The Tor Browser / file comparison
comparison: caps/include/nsScriptSecurityManager.h
caps/include/nsScriptSecurityManager.h
- branch
- TOR_BUG_9701
- changeset 10
- ac0c01689b40
equal
deleted
inserted
replaced
| -1:000000000000 | 0:dd98b1962ada |
|---|---|
| 1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | |
| 2 /* vim: set ts=4 et sw=4 tw=80: */ | |
| 3 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 4 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 6 | |
| 7 #ifndef nsScriptSecurityManager_h__ | |
| 8 #define nsScriptSecurityManager_h__ | |
| 9 | |
| 10 #include "nsIScriptSecurityManager.h" | |
| 11 #include "nsIPrincipal.h" | |
| 12 #include "nsIXPCSecurityManager.h" | |
| 13 #include "nsCOMPtr.h" | |
| 14 #include "nsIChannelEventSink.h" | |
| 15 #include "nsIObserver.h" | |
| 16 #include "plstr.h" | |
| 17 #include "nsIScriptExternalNameSet.h" | |
| 18 #include "js/TypeDecls.h" | |
| 19 | |
| 20 #include <stdint.h> | |
| 21 | |
| 22 class nsIDocShell; | |
| 23 class nsCString; | |
| 24 class nsIClassInfo; | |
| 25 class nsIIOService; | |
| 26 class nsIStringBundle; | |
| 27 class nsSystemPrincipal; | |
| 28 class ClassInfoData; | |
| 29 | |
| 30 ///////////////////////////// | |
| 31 // nsScriptSecurityManager // | |
| 32 ///////////////////////////// | |
| 33 #define NS_SCRIPTSECURITYMANAGER_CID \ | |
| 34 { 0x7ee2a4c0, 0x4b93, 0x17d3, \ | |
| 35 { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }} | |
| 36 | |
| 37 class nsScriptSecurityManager : public nsIScriptSecurityManager, | |
| 38 public nsIChannelEventSink, | |
| 39 public nsIObserver | |
| 40 { | |
| 41 public: | |
| 42 static void Shutdown(); | |
| 43 | |
| 44 NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID) | |
| 45 | |
| 46 NS_DECL_ISUPPORTS | |
| 47 NS_DECL_NSISCRIPTSECURITYMANAGER | |
| 48 NS_DECL_NSIXPCSECURITYMANAGER | |
| 49 NS_DECL_NSICHANNELEVENTSINK | |
| 50 NS_DECL_NSIOBSERVER | |
| 51 | |
| 52 static nsScriptSecurityManager* | |
| 53 GetScriptSecurityManager(); | |
| 54 | |
| 55 static nsSystemPrincipal* | |
| 56 SystemPrincipalSingletonConstructor(); | |
| 57 | |
| 58 JSContext* GetCurrentJSContext(); | |
| 59 | |
| 60 JSContext* GetSafeJSContext(); | |
| 61 | |
| 62 /** | |
| 63 * Utility method for comparing two URIs. For security purposes, two URIs | |
| 64 * are equivalent if their schemes, hosts, and ports (if any) match. This | |
| 65 * method returns true if aSubjectURI and aObjectURI have the same origin, | |
| 66 * false otherwise. | |
| 67 */ | |
| 68 static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI); | |
| 69 static uint32_t SecurityHashURI(nsIURI* aURI); | |
| 70 | |
| 71 static nsresult | |
| 72 ReportError(JSContext* cx, const nsAString& messageTag, | |
| 73 nsIURI* aSource