summaryrefslogtreecommitdiffstats
path: root/extensions/cookie/nsPermission.cpp
diff options
context:
space:
mode:
authorMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
committerMatt A. Tobin <mattatobin@localhost.localdomain>2018-02-02 04:16:08 -0500
commit5f8de423f190bbb79a62f804151bc24824fa32d8 (patch)
tree10027f336435511475e392454359edea8e25895d /extensions/cookie/nsPermission.cpp
parent49ee0794b5d912db1f95dce6eb52d781dc210db5 (diff)
downloadUXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.gz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.lz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.tar.xz
UXP-5f8de423f190bbb79a62f804151bc24824fa32d8.zip
Add m-esr52 at 52.6.0
Diffstat (limited to 'extensions/cookie/nsPermission.cpp')
-rw-r--r--extensions/cookie/nsPermission.cpp201
1 files changed, 201 insertions, 0 deletions
diff --git a/extensions/cookie/nsPermission.cpp b/extensions/cookie/nsPermission.cpp
new file mode 100644
index 000000000..3d1eb140a
--- /dev/null
+++ b/extensions/cookie/nsPermission.cpp
@@ -0,0 +1,201 @@
+/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "nsPermission.h"
+#include "nsContentUtils.h"
+#include "nsIClassInfoImpl.h"
+#include "nsIEffectiveTLDService.h"
+#include "mozilla/BasePrincipal.h"
+
+// nsPermission Implementation
+
+NS_IMPL_CLASSINFO(nsPermission, nullptr, 0, {0})
+NS_IMPL_ISUPPORTS_CI(nsPermission, nsIPermission)
+
+nsPermission::nsPermission(nsIPrincipal* aPrincipal,
+ const nsACString &aType,
+ uint32_t aCapability,
+ uint32_t aExpireType,
+ int64_t aExpireTime)
+ : mPrincipal(aPrincipal)
+ , mType(aType)
+ , mCapability(aCapability)
+ , mExpireType(aExpireType)
+ , mExpireTime(aExpireTime)
+{
+}
+
+already_AddRefed<nsPermission>
+nsPermission::Create(nsIPrincipal* aPrincipal,
+ const nsACString &aType,
+ uint32_t aCapability,
+ uint32_t aExpireType,
+ int64_t aExpireTime)
+{
+ NS_ENSURE_TRUE(aPrincipal, nullptr);
+ nsCOMPtr<nsIPrincipal> principal =
+ mozilla::BasePrincipal::Cast(aPrincipal)->CloneStrippingUserContextIdAndFirstPartyDomain();
+
+ NS_ENSURE_TRUE(principal, nullptr);
+
+ RefPtr<nsPermission> permission =
+ new nsPermission(principal, aType, aCapability, aExpireType, aExpireTime);
+ return permission.forget();
+}
+
+NS_IMETHODIMP
+nsPermission::GetPrincipal(nsIPrincipal** aPrincipal)
+{
+ nsCOMPtr<nsIPrincipal> copy = mPrincipal;
+ copy.forget(aPrincipal);
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::GetType(nsACString &aType)
+{
+ aType = mType;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::GetCapability(uint32_t *aCapability)
+{
+ *aCapability = mCapability;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::GetExpireType(uint32_t *aExpireType)
+{
+ *aExpireType = mExpireType;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::GetExpireTime(int64_t *aExpireTime)
+{
+ *aExpireTime = mExpireTime;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost, bool* aMatches)
+{
+ NS_ENSURE_ARG_POINTER(aPrincipal);
+ NS_ENSURE_ARG_POINTER(aMatches);
+
+ *aMatches = false;
+
+ nsCOMPtr<nsIPrincipal> principal =
+ mozilla::BasePrincipal::Cast(aPrincipal)->CloneStrippingUserContextIdAndFirstPartyDomain();
+
+ if (!principal) {
+ *aMatches = false;
+ return NS_OK;
+ }
+
+ // If the principals are equal, then they match.
+ if (mPrincipal->Equals(principal)) {
+ *aMatches = true;
+ return NS_OK;
+ }
+
+ // If we are matching with an exact host, we're done now - the permissions don't match
+ // otherwise, we need to start comparing subdomains!
+ if (aExactHost) {
+ return NS_OK;
+ }
+
+ // Compare their OriginAttributes
+ const mozilla::PrincipalOriginAttributes& theirAttrs = mozilla::BasePrincipal::Cast(principal)->OriginAttributesRef();
+ const mozilla::PrincipalOriginAttributes& ourAttrs = mozilla::BasePrincipal::Cast(mPrincipal)->OriginAttributesRef();
+
+ if (theirAttrs != ourAttrs) {
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIURI> theirURI;
+ nsresult rv = principal->GetURI(getter_AddRefs(theirURI));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCOMPtr<nsIURI> ourURI;
+ rv = mPrincipal->GetURI(getter_AddRefs(ourURI));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // Compare schemes
+ nsAutoCString theirScheme;
+ rv = theirURI->GetScheme(theirScheme);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsAutoCString ourScheme;
+ rv = ourURI->GetScheme(ourScheme);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ if (theirScheme != ourScheme) {
+ return NS_OK;
+ }
+
+ // Compare ports
+ int32_t theirPort;
+ rv = theirURI->GetPort(&theirPort);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ int32_t ourPort;
+ rv = ourURI->GetPort(&ourPort);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ if (theirPort != ourPort) {
+ return NS_OK;
+ }
+
+ // Check if the host or any subdomain of their host matches.
+ nsAutoCString theirHost;
+ rv = theirURI->GetHost(theirHost);
+ if (NS_FAILED(rv) || theirHost.IsEmpty()) {
+ return NS_OK;
+ }
+
+ nsAutoCString ourHost;
+ rv = ourURI->GetHost(ourHost);
+ if (NS_FAILED(rv) || ourHost.IsEmpty()) {
+ return NS_OK;
+ }
+
+ nsCOMPtr<nsIEffectiveTLDService> tldService =
+ do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
+ if (!tldService) {
+ NS_ERROR("Should have a tld service!");
+ return NS_ERROR_FAILURE;
+ }
+
+ // This loop will not loop forever, as GetNextSubDomain will eventually fail
+ // with NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
+ while (theirHost != ourHost) {
+ rv = tldService->GetNextSubDomain(theirHost, theirHost);
+ if (NS_FAILED(rv)) {
+ if (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
+ return NS_OK;
+ } else {
+ return rv;
+ }
+ }
+ }
+
+ *aMatches = true;
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+nsPermission::MatchesURI(nsIURI* aURI, bool aExactHost, bool* aMatches)
+{
+ NS_ENSURE_ARG_POINTER(aURI);
+
+ mozilla::PrincipalOriginAttributes attrs;
+ nsCOMPtr<nsIPrincipal> principal = mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
+ NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
+
+ return Matches(principal, aExactHost, aMatches);
+}