The Tor Browser / file comparison
comparison: js/public/Principals.h
js/public/Principals.h
- branch
- TOR_BUG_9701
- changeset 14
- 925c144e1f1f
equal
deleted
inserted
replaced
| -1:000000000000 | 0:b386edb8c1bc |
|---|---|
| 1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- | |
| 2 * vim: set ts=8 sts=4 et sw=4 tw=99: | |
| 3 * This Source Code Form is subject to the terms of the Mozilla Public | |
| 4 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 6 | |
| 7 /* JSPrincipals and related interfaces. */ | |
| 8 | |
| 9 #ifndef js_Principals_h | |
| 10 #define js_Principals_h | |
| 11 | |
| 12 #include "mozilla/Atomics.h" | |
| 13 | |
| 14 #include <stdint.h> | |
| 15 | |
| 16 #include "jspubtd.h" | |
| 17 | |
| 18 struct JSPrincipals { | |
| 19 /* Don't call "destroy"; use reference counting macros below. */ | |
| 20 #ifdef JS_THREADSAFE | |
| 21 mozilla::Atomic<int32_t> refcount; | |
| 22 #else | |
| 23 int32_t refcount; | |
| 24 #endif | |
| 25 | |
| 26 #ifdef JS_DEBUG | |
| 27 /* A helper to facilitate principals debugging. */ | |
| 28 uint32_t debugToken; | |
| 29 #endif | |
| 30 | |
| 31 void setDebugToken(uint32_t token) { | |
| 32 # ifdef JS_DEBUG | |
| 33 debugToken = token; | |
| 34 # endif | |
| 35 } | |
| 36 | |
| 37 /* | |
| 38 * This is not defined by the JS engine but should be provided by the | |
| 39 * embedding. | |
| 40 */ | |
| 41 JS_PUBLIC_API(void) dump(); | |
| 42 }; | |
| 43 | |
| 44 extern JS_PUBLIC_API(void) | |
| 45 JS_HoldPrincipals(JSPrincipals *principals); | |
| 46 | |
| 47 extern JS_PUBLIC_API(void) | |
| 48 JS_DropPrincipals(JSRuntime *rt, JSPrincipals *principals); | |
| 49 | |
| 50 // Return whether the first principal subsumes the second. The exact meaning of | |
| 51 // 'subsumes' is left up to the browser. Subsumption is checked inside the JS | |
| 52 // engine when determining, e.g., which stack frames to display in a backtrace. | |
| 53 typedef bool | |
| 54 (* JSSubsumesOp)(JSPrincipals *first, JSPrincipals *second); | |
| 55 | |
| 56 /* | |
| 57 * Used to check if a CSP instance wants to disable eval() and friends. | |
| 58 * See js_CheckCSPPermitsJSAction() in jsobj. | |
| 59 */ | |
| 60 typedef bool | |
| 61 (* JSCSPEvalChecker)(JSContext *cx); | |
| 62 | |
| 63 struct JSSecurityCallbacks { | |
| 64 JSCSPEvalChecker contentSecurityPolicyAllows; | |
| 65 JSSubsumesOp subsumes; | |
| 66 }; | |
| 67 | |
| 68 extern JS_PUBLIC_API(void) | |
| 69 JS_SetSecurityCallbacks(JSRuntime *rt, const JSSecurityCallbacks *callbacks); | |
| 70 | |
| 71 extern JS_PUBLIC_API(const JSSecurityCallbacks *) | |
| 72 JS_GetSecurityCallbacks(JSRuntime *rt); | |
| 73 | |
| 74 /* | |
| 75 * Code running with "trusted" principals will be given a deeper stack | |
| 76 * allocation than ordinary scripts. This allows trusted script to run after | |
| 77 * untrusted script has exhausted the stack. This function sets the | |
| 78 * runtime-wide trusted principal. | |
| 79 * | |
| 80 * This principals is not held (via JS_HoldPrincipals/JS_DropPrincipals) since | |
| 81 * there is no available JSContext. Instead, the caller must ensure that the | |
| 82 * given principals stays valid for as long as 'rt' may point to it. If the | |
| 83 * principals would be destroyed before 'rt', JS_SetTrustedPrincipals must be | |
| 84 * called again, passing nullptr for 'prin'. | |
| 85 */ | |
| 86 extern JS_PUBLIC_API(void) | |
| 87 JS_SetTrustedPrincipals(JSRuntime *rt, const JSPrincipals *prin); | |
| 88 | |
| 89 typedef void | |
| 90 (* JSDestroyPrincipalsOp)(JSPrincipals *principals); | |
| 91 | |
| 92 /* | |
| 93 * Initialize the callback that is called to destroy JSPrincipals instance | |
| 94 * when its reference counter drops to zero. The initialization can be done | |
| 95 * only once per JS runtime. | |
| 96 */ | |
| 97 extern JS_PUBLIC_API(void) | |
| 98 JS_InitDestroyPrincipalsCallback(JSRuntime *rt, JSDestroyPrincipalsOp destroyPrincipals); | |
| 99 | |
| 100 #endif /* js_Principals_h */ |
