caps/src/DomainPolicy.cpp@97036ab72558 (annotated)
caps/src/DomainPolicy.cpp
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ |
| michael@0 | 2 | /* vim: set ts=4 et sw=4 tw=80: */ |
| michael@0 | 3 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 5 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | |
| michael@0 | 7 | #include "DomainPolicy.h" |
| michael@0 | 8 | #include "nsScriptSecurityManager.h" |
| michael@0 | 9 | |
| michael@0 | 10 | namespace mozilla { |
| michael@0 | 11 | |
| michael@0 | 12 | NS_IMPL_ISUPPORTS(DomainPolicy, nsIDomainPolicy) |
| michael@0 | 13 | |
| michael@0 | 14 | DomainPolicy::DomainPolicy() : mBlacklist(new DomainSet()) |
| michael@0 | 15 | , mSuperBlacklist(new DomainSet()) |
| michael@0 | 16 | , mWhitelist(new DomainSet()) |
| michael@0 | 17 | , mSuperWhitelist(new DomainSet()) |
| michael@0 | 18 | {} |
| michael@0 | 19 | |
| michael@0 | 20 | DomainPolicy::~DomainPolicy() |
| michael@0 | 21 | { |
| michael@0 | 22 | // The SSM holds a strong ref to the DomainPolicy until Deactivate() is |
| michael@0 | 23 | // invoked, so we should never hit the destructor until that happens. |
| michael@0 | 24 | MOZ_ASSERT(!mBlacklist && !mSuperBlacklist && |
| michael@0 | 25 | !mWhitelist && !mSuperWhitelist); |
| michael@0 | 26 | } |
| michael@0 | 27 | |
| michael@0 | 28 | |
| michael@0 | 29 | NS_IMETHODIMP |
| michael@0 | 30 | DomainPolicy::GetBlacklist(nsIDomainSet** aSet) |
| michael@0 | 31 | { |
| michael@0 | 32 | nsCOMPtr<nsIDomainSet> set = mBlacklist; |
| michael@0 | 33 | set.forget(aSet); |
| michael@0 | 34 | return NS_OK; |
| michael@0 | 35 | } |
| michael@0 | 36 | |
| michael@0 | 37 | NS_IMETHODIMP |
| michael@0 | 38 | DomainPolicy::GetSuperBlacklist(nsIDomainSet** aSet) |
| michael@0 | 39 | { |
| michael@0 | 40 | nsCOMPtr<nsIDomainSet> set = mSuperBlacklist; |
| michael@0 | 41 | set.forget(aSet); |
| michael@0 | 42 | return NS_OK; |
| michael@0 | 43 | } |
| michael@0 | 44 | |
| michael@0 | 45 | NS_IMETHODIMP |
| michael@0 | 46 | DomainPolicy::GetWhitelist(nsIDomainSet** aSet) |
| michael@0 | 47 | { |
| michael@0 | 48 | nsCOMPtr<nsIDomainSet> set = mWhitelist; |
| michael@0 | 49 | set.forget(aSet); |
| michael@0 | 50 | return NS_OK; |
| michael@0 | 51 | } |
| michael@0 | 52 | |
| michael@0 | 53 | NS_IMETHODIMP |
| michael@0 | 54 | DomainPolicy::GetSuperWhitelist(nsIDomainSet** aSet) |
| michael@0 | 55 | { |
| michael@0 | 56 | nsCOMPtr<nsIDomainSet> set = mSuperWhitelist; |
| michael@0 | 57 | set.forget(aSet); |
| michael@0 | 58 | return NS_OK; |
| michael@0 | 59 | } |
| michael@0 | 60 | |
| michael@0 | 61 | NS_IMETHODIMP |
| michael@0 | 62 | DomainPolicy::Deactivate() |
| michael@0 | 63 | { |
| michael@0 | 64 | // Clear the hashtables first to free up memory, since script might |
| michael@0 | 65 | // hold the doomed sets alive indefinitely. |
| michael@0 | 66 | mBlacklist->Clear(); |
| michael@0 | 67 | mSuperBlacklist->Clear(); |
| michael@0 | 68 | mWhitelist->Clear(); |
| michael@0 | 69 | mSuperWhitelist->Clear(); |
| michael@0 | 70 | |
| michael@0 | 71 | // Null them out. |
| michael@0 | 72 | mBlacklist = nullptr; |
| michael@0 | 73 | mSuperBlacklist = nullptr; |
| michael@0 | 74 | mWhitelist = nullptr; |
| michael@0 | 75 | mSuperWhitelist = nullptr; |
| michael@0 | 76 | |
| michael@0 | 77 | // Inform the SSM. |
| michael@0 | 78 | nsScriptSecurityManager::GetScriptSecurityManager()->DeactivateDomainPolicy(); |
| michael@0 | 79 | return NS_OK; |
| michael@0 | 80 | } |
| michael@0 | 81 | |
| michael@0 | 82 | static already_AddRefed<nsIURI> |
| michael@0 | 83 | GetCanonicalClone(nsIURI* aURI) |
| michael@0 | 84 | { |
| michael@0 | 85 | nsCOMPtr<nsIURI> clone; |
| michael@0 | 86 | nsresult rv = aURI->Clone(getter_AddRefs(clone)); |
| michael@0 | 87 | NS_ENSURE_SUCCESS(rv, nullptr); |
| michael@0 | 88 | rv = clone->SetUserPass(EmptyCString()); |
| michael@0 | 89 | NS_ENSURE_SUCCESS(rv, nullptr); |
| michael@0 | 90 | rv = clone->SetPath(EmptyCString()); |
| michael@0 | 91 | NS_ENSURE_SUCCESS(rv, nullptr); |
| michael@0 | 92 | return clone.forget(); |
| michael@0 | 93 | } |
| michael@0 | 94 | |
| michael@0 | 95 | NS_IMPL_ISUPPORTS(DomainSet, nsIDomainSet) |
| michael@0 | 96 | |
| michael@0 | 97 | NS_IMETHODIMP |
| michael@0 | 98 | DomainSet::Add(nsIURI* aDomain) |
| michael@0 | 99 | { |
| michael@0 | 100 | nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain); |
| michael@0 | 101 | NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE); |
| michael@0 | 102 | mHashTable.PutEntry(clone); |
| michael@0 | 103 | return NS_OK; |
| michael@0 | 104 | } |
| michael@0 | 105 | |
| michael@0 | 106 | NS_IMETHODIMP |
| michael@0 | 107 | DomainSet::Remove(nsIURI* aDomain) |
| michael@0 | 108 | { |
| michael@0 | 109 | nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain); |
| michael@0 | 110 | NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE); |
| michael@0 | 111 | mHashTable.RemoveEntry(clone); |
| michael@0 | 112 | return NS_OK; |
| michael@0 | 113 | } |
| michael@0 | 114 | |
| michael@0 | 115 | NS_IMETHODIMP |
| michael@0 | 116 | DomainSet::Clear() |
| michael@0 | 117 | { |
| michael@0 | 118 | mHashTable.Clear(); |
| michael@0 | 119 | return NS_OK; |
| michael@0 | 120 | } |
| michael@0 | 121 | |
| michael@0 | 122 | NS_IMETHODIMP |
| michael@0 | 123 | DomainSet::Contains(nsIURI* aDomain, bool* aContains) |
| michael@0 | 124 | { |
| michael@0 | 125 | *aContains = false; |
| michael@0 | 126 | nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain); |
| michael@0 | 127 | NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE); |
| michael@0 | 128 | *aContains = mHashTable.Contains(clone); |
| michael@0 | 129 | return NS_OK; |
| michael@0 | 130 | } |
| michael@0 | 131 | |
| michael@0 | 132 | NS_IMETHODIMP |
| michael@0 | 133 | DomainSet::ContainsSuperDomain(nsIURI* aDomain, bool* aContains) |
| michael@0 | 134 | { |
| michael@0 | 135 | *aContains = false; |
| michael@0 | 136 | nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain); |
| michael@0 | 137 | NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE); |
| michael@0 | 138 | nsAutoCString domain; |
| michael@0 | 139 | nsresult rv = clone->GetHost(domain); |
| michael@0 | 140 | NS_ENSURE_SUCCESS(rv, rv); |
| michael@0 | 141 | while (true) { |
| michael@0 | 142 | // Check the current domain. |
| michael@0 | 143 | if (mHashTable.Contains(clone)) { |
| michael@0 | 144 | *aContains = true; |
| michael@0 | 145 | return NS_OK; |
| michael@0 | 146 | } |
| michael@0 | 147 | |
| michael@0 | 148 | // Chop off everything before the first dot, or break if there are no |
| michael@0 | 149 | // dots left. |
| michael@0 | 150 | int32_t index = domain.Find("."); |
| michael@0 | 151 | if (index == kNotFound) |
| michael@0 | 152 | break; |
| michael@0 | 153 | domain.Assign(Substring(domain, index + 1)); |
| michael@0 | 154 | rv = clone->SetHost(domain); |
| michael@0 | 155 | NS_ENSURE_SUCCESS(rv, rv); |
| michael@0 | 156 | } |
| michael@0 | 157 | |
| michael@0 | 158 | // No match. |
| michael@0 | 159 | return NS_OK; |
| michael@0 | 160 | |
| michael@0 | 161 | } |
| michael@0 | 162 | |
| michael@0 | 163 | } /* namespace mozilla */ |
