safelinks

package

v0.5.0 Latest Latest Go to latest Published: Apr 10, 2024 License: MIT Imports: 14 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/atc0005/safelinks

Links

Open Source Insights

Documentation ¶

Overview ¶

Package safelinks provides functionality for decoding Safe Links URLs to their original values.

Index ¶

Constants
Variables
func CleanURL(s string) string
func DecodeInput(txt string) (string, error)
func EncodeInput(txt string, randomlyEncode bool) (string, error)
func EncodeParsedURLAsFauxSafeLinksURL(pURL ParsedURL) string
func FilterURLs(urls []*url.URL, excludeSafeLinkURLs bool) []*url.URL
func GetRandomSafeLinksFQDN() string
func QueryEscapeInput(txt string, randomlyEscape bool) (string, error)
func ReadFromFile(r io.Reader) ([]string, error)
func ReadURLFromUser() (string, error)
func ValidSafeLinkURL(u *url.URL) bool
func ValidURL(u *url.URL) bool
func ValidURLPattern(input string) bool
type FoundURLPattern
- func GetURLPatternsUsingIndex(input string, evalAllHTTPURLs bool) ([]FoundURLPattern, error)
- func GetURLPatternsUsingPrefixMatchingOnFields(input string, evalPlainHTTP bool) ([]FoundURLPattern, error)
- func GetURLPatternsUsingRegex(input string, evalPlainHTTP bool) ([]FoundURLPattern, error)
type ParsedURL
- func FilterParsedURLs(parsedURLs []ParsedURL, excludeSafeLinkURLs bool) []ParsedURL
- func URLs(input string, evalPlainHTTP bool) ([]ParsedURL, error)
- func (pURL ParsedURL) Trimmed() string
type SafeLinkURL
- func FromURLs(urls []*url.URL) ([]SafeLinkURL, error)
- func SafeLinkURLs(input string) ([]SafeLinkURL, error)
- func SafeLinkURLsFromParsedURLs(parsedURLs []ParsedURL) ([]SafeLinkURL, error)
- func SafeLinkURLsFromURLs(urls []*url.URL) ([]SafeLinkURL, error)

Constants ¶

View Source

const (
	// SafeLinksURLRequiredPrefix is the required prefix for all Safe Links
	// URLs.
	SafeLinksURLRequiredPrefix string = "https://"

	// SafeLinksBaseDomain is the common component of a fully qualified domain
	// name used in Safe Links encoded URLs.
	SafeLinksBaseDomain string = "safelinks.protection.outlook.com"

	// SafeLinksURLTemplate is a template for observed SafeLinks URLs.
	// https://SUBDOMAIN.safelinks.protection.outlook.com/?url=ENCODED_URL&data=data_placeholder&sdata=sdata_placeholder&reserved=0
	SafeLinksURLTemplate string = "%s%s/?url=%s&data=%s&sdata=%s&reserved=%s"
)

View Source

const (
	// HTTPPlainURLPrefix is the plaintext prefix used for unencrypted
	// connections to a HTTP-enabled site/service.
	HTTPPlainURLPrefix string = "http://"
)

Variables ¶

View Source

var (
	// ErrMissingValue indicates that an expected value was missing.
	ErrMissingValue = errors.New("missing expected value")

	// ErrInvalidURL indicates that an invalid URL was provided.
	ErrInvalidURL = errors.New("invalid URL provided")

	// ErrOriginalURLNotResolved indicates that we failed to resolve the
	// original URL using the given Safe Links URL.
	ErrOriginalURLNotResolved = errors.New("unable to resolve original URL")

	// ErrNoURLsFound indicates that an attempt to parse an input string for
	// URLs failed.
	ErrNoURLsFound = errors.New("no URLs matching requirements found in input")

	// ErrURLNotSafeLinkEncoded indicates that a given URL is not recognized
	// as using Safe Link encoding.
	ErrURLNotSafeLinkEncoded = errors.New("given URL not Safe Link encoded")

	// ErrNoSafeLinkURLsFound indicates that no URLs were found to be encoded
	// as Safe Links.
	ErrNoSafeLinkURLsFound = errors.New("no Safe Link URLs found in input")

	// ErrNoNonSafeLinkURLsFound indicates that no URLs were found to not
	// already be encoded as Safe Links.
	ErrNoNonSafeLinkURLsFound = errors.New("no non-Safe Link URLs found in input")

	// ErrQueryEscapingUnsuccessful indicates that an attempt to query escape
	// input was unsuccessful.
	ErrQueryEscapingUnsuccessful = errors.New("failed to query escape input")

