/src/mozilla-central/js/xpconnect/wrappers/ChromeObjectWrapper.h
Line | Count | Source (jump to first uncovered line) |
1 | | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
2 | | /* vim: set ts=8 sts=4 et sw=4 tw=99: */ |
3 | | /* This Source Code Form is subject to the terms of the Mozilla Public |
4 | | * License, v. 2.0. If a copy of the MPL was not distributed with this |
5 | | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
6 | | |
7 | | #ifndef __ChromeObjectWrapper_h__ |
8 | | #define __ChromeObjectWrapper_h__ |
9 | | |
10 | | #include "mozilla/Attributes.h" |
11 | | |
12 | | #include "FilteringWrapper.h" |
13 | | |
14 | | namespace xpc { |
15 | | |
16 | | struct OpaqueWithSilentFailing; |
17 | | |
18 | | // When a vanilla chrome JS object is exposed to content, we use a wrapper that |
19 | | // fails silently on GET, ENUMERATE, and GET_PROPERTY_DESCRIPTOR for legacy |
20 | | // reasons. For extra security, we override the traps that allow content to pass |
21 | | // an object to chrome, and perform extra security checks on them. |
22 | | #define ChromeObjectWrapperBase \ |
23 | 0 | FilteringWrapper<js::CrossCompartmentSecurityWrapper, OpaqueWithSilentFailing> |
24 | | |
25 | | class ChromeObjectWrapper : public ChromeObjectWrapperBase |
26 | | { |
27 | | public: |
28 | 0 | constexpr ChromeObjectWrapper() : ChromeObjectWrapperBase(0) {} |
29 | | |
30 | | virtual bool defineProperty(JSContext* cx, JS::Handle<JSObject*> wrapper, |
31 | | JS::Handle<jsid> id, |
32 | | JS::Handle<JS::PropertyDescriptor> desc, |
33 | | JS::ObjectOpResult& result) const override; |
34 | | virtual bool set(JSContext* cx, JS::HandleObject wrapper, JS::HandleId id, |
35 | | JS::HandleValue v, JS::HandleValue receiver, |
36 | | JS::ObjectOpResult& result) const override; |
37 | | |
38 | | static const ChromeObjectWrapper singleton; |
39 | | }; |
40 | | |
41 | | } /* namespace xpc */ |
42 | | |
43 | | #endif /* __ChromeObjectWrapper_h__ */ |