRD partner and have the NRD Platform
-desktop toolchain installed, it includes libcurl. To build against that version,
-use the following build command:
-
-TARGET=/usr/local/i686-netflix-linux-gnu-3.2/bin/i686-netflix-linux-gnu- \
-LDFLAGS="-L/usr/local/i686-netflix-linux-gnu-3.2/netflix/lib \
--Wl,-rpath,/usr/local/i686-netflix-linux-gnu-3.2/netflix/lib" \
-INCLUDES=-I/usr/local/i686-netflix-linux-gnu-3.2/netflix/include \
-make
+build the client, you need to ensure that the CURL dependencies are
+defined properly.
Alternatively, you can build against a different, current version of libcurl.
Adjust the INCLUDES and LDFLAGS definitions to point to your actual libcurl
diff --git a/src/client/DialClientInput.cpp b/src/client/DialClientInput.cpp
index 4192b86..0ab4779 100644
--- a/src/client/DialClientInput.cpp
+++ b/src/client/DialClientInput.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/DialClientInput.h b/src/client/DialClientInput.h
index b31f546..e53d260 100644
--- a/src/client/DialClientInput.h
+++ b/src/client/DialClientInput.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/DialConformance.cpp b/src/client/DialConformance.cpp
index cb18290..1aa8080 100644
--- a/src/client/DialConformance.cpp
+++ b/src/client/DialConformance.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -32,6 +32,7 @@
#include <time.h>
#include <stdio.h>
#include <stdlib.h>
+#include <unistd.h>
// Number of milliseconds to sleep between launches when doing a launch=ALL
#define LAUNCH_SLEEP 6000
diff --git a/src/client/DialConformance.h b/src/client/DialConformance.h
index 49c7c97..b6c4298 100644
--- a/src/client/DialConformance.h
+++ b/src/client/DialConformance.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/DialDiscovery.cpp b/src/client/DialDiscovery.cpp
index bfaa301..efb37af 100644
--- a/src/client/DialDiscovery.cpp
+++ b/src/client/DialDiscovery.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -48,8 +48,8 @@
DialDiscovery *DialDiscovery::sDiscovery = 0;
-static char ip_addr[INET_ADDRSTRLEN] = "127.0.0.1";
-static int my_port = 0;
+//static char ip_addr[INET_ADDRSTRLEN] = "127.0.0.1";
+//static int my_port = 0;
static struct sockaddr_in saddr;
typedef struct
{
@@ -152,6 +152,7 @@
curl_easy_setopt(curl, CURLOPT_WRITEDATA, &ddxml);
res = curl_easy_perform(curl);
+ (void)(res);
curl_easy_cleanup(curl);
//curl_global_cleanup();
}
@@ -253,7 +254,8 @@
pthread_attr_t attr;
search_conn connection;
- send_size = snprintf(send_buf, sizeof(send_buf), ssdp_msearch, ip_addr, my_port);
+ // send_size = snprintf(send_buf, sizeof(send_buf), ssdp_msearch, ip_addr, my_port);
+ send_size = snprintf(send_buf, sizeof(send_buf), ssdp_msearch);
ATRACE("[%s:%d] %s\n", __FUNCTION__, __LINE__, send_buf);
if (-1 == (my_sock = socket(AF_INET, SOCK_DGRAM, 0))) {
diff --git a/src/client/DialDiscovery.h b/src/client/DialDiscovery.h
index 81d67a5..c6ba01f 100644
--- a/src/client/DialDiscovery.h
+++ b/src/client/DialDiscovery.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/DialServer.cpp b/src/client/DialServer.cpp
index 794fd66..951727d 100644
--- a/src/client/DialServer.cpp
+++ b/src/client/DialServer.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/DialServer.h b/src/client/DialServer.h
index 92d36f2..59b5aa7 100644
--- a/src/client/DialServer.h
+++ b/src/client/DialServer.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/client/main.cpp b/src/client/main.cpp
index 9eabebb..c882207 100644
--- a/src/client/main.cpp
+++ b/src/client/main.cpp
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -30,6 +30,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
using namespace std;
diff --git a/src/server/dial_data.c b/src/server/dial_data.c
index 9ed256b..9587d1c 100644
--- a/src/server/dial_data.c
+++ b/src/server/dial_data.c
@@ -1,4 +1,28 @@
/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
* Functions related to storing/retrieving and manipulating DIAL data.