	// ErrEncodingUnsuccessful indicates that an attempt to encode input was
	// unsuccessful.
	ErrEncodingUnsuccessful = errors.New("failed to encode input")
)

Functions ¶

func CleanURL ¶ added in v0.5.0

func CleanURL(s string) string

CleanURL strips away quoting, escaping of characters or other problematic leading or trailing characters in a given URL.

func DecodeInput ¶ added in v0.5.0

func DecodeInput(txt string) (string, error)

DecodeInput processes given input replacing any Safe Links encoded URL with the original decoded value. Other input is returned unmodified.

func EncodeInput ¶ added in v0.5.0

func EncodeInput(txt string, randomlyEncode bool) (string, error)

EncodeInput processes given input replacing any normal URL with an encoded value similar to a real Safe Links value. Other input is returned unmodified.

func EncodeParsedURLAsFauxSafeLinksURL ¶ added in v0.5.0

func EncodeParsedURLAsFauxSafeLinksURL(pURL ParsedURL) string

EncodeParsedURLAsFauxSafeLinksURL encodes the provided ParsedURL in a format that mimics real Safe Links encoded URLs observed in the wild. This output is intended for use with testing encoding/decoding behavior.

func FilterURLs ¶ added in v0.5.0

func FilterURLs(urls []*url.URL, excludeSafeLinkURLs bool) []*url.URL

FilterURLs filters the given collection of URLs, returning the remaining URLs or an error if none remain after filtering.

If specified, Safe Link URLs are excluded from the collection returning only URLs that have not been encoded as Safe Links URLs. Otherwise, only URLs that have been encoded as Safe Links URLs are returned.

An empty collection is returned if no URLs remain after filtering.

func GetRandomSafeLinksFQDN ¶ added in v0.5.0

func GetRandomSafeLinksFQDN() string

GetRandomSafeLinksFQDN returns a pseudorandom FQDN from a list observed to be associated with Safe Links URLs. Entries in the list have a naming pattern of *.safelinks.protection.outlook.com.

func QueryEscapeInput ¶ added in v0.5.0

func QueryEscapeInput(txt string, randomlyEscape bool) (string, error)

QueryEscapeInput processes given input replacing any normal URL with an escaped string so it can be safely placed inside a URL query. Other input is returned unmodified.

func ReadFromFile ¶ added in v0.5.0

func ReadFromFile(r io.Reader) ([]string, error)

ReadFromFile attempts to read newline separated entries from a given file (io.Reader).

The collection of entries is returned or an error if one occurs.

func ReadURLFromUser ¶

func ReadURLFromUser() (string, error)

ReadURLFromUser attempts to read input from the user via stdin prompt. The user is prompted for a URL but validation of that input is left to the caller to perform.

func ValidSafeLinkURL ¶ added in v0.4.0

func ValidSafeLinkURL(u *url.URL) bool

ValidSafeLinkURL validates whether a given url.URL is a valid Safe Links URL.

func ValidURL ¶ added in v0.4.0

func ValidURL(u *url.URL) bool

ValidURL attempts to validate whether a given url.URL value is a valid / usable URL. On its down url.Parse is *very* forgiving so we apply additional checks to ensure the url.URL value meets our minimum requirements.

func ValidURLPattern ¶ added in v0.5.0

func ValidURLPattern(input string) bool

ValidURLPattern attempts to validate whether a given input string is a valid URL.

Types ¶

type FoundURLPattern ¶ added in v0.4.0

type FoundURLPattern struct {
	URLPattern string
	// contains filtered or unexported fields
}

FoundURLPattern is an unvalidated URL pattern match found in given input.

func GetURLPatternsUsingIndex ¶ added in v0.4.0

func GetURLPatternsUsingIndex(input string, evalAllHTTPURLs bool) ([]FoundURLPattern, error)

GetURLPatternsUsingIndex parses the given input and returns a collection of FoundURLPattern values.

Since all Safe Links URLs observed in the wild begin with a HTTPS scheme we require that all matched URL patterns begin with that protocol scheme. If specified, non-HTTPS URLs are evaluated also. nil is returned if no matching patterns are found.

NOTE: Validation has not been performed to ensure that matched patterns are valid URLs.

Internal logic uses slice indexing/iteration to match URL patterns beginning with 'https://' (or optionally 'http://') and ending with a whitespace character or a right angle bracket. The caller is responsible for trimming angle brackets and other unwanted characters.

func GetURLPatternsUsingPrefixMatchingOnFields ¶ added in v0.4.0

func GetURLPatternsUsingPrefixMatchingOnFields(input string, evalPlainHTTP bool) ([]FoundURLPattern, error)

GetURLPatternsUsingPrefixMatchingOnFields parses the given input and returns a collection of FoundURLPattern values.

