/src/mozilla-central/caps/nsScriptSecurityManager.h
Line | Count | Source |
1 | | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 | | /* vim: set ts=4 et sw=4 tw=80: */ |
3 | | /* This Source Code Form is subject to the terms of the Mozilla Public |
4 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
5 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
6 | | |
7 | | #ifndef nsScriptSecurityManager_h__ |
8 | | #define nsScriptSecurityManager_h__ |
9 | | |
10 | | #include "nsIScriptSecurityManager.h" |
11 | | |
12 | | #include "mozilla/Maybe.h" |
13 | | #include "nsIPrincipal.h" |
14 | | #include "nsCOMPtr.h" |
15 | | #include "nsServiceManagerUtils.h" |
16 | | #include "nsStringFwd.h" |
17 | | #include "plstr.h" |
18 | | #include "js/TypeDecls.h" |
19 | | |
20 | | #include <stdint.h> |
21 | | |
22 | | class nsIIOService; |
23 | | class nsIStringBundle; |
24 | | |
25 | | namespace mozilla { |
26 | | class OriginAttributes; |
27 | | class SystemPrincipal; |
28 | | } // namespace mozilla |
29 | | |
30 | | ///////////////////////////// |
31 | | // nsScriptSecurityManager // |
32 | | ///////////////////////////// |
33 | | #define NS_SCRIPTSECURITYMANAGER_CID \ |
34 | | { 0x7ee2a4c0, 0x4b93, 0x17d3, \ |
35 | | { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }} |
36 | | |
37 | | class nsScriptSecurityManager final : public nsIScriptSecurityManager |
38 | | { |
39 | | public: |
40 | | static void Shutdown(); |
41 | | |
42 | | NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID) |
43 | | |
44 | | NS_DECL_ISUPPORTS |
45 | | NS_DECL_NSISCRIPTSECURITYMANAGER |
46 | | |
47 | | static nsScriptSecurityManager* |
48 | | GetScriptSecurityManager(); |
49 | | |
50 | | // Invoked exactly once, by XPConnect. |
51 | | static void InitStatics(); |
52 | | |
53 | | static already_AddRefed<mozilla::SystemPrincipal> |
54 | | SystemPrincipalSingletonConstructor(); |
55 | | |
56 | | /** |
57 | | * Utility method for comparing two URIs. For security purposes, two URIs |
58 | | * are equivalent if their schemes, hosts, and ports (if any) match. This |
59 | | * method returns true if aSubjectURI and aObjectURI have the same origin, |
60 | | * false otherwise. |
61 | | */ |
62 | | static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI); |
63 | | static uint32_t SecurityHashURI(nsIURI* aURI); |
64 | | |
65 | | static nsresult |
66 | | ReportError(const char* aMessageTag, nsIURI* aSource, |
67 | | nsIURI* aTarget, bool aFromPrivateWindow); |
68 | | |
69 | | static uint32_t |
70 | | HashPrincipalByOrigin(nsIPrincipal* aPrincipal); |
71 | | |
72 | | static bool |
73 | | GetStrictFileOriginPolicy() |
74 | 5.77k | { |
75 | 5.77k | return sStrictFileOriginPolicy; |
76 | 5.77k | } |
77 | | |
78 | | void DeactivateDomainPolicy(); |
79 | | |
80 | | private: |
81 | | |
82 | | // GetScriptSecurityManager is the only call that can make one |
83 | | nsScriptSecurityManager(); |
84 | | virtual ~nsScriptSecurityManager(); |
85 | | |
86 | | // Decides, based on CSP, whether or not eval() and stuff can be executed. |
87 | | static bool |
88 | | ContentSecurityPolicyPermitsJSAction(JSContext *cx, JS::HandleValue aValue); |
89 | | |
90 | | static bool |
91 | | JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second); |
92 | | |
93 | | nsresult |
94 | | Init(); |
95 | | |
96 | | nsresult |
97 | | InitPrefs(); |
98 | | |
99 | | void |
100 | | ScriptSecurityPrefChanged(const char* aPref = nullptr); |
101 | | |
102 | | inline void |
103 | | AddSitesToFileURIWhitelist(const nsCString& aSiteList); |
104 | | |
105 | | nsresult GetChannelResultPrincipal(nsIChannel* aChannel, |
106 | | nsIPrincipal** aPrincipal, |
107 | | bool aIgnoreSandboxing); |
108 | | |
109 | | nsresult |
110 | | CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI, nsIURI* aSourceBaseURI, |
111 | | nsIURI* aTargetBaseURI, uint32_t aFlags, bool aFromPrivateWindow); |
112 | | |
113 | | // Returns the file URI whitelist, initializing it if it has not been |
114 | | // initialized. |
115 | | const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIWhitelist(); |
116 | | |
117 | | nsCOMPtr<nsIPrincipal> mSystemPrincipal; |
118 | | bool mPrefInitialized; |
119 | | bool mIsJavaScriptEnabled; |
120 | | |
121 | | // List of URIs whose domains and sub-domains are whitelisted to allow |
122 | | // access to file: URIs. Lazily initialized; isNothing() when not yet |
123 | | // initialized. |
124 | | mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIWhitelist; |
125 | | |
126 | | // This machinery controls new-style domain policies. The old-style |
127 | | // policy machinery will be removed soon. |
128 | | nsCOMPtr<nsIDomainPolicy> mDomainPolicy; |
129 | | |
130 | | static bool sStrictFileOriginPolicy; |
131 | | |
132 | | static nsIIOService *sIOService; |
133 | | static nsIStringBundle *sStrBundle; |
134 | | static JSContext *sContext; |
135 | | }; |
136 | | |
137 | | #endif // nsScriptSecurityManager_h__ |