1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
|
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "mozilla/net/CookieServiceParent.h"
#include "mozilla/dom/PContentParent.h"
#include "mozilla/net/NeckoParent.h"
#include "mozilla/BasePrincipal.h"
#include "mozilla/ipc/URIUtils.h"
#include "nsCookieService.h"
#include "nsIChannel.h"
#include "nsIScriptSecurityManager.h"
#include "nsIPrivateBrowsingChannel.h"
#include "nsNetCID.h"
#include "nsPrintfCString.h"
using namespace mozilla::ipc;
using mozilla::BasePrincipal;
using mozilla::NeckoOriginAttributes;
using mozilla::PrincipalOriginAttributes;
using mozilla::dom::PContentParent;
using mozilla::net::NeckoParent;
namespace {
// Ignore failures from this function, as they only affect whether we do or
// don't show a dialog box in private browsing mode if the user sets a pref.
void
CreateDummyChannel(nsIURI* aHostURI, NeckoOriginAttributes& aAttrs, bool aIsPrivate,
nsIChannel** aChannel)
{
MOZ_ASSERT(aAttrs.mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
PrincipalOriginAttributes attrs;
attrs.InheritFromNecko(aAttrs);
nsCOMPtr<nsIPrincipal> principal =
BasePrincipal::CreateCodebasePrincipal(aHostURI, attrs);
if (!principal) {
return;
}
nsCOMPtr<nsIURI> dummyURI;
nsresult rv = NS_NewURI(getter_AddRefs(dummyURI), "about:blank");
if (NS_FAILED(rv)) {
return;
}
// The following channel is never openend, so it does not matter what
// securityFlags we pass; let's follow the principle of least privilege.
nsCOMPtr<nsIChannel> dummyChannel;
NS_NewChannel(getter_AddRefs(dummyChannel), dummyURI, principal,
nsILoadInfo::SEC_REQUIRE_SAME_ORIGIN_DATA_IS_BLOCKED,
nsIContentPolicy::TYPE_INVALID);
nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(dummyChannel);
if (!pbChannel) {
return;
}
pbChannel->SetPrivate(aIsPrivate);
dummyChannel.forget(aChannel);
return;
}
}
namespace mozilla {
namespace net {
CookieServiceParent::CookieServiceParent()
{
// Instantiate the cookieservice via the service manager, so it sticks around
// until shutdown.
nsCOMPtr<nsICookieService> cs = do_GetService(NS_COOKIESERVICE_CONTRACTID);
// Get the nsCookieService instance directly, so we can call internal methods.
mCookieService =
already_AddRefed<nsCookieService>(nsCookieService::GetSingleton());
NS_ASSERTION(mCookieService, "couldn't get nsICookieService");
}
CookieServiceParent::~CookieServiceParent()
{
}
void
CookieServiceParent::ActorDestroy(ActorDestroyReason aWhy)
{
// Nothing needed here. Called right before destructor since this is a
// non-refcounted class.
}
bool
CookieServiceParent::RecvGetCookieString(const URIParams& aHost,
const bool& aIsForeign,
const bool& aFromHttp,
const NeckoOriginAttributes& aAttrs,
nsCString* aResult)
{
if (!mCookieService)
return true;
// Deserialize URI. Having a host URI is mandatory and should always be
// provided by the child; thus we consider failure fatal.
nsCOMPtr<nsIURI> hostURI = DeserializeURI(aHost);
if (!hostURI)
return false;
bool isPrivate = aAttrs.mPrivateBrowsingId > 0;
mCookieService->GetCookieStringInternal(hostURI, aIsForeign, aFromHttp, aAttrs,
isPrivate, *aResult);
return true;
}
bool
CookieServiceParent::RecvSetCookieString(const URIParams& aHost,
const bool& aIsForeign,
const nsCString& aCookieString,
const nsCString& aServerTime,
const bool& aFromHttp,
const NeckoOriginAttributes& aAttrs)
{
if (!mCookieService)
return true;
// Deserialize URI. Having a host URI is mandatory and should always be
// provided by the child; thus we consider failure fatal.
nsCOMPtr<nsIURI> hostURI = DeserializeURI(aHost);
if (!hostURI)
return false;
bool isPrivate = aAttrs.mPrivateBrowsingId > 0;
// This is a gross hack. We've already computed everything we need to know
// for whether to set this cookie or not, but we need to communicate all of
// this information through to nsICookiePermission, which indirectly
// computes the information from the channel. We only care about the
// aIsPrivate argument as nsCookieService::SetCookieStringInternal deals
// with aIsForeign before we have to worry about nsCookiePermission trying
// to use the channel to inspect it.
nsCOMPtr<nsIChannel> dummyChannel;
CreateDummyChannel(hostURI, const_cast<NeckoOriginAttributes&>(aAttrs),
isPrivate, getter_AddRefs(dummyChannel));
// NB: dummyChannel could be null if something failed in CreateDummyChannel.
nsDependentCString cookieString(aCookieString, 0);
mCookieService->SetCookieStringInternal(hostURI, aIsForeign, cookieString,
aServerTime, aFromHttp, aAttrs,
isPrivate, dummyChannel);
return true;
}
} // namespace net
} // namespace mozilla
|