*/
#include "dial_data.h"
diff --git a/src/server/dial_data.h b/src/server/dial_data.h
index 28a2b49..faf5ba2 100644
--- a/src/server/dial_data.h
+++ b/src/server/dial_data.h
@@ -1,4 +1,28 @@
/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+/*
* Defines functions for persisting and retrieving DIAL data.
*/
diff --git a/src/server/dial_options.h b/src/server/dial_options.h
index 9d67392..52bd052 100644
--- a/src/server/dial_options.h
+++ b/src/server/dial_options.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/server/dial_server.c b/src/server/dial_server.c
index ddb5db2..8cec387 100644
--- a/src/server/dial_server.c
+++ b/src/server/dial_server.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -258,7 +258,7 @@
app = *find_app(ds, app_name);
// update the application state
- if (!app) {
+ if (app) {
app->state = app->callbacks.status_cb(ds, app_name, app->run_id,
&canStop, app->callback_data);
}
@@ -340,19 +340,70 @@
return strncmp(str + lenstr - lensuffix, suffix, lensuffix) == 0;
}
-static int is_allowed_origin(DIALServer* ds, char * origin) {
- if (!origin || strlen(origin)==0) {
+
+// str contains a white space separated list of strings (only supports SPACE characters for now)
+static int ends_with_in_list (const char *str, const char *list) {
+ if (!str || !list)
return 0;
+
+ const char * scanPointer=list;
+ const char * spacePointer;
+ unsigned int substringSize = 257;
+ char *substring = (char *)malloc(substringSize);
+ if (!substring){
+ return 0;
+ }
+ while ( (spacePointer =strchr(scanPointer, ' ')) != NULL) {
+ int copyLength = spacePointer - scanPointer;
+
+ // protect against buffer overflow
+ if (copyLength>=substringSize){
+ substringSize=copyLength+1;
+ free(substring);
+ substring=(char *)malloc(substringSize);
+ if (!substring){
+ return 0;
+ }
+ }
+
+ memcpy(substring, scanPointer, copyLength);
+ substring[copyLength] = '\0';
+ //printf("found %s \n", substring);
+ if (ends_with(str, substring)) {
+ free(substring);
+ return 1;
+ }
+ scanPointer = scanPointer + copyLength + 1; // assumption: only 1 character
+ }
+ free(substring);
+ return ends_with(str, scanPointer);
+}
+
+static int should_check_for_origin( char * origin ) {
+ const char * const CHECK_PROTOS[] = { "http:", "https:", "file:" };
+ for (int i = 0; i < 3; ++i) {
+ if (!strncmp(origin, CHECK_PROTOS[i], strlen(CHECK_PROTOS[i]) - 1)) {
+ return 1;
+ }
+ }
+ return 0;
+}
+
+static int is_allowed_origin(DIALServer* ds, char * origin, const char * app_name) {
+ if (!origin || strlen(origin)==0 || !should_check_for_origin(origin)) {
+ return 1;
}
ds_lock(ds);
DIALApp *app;
int result = 0;
for (app = ds->apps; app != NULL; app = app->next) {
- if (app->corsAllowedOrigin[0] &&
- ends_with(origin, app->corsAllowedOrigin)) {
- result = 1;
- break;
+ if (!strcmp(app->name, app_name)) {
+ if (!app->corsAllowedOrigin[0] ||
+ ends_with_in_list(origin, app->corsAllowedOrigin)) {
+ result = 1;
+ break;
+ }
}
}
ds_unlock(ds);
@@ -363,6 +414,25 @@
#define APPS_URI "/apps/"
#define RUN_URI "/run"
+static void *options_response(DIALServer *ds, struct mg_connection *conn, char *host_header, char *origin_header, const char* app_name, const char* methods)
+{
+ if (host_header && is_allowed_origin(ds, origin_header, app_name)) {
+ mg_printf(
+ conn,
+ "HTTP/1.1 204 No Content\r\n"
+ "Access-Control-Allow-Methods: %s\r\n"