Since all Safe Links URLs observed in the wild begin with a HTTPS scheme we require that all matched URL patterns begin with that protocol scheme. If specified, non-HTTPS URLs are evaluated also. nil is returned if no matching patterns are found.

NOTE: Validation has not been performed to ensure that matched patterns are valid URLs.

Internal logic uses string splitting on whitespace and prefix matching to match URL patterns optionally beginning with a left angle bracket, then 'https://' (or 'http://' if specified) and ending with a whitespace character. The caller is responsible for trimming angle brackets and other unwanted characters.

func GetURLPatternsUsingRegex ¶ added in v0.4.0

func GetURLPatternsUsingRegex(input string, evalPlainHTTP bool) ([]FoundURLPattern, error)

GetURLPatternsUsingRegex parses the given input and returns a collection of FoundURLPattern values.

Since all Safe Links URLs observed in the wild begin with a HTTPS scheme we require that all matched URL patterns begin with that protocol scheme. If specified, non-HTTPS URLs are evaluated also. nil is returned if no matching patterns are found.

NOTE: Validation is not performed to ensure that matched patterns are valid URLs.

Internal logic uses a regular expression to match URL patterns optionally beginning with a left angle bracket, then 'https://' (or 'http://' if specified) and ending with a whitespace character or a right angle bracket. The caller is responsible for trimming angle brackets and other unwanted characters.

type ParsedURL ¶ added in v0.5.0

type ParsedURL struct {
	// Original is the untrimmed, unmodified original match pattern.
	Original string

	// Parsed is the parsed form of the original match pattern *after* it has
	// been trimmed of unwanted/invalid characters (e.g., angle brackets,
	// period).
	Parsed *url.URL
}

ParsedURL contains the original matched URL pattern and a parsed URL.

func FilterParsedURLs ¶ added in v0.5.0

func FilterParsedURLs(parsedURLs []ParsedURL, excludeSafeLinkURLs bool) []ParsedURL

FilterParsedURLs filters the given collection of parsed URLs, returning the remaining parsed URLs or an error if none remain after filtering.

If specified, Safe Link URLs are excluded from the collection returning only URLs that have not been encoded as Safe Links URLs. Otherwise, only URLs that have been encoded as Safe Links URLs are returned.

An empty collection is returned if no URLs remain after filtering.

func URLs ¶ added in v0.4.0

func URLs(input string, evalPlainHTTP bool) ([]ParsedURL, error)

URLs parses the given input and returns a collection of ParsedURL values.

Since all Safe Links URLs observed in the wild begin with a HTTPS scheme we require that all matched URLs begin with that protocol scheme. If specified, non-HTTPS URLs are also evaluated. nil is returned if no matching patterns are found.

The result is a collection of ParsedURL values containing the original URL match pattern and a parsed

func (ParsedURL) Trimmed ¶ added in v0.5.0

func (pURL ParsedURL) Trimmed() string

Trimmed is a copy of the original URL match pattern with unwanted/invalid leading/trailing characters removed.

type SafeLinkURL ¶ added in v0.4.0

type SafeLinkURL struct {
	EncodedURL string
	DecodedURL string
}

SafeLinkURL contains the encoded and decoded URLs for a matched Safe Link.

func FromURLs ¶ added in v0.4.0

func FromURLs(urls []*url.URL) ([]SafeLinkURL, error)

FromURLs evaluates a given collection of URLs and returns a collection of SafeLinkURL values for any that are found to be encoded as Safe Links. Deduplication is *not* performed.

An error is returned if no valid matches are found.

func SafeLinkURLs ¶ added in v0.4.0

func SafeLinkURLs(input string) ([]SafeLinkURL, error)

SafeLinkURLs parses the given input and returns a collection of parsed and decoded URLs. Deduplication is *not* performed.

An error is returned if no valid matches are found.

func SafeLinkURLsFromParsedURLs ¶ added in v0.5.0

func SafeLinkURLsFromParsedURLs(parsedURLs []ParsedURL) ([]SafeLinkURL, error)

SafeLinkURLsFromParsedURLs evaluates a given collection of parsed URLs and returns any that are found to be encoded as Safe Links. Deduplication is *not* performed. An error is returned if no valid matches are found.

func SafeLinkURLsFromURLs ¶ added in v0.4.0

func SafeLinkURLsFromURLs(urls []*url.URL) ([]SafeLinkURL, error)

SafeLinkURLsFromURLs evaluates a given collection of URLs and returns any that are found to be encoded as Safe Links. Deduplication is *not* performed. An error is returned if no valid matches are found.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL