summaryrefslogtreecommitdiffstats
path: root/caps/nsScriptSecurityManager.h
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /caps/nsScriptSecurityManager.h
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'caps/nsScriptSecurityManager.h')
-rw-r--r--caps/nsScriptSecurityManager.h162
1 files changed, 162 insertions, 0 deletions
diff --git a/caps/nsScriptSecurityManager.h b/caps/nsScriptSecurityManager.h
new file mode 100644
index 000000000..5dc0b393a
--- /dev/null
+++ b/caps/nsScriptSecurityManager.h
@@ -0,0 +1,162 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/* vim: set ts=4 et sw=4 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nsScriptSecurityManager_h__
+#define nsScriptSecurityManager_h__
+
+#include "nsIScriptSecurityManager.h"
+
+#include "nsIAddonPolicyService.h"
+#include "mozilla/Maybe.h"
+#include "nsIAddonPolicyService.h"
+#include "nsIPrincipal.h"
+#include "nsCOMPtr.h"
+#include "nsIObserver.h"
+#include "nsServiceManagerUtils.h"
+#include "plstr.h"
+#include "js/TypeDecls.h"
+
+#include <stdint.h>
+
+class nsCString;
+class nsIIOService;
+class nsIStringBundle;
+class nsSystemPrincipal;
+
+namespace mozilla {
+class PrincipalOriginAttributes;
+} // namespace mozilla
+
+/////////////////////////////
+// nsScriptSecurityManager //
+/////////////////////////////
+#define NS_SCRIPTSECURITYMANAGER_CID \
+{ 0x7ee2a4c0, 0x4b93, 0x17d3, \
+{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
+
+class nsScriptSecurityManager final : public nsIScriptSecurityManager,
+ public nsIObserver
+{
+public:
+ static void Shutdown();
+
+ NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
+
+ NS_DECL_ISUPPORTS
+ NS_DECL_NSISCRIPTSECURITYMANAGER
+ NS_DECL_NSIOBSERVER
+
+ static nsScriptSecurityManager*
+ GetScriptSecurityManager();
+
+ // Invoked exactly once, by XPConnect.
+ static void InitStatics();
+
+ static nsSystemPrincipal*
+ SystemPrincipalSingletonConstructor();
+
+ /**
+ * Utility method for comparing two URIs. For security purposes, two URIs
+ * are equivalent if their schemes, hosts, and ports (if any) match. This
+ * method returns true if aSubjectURI and aObjectURI have the same origin,
+ * false otherwise.
+ */
+ static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
+ static uint32_t SecurityHashURI(nsIURI* aURI);
+
+ static uint16_t AppStatusForPrincipal(nsIPrincipal *aPrin);
+
+ static nsresult
+ ReportError(JSContext* cx, const nsAString& messageTag,
+ nsIURI* aSource, nsIURI* aTarget);
+
+ static uint32_t
+ HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
+
+ static bool
+ GetStrictFileOriginPolicy()
+ {
+ return sStrictFileOriginPolicy;
+ }
+
+ void DeactivateDomainPolicy();
+
+private:
+
+ // GetScriptSecurityManager is the only call that can make one
+ nsScriptSecurityManager();
+ virtual ~nsScriptSecurityManager();
+
+ // Decides, based on CSP, whether or not eval() and stuff can be executed.
+ static bool
+ ContentSecurityPolicyPermitsJSAction(JSContext *cx);
+
+ static bool
+ JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second);
+
+ // Returns null if a principal cannot be found; generally callers
+ // should error out at that point.
+ static nsIPrincipal* doGetObjectPrincipal(JSObject* obj);
+
+ nsresult
+ Init();
+
+ nsresult
+ InitPrefs();
+
+ inline void
+ ScriptSecurityPrefChanged();
+
+ inline void
+ AddSitesToFileURIWhitelist(const nsCString& aSiteList);
+
+ // If aURI is a moz-extension:// URI, set mAddonId to the associated addon.
+ nsresult MaybeSetAddonIdFromURI(mozilla::PrincipalOriginAttributes& aAttrs, nsIURI* aURI);
+
+ nsresult GetChannelResultPrincipal(nsIChannel* aChannel,
+ nsIPrincipal** aPrincipal,
+ bool aIgnoreSandboxing);
+
+ nsresult
+ CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI, nsIURI* aSourceBaseURI,
+ nsIURI* aTargetBaseURI, uint32_t aFlags);
+
+ // Returns the file URI whitelist, initializing it if it has not been
+ // initialized.
+ const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIWhitelist();
+
+ nsCOMPtr<nsIPrincipal> mSystemPrincipal;
+ bool mPrefInitialized;
+ bool mIsJavaScriptEnabled;
+
+ // List of URIs whose domains and sub-domains are whitelisted to allow
+ // access to file: URIs. Lazily initialized; isNothing() when not yet
+ // initialized.
+ mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIWhitelist;
+
+ // This machinery controls new-style domain policies. The old-style
+ // policy machinery will be removed soon.
+ nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
+
+ // Cached addon policy service. We can't generate this in Init() because
+ // that's too early to get a service.
+ mozilla::Maybe<nsCOMPtr<nsIAddonPolicyService>> mAddonPolicyService;
+ nsIAddonPolicyService* GetAddonPolicyService()
+ {
+ if (mAddonPolicyService.isNothing()) {
+ mAddonPolicyService.emplace(do_GetService("@mozilla.org/addons/policy-service;1"));
+ }
+ return mAddonPolicyService.ref();
+ }
+
+ static bool sStrictFileOriginPolicy;
+
+ static nsIIOService *sIOService;
+ static nsIStringBundle *sStrBundle;
+ static JSContext *sContext;
+};
+
+#endif // nsScriptSecurityManager_h__