+ "Access-Control-Max-Age: 86400\r\n"
+ "Access-Control-Allow-Origin: %s\r\n"
+ "Content-Length: 0"
+ "\r\n",
+ methods,
+ origin_header);
+ return "done";
+ }
+ mg_send_http_error(conn, 403, "Forbidden", "Forbidden");
+ return "done";
+}
+
static void *request_handler(enum mg_event event, struct mg_connection *conn,
const struct mg_request_info *request_info) {
DIALServer *ds = request_info->user_data;
@@ -380,24 +450,6 @@
}
fprintf(stderr, "Origin %s, Host: %s\n", origin_header, host_header);
if (event == MG_NEW_REQUEST) {
- // CORS OPTIONS request
- if (!strcmp(request_info->request_method, "OPTIONS")) {
- //TODO: for extra safety, also check that host header matches origin
- if (host_header && origin_header && is_allowed_origin(ds, origin_header)) {
- mg_printf(
- conn,
- "HTTP/1.1 204 No Content\r\n"
- "Access-Control-Allow-Methods: GET, POST, DELETE, OPTIONS\r\n"
- "Access-Control-Max-Age: 86400\r\n"
- "Access-Control-Allow-Origin: %s\r\n"
- "Content-Length: 0"
- "\r\n",
- origin_header);
- return "done";
- }
- mg_send_http_error(conn, 403, "Forbidden", "Forbidden");
- return "done";
- }
// URL ends with run
if (!strncmp(request_info->uri + strlen(request_info->uri) - 4, RUN_URI,
strlen(RUN_URI))) {
@@ -405,10 +457,19 @@
strncpy(app_name, request_info->uri + strlen(APPS_URI),
((strlen(request_info->uri) - 4) - (sizeof(APPS_URI) - 1)));
+ if (!strcmp(request_info->request_method, "OPTIONS")) {
+ return options_response(ds, conn, host_header, origin_header, app_name, "DELETE, OPTIONS");
+ }
+
// DELETE non-empty app name
if (app_name[0] != '\0'
&& !strcmp(request_info->request_method, "DELETE")) {
- handle_app_stop(conn, request_info, app_name, origin_header);
+ if (host_header && is_allowed_origin(ds, origin_header, app_name)) {
+ handle_app_stop(conn, request_info, app_name, origin_header);
+ } else {
+ mg_send_http_error(conn, 403, "Forbidden", "Forbidden");
+ return "done";
+ }
} else {
mg_send_http_error(conn, 501, "Not Implemented",
"Not Implemented");
@@ -419,10 +480,20 @@
&& !strchr(request_info->uri + strlen(APPS_URI), '/')) {
const char *app_name;
app_name = request_info->uri + sizeof(APPS_URI) - 1;
+
+ if (!strcmp(request_info->request_method, "OPTIONS")) {
+ return options_response(ds, conn, host_header, origin_header, app_name, "GET, POST, OPTIONS");
+ }
+
// start app
if (!strcmp(request_info->request_method, "POST")) {
- handle_app_start(conn, request_info, app_name, origin_header);
- // get app status
+ if (host_header && is_allowed_origin(ds, origin_header, app_name)) {
+ handle_app_start(conn, request_info, app_name, origin_header);
+ } else {
+ mg_send_http_error(conn, 403, "Forbidden", "Forbidden");
+ return "done";
+ }
+ // get app status
} else if (!strcmp(request_info->request_method, "GET")) {
handle_app_status(conn, request_info, app_name, origin_header);
} else {
@@ -437,10 +508,19 @@
inet_ntop(addr->sin_family, &addr->sin_addr, laddr, sizeof(laddr));
if ( !strncmp(laddr, gLocalhost, strlen(gLocalhost)) ) {
char *app_name = parse_app_name(request_info->uri);
+
+ if (!strcmp(request_info->request_method, "OPTIONS")) {
+ void *ret = options_response(ds, conn, host_header, origin_header, app_name, "POST, OPTIONS");
+ free(app_name);
+ return ret;
+ }
+
int use_payload =
strcmp(request_info->request_method, "POST") ? 0 : 1;
handle_dial_data(conn, request_info, app_name, origin_header,
use_payload);
+
+ free(app_name);
} else {
// If the request is not from local host, return an error
mg_send_http_error(conn, 403, "Forbidden", "Forbidden");
diff --git a/src/server/dial_server.h b/src/server/dial_server.h
index 43eeb82..42721fb 100644
--- a/src/server/dial_server.h
+++ b/src/server/dial_server.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
diff --git a/src/server/main.c b/src/server/main.c
index d52a12e..51e1fba 100644
--- a/src/server/main.c
+++ b/src/server/main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -37,6 +37,7 @@
#include "dial_server.h"
#include "dial_options.h"
+#include <signal.h>
#define BUFSIZE 256
@@ -85,6 +86,15 @@
return match;
}
+void signalHandler(int signal)
+{
+ switch(signal)
+ {
+ case SIGTERM:
+ // just ignore this, we don't want to die
+ break;
+ }
+}
/* The URL encoding source code was obtained here:
* http://www.geekhideout.com/urlcode.shtml
@@ -355,8 +365,8 @@
struct DIALAppCallbacks cb_nf = {netflix_start, netflix_stop, netflix_status};
struct DIALAppCallbacks cb_yt = {youtube_start, youtube_stop, youtube_status};
- DIAL_register_app(ds, "Netflix", &cb_nf, NULL, 1, "netflix.com");
- DIAL_register_app(ds, "YouTube", &cb_yt, NULL, 1, "youtube.com");
+ DIAL_register_app(ds, "Netflix", &cb_nf, NULL, 1, ".netflix.com");
+ DIAL_register_app(ds, "YouTube", &cb_yt, NULL, 1, ".youtube.com");
DIAL_start(ds);
gDialPort = DIAL_get_port(ds);
@@ -396,6 +406,12 @@
int main(int argc, char* argv[])
{
+ struct sigaction action;
+ action.sa_handler = signalHandler;
+ sigemptyset(&action.sa_mask);
+ action.sa_flags = 0;
+ sigaction(SIGTERM, &action, NULL);
+
srand(time(NULL));
int i;
i = isAppRunning(spAppNetflix, NULL );
diff --git a/src/server/quick_ssdp.c b/src/server/quick_ssdp.c
index bd77637..2331a04 100644
--- a/src/server/quick_ssdp.c
+++ b/src/server/quick_ssdp.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2012 Netflix, Inc.
+ * Copyright (c) 2014 Netflix, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
@@ -42,11 +42,7 @@
static char gBuf[4096];
// TODO: Partners should get the friendlyName from the system and insert here.
-// TODO: Partners should ensure the friendlyName is the same string returned
-// in the ISsystem::getFriendlyName DPI function.
// TODO: Partners should get the UUID from the system and insert here.
-// TODO: Partners should ensure the modelName is identifiably similar to the
-// model name returned in the ISystem::getDeviceModel DPI function
static const char ddxml[] = ""
"<?xml version=\"1.0\"?>"
"<root"
diff --git a/src/server/tests/run_tests.c b/src/server/tests/run_tests.c
index 6fe3ef2..dedafd0 100644
--- a/src/server/tests/run_tests.c
+++ b/src/server/tests/run_tests.c
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#include "test_dial_data.h"
#include "test_url_lib.h"
diff --git a/src/server/tests/test.h b/src/server/tests/test.h
index e2ad1ad..1cb9295 100644
--- a/src/server/tests/test.h
+++ b/src/server/tests/test.h
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
// Macros to simplify testing functions.
#ifndef SRC_SERVER_TESTS_TEST_H_
diff --git a/src/server/tests/test_cors.html b/src/server/tests/test_cors.html
new file mode 100644
index 0000000..451a96e
--- /dev/null
+++ b/src/server/tests/test_cors.html
@@ -0,0 +1,57 @@
+<!DOCTYPE html>
+<!--
+To change this license header, choose License Headers in Project Properties.
+To change this template file, choose Tools | Templates
+and open the template in the editor.
+-->
+<html>
+ <head>
+ <title>DIAL Security Test CORS</title>
+ <meta charset="UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <script type="text/javascript" src="http://code.jquery.com/jquery-1.11.2.min.js"></script>
+ <script>
+ $(document).ready(function(){
+
+ var makePost=function(app){
+ console.log("make dial post...");
+ var ip = $("#ipAddress").val();
+ var port = $("#dialPort").val();
+ var urlStr = "http://"+ip+":"+port+"/apps/"+app;
+ console.log(urlStr);
+ $("#status").text("posted to "+urlStr);
+ $.ajax({
+ type: "POST",
+ url: urlStr,
+ data: "v=QH2-TGUlwu4",
+ dataType: "text/plain; charset=\"utf-8\""
+ });
+ };
+
+ $( "#testNetflix" ).click(function(){
+ console.log("testing Netflix");
+ makePost("Netflix");
+ });
+
+ $( "#testYoutube" ).click(function(){
+ console.log("testing Youtube");
+ makePost("Youtube");
+ });
+
+ });
+ </script>
+ </head>
+ <body>
+ <input id="ipAddress" type="text" name="ip" value="192.168.1.100">
+ <input id="dialPort" type="text" name="port" value="8060">
+ <p>
+ <button id="testNetflix">Test Netflix</button>
+ <button id="testYoutube">Test Youtube</button>
+ </p>
+ <p>
+ <div id="status"></div>
+ </p>
+ </body>
+</html>
+
+
diff --git a/src/server/tests/test_cors.sh b/src/server/tests/test_cors.sh
new file mode 100755
index 0000000..088fe02
--- /dev/null
+++ b/src/server/tests/test_cors.sh
@@ -0,0 +1,71 @@
+#!/bin/bash
+
+if [ $# -eq 0 ]; then
+ echo "usage: `basename $0`: <DIAL server ip address> <port> "
+ exit 1
+fi
+
+ip_address=$1
+port=$2
+
+#Testing all the positive cases
+origins="http://www4.netflix.com http://1.netflix.com https://www.netflix.com https://www4.netflix.com ftp://this.is.fine"
+for origin in $origins; do
+curl --fail --silent --header "Origin:$origin" --data "v=QH2-TGUlwu4" http://$ip_address:$port/apps/Netflix || echo "failed: $origin should be accepted"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix || echo "failed: $origin should be accepted"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix/run || echo "failed: $origin should be accepted"
+if [ $ip_address == "localhost" ];
+then
+ echo "testing dial_data OPTIONS on $ip_address from origin $origin"
+ curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix/dial_data || echo "failed: $origin should be accepted"
+fi
+done
+
+origins="http://www4.youtube.com http://1.youtube.com https://www.youtube.com https://www4.youtube.com ftp://this.is.fine"
+for origin in $origins; do
+curl --fail --silent --header "Origin:$origin" --data "v=QH2-TGUlwu4" http://$ip_address:$port/apps/YouTube || echo "failed: $origin should be accepted"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube || echo "failed: $origin should be accepted"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube/run || echo "failed: $origin should be accepted"
+if [ $ip_address == "localhost" ];
+then
+ echo "testing dial_data OPTIONS on $ip_address from origin $origin"
+ curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube/dial_data || echo "failed: $origin should be accepted"
+fi
+done
+
+#Testing all the negative cases
+origins="http://www.netflix-a.com http://www.netflix.com4 http://a-netflix.com https://ww.netflix-a.com https://www.netflix.com4 https://a-netflix.com http://netflix.com http://www.attack.com https://www.attack.com file://www.attack.com"
+for origin in $origins; do
+curl --fail --silent --header "Origin:$origin" --data "v=QH2-TGUlwu4" http://$ip_address:$port/apps/Netflix && echo "failed: $origin should be rejected"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix && echo "failed: $origin should be rejected"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix/run && echo "failed: $origin should be rejected"
+if [ $ip_address == "localhost" ];
+then
+ echo "testing dial_data OPTIONS on $ip_address from origin $origin"
+ curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/Netflix/dial_data && echo "failed: $origin should be rejected"
+fi
+done
+
+origins="http://www.youtube-a.com http://www.youtube.com4 http://a-youtube.com https://ww.youtube-a.com https://www.youtube.com4 https://a-youtube.com http://youtube.com https://youtube.com http://www.attack.com https://www.attack.com file://www.attack.com"
+for origin in $origins; do
+curl --fail --silent --header "Origin:$origin" --data "v=QH2-TGUlwu4" http://$ip_address:$port/apps/YouTube && echo "failed: $origin should be rejected"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube && echo "failed: $origin should be rejected"
+curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube/run && echo "failed: $origin should be rejected"
+if [ $ip_address == "localhost" ];
+then
+ echo "testing dial_data OPTIONS on $ip_address from origin $origin"
+ curl --fail --silent --header "Origin:$origin" -X OPTIONS http://$ip_address:$port/apps/YouTube/dial_data && echo "failed: $origin should be rejected"
+fi
+done
+
+#Finally test with no header
+curl --fail --silent --data "v=QH2-TGUlwu4" http://$ip_address:$port/apps/YouTube || echo "failed: request without an Origin should be accepted"
+curl --fail --silent -X OPTIONS http://$ip_address:$port/apps/YouTube || echo "failed: request without an Origin should be accepted"
+curl --fail --silent -X OPTIONS http://$ip_address:$port/apps/YouTube/run || echo "failed: request without an Origin should be accepted"
+if [ $ip_address == "localhost" ];
+then
+ echo "testing dial_data OPTIONS on $ip_address with no origin"
+ curl --fail --silent -X OPTIONS http://$ip_address:$port/apps/YouTube/dial_data || echo "failed: request without an Origin should be accepted"
+fi
+
+echo "Done."
diff --git a/src/server/tests/test_dial_data.c b/src/server/tests/test_dial_data.c
index 4998084..b383d5d 100644
--- a/src/server/tests/test_dial_data.c
+++ b/src/server/tests/test_dial_data.c
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#include "../dial_data.h"
#include <assert.h>
diff --git a/src/server/tests/test_dial_data.h b/src/server/tests/test_dial_data.h
index c8fa06d..d2b579d 100644
--- a/src/server/tests/test_dial_data.h
+++ b/src/server/tests/test_dial_data.h
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#ifndef SRC_SERVER_TESTS_TEST_DIAL_DATA_H_
#define SRC_SERVER_TESTS_TEST_DIAL_DATA_H_
diff --git a/src/server/tests/test_url_lib.c b/src/server/tests/test_url_lib.c
index d89d38d..95d6e6d 100644
--- a/src/server/tests/test_url_lib.c
+++ b/src/server/tests/test_url_lib.c
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#include "../url_lib.h"
#include "../dial_data.h"
diff --git a/src/server/tests/test_url_lib.h b/src/server/tests/test_url_lib.h
index 43fe19f..1cbe2e7 100644
--- a/src/server/tests/test_url_lib.h
+++ b/src/server/tests/test_url_lib.h
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#ifndef SRC_SERVER_TESTS_TEST_URL_LIB_H_
#define SRC_SERVER_TESTS_TEST_URL_LIB_H_
diff --git a/src/server/url_lib.c b/src/server/url_lib.c
index 78313e3..498b221 100644
--- a/src/server/url_lib.c
+++ b/src/server/url_lib.c
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
#include "url_lib.h"
#include "dial_data.h"
diff --git a/src/server/url_lib.h b/src/server/url_lib.h
index 00781a8..209dfb3 100644
--- a/src/server/url_lib.h
+++ b/src/server/url_lib.h
@@ -1,3 +1,27 @@
+/*
+ * Copyright (c) 2014 Netflix, Inc.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * Redistributions of source code must retain the above copyright notice, this
+ * list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY NETFLIX, INC. AND CONTRIBUTORS "AS IS" AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL NETFLIX OR CONTRIBUTORS BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
/* Utility functions for dealing with URLs */
#ifndef URLLIB_H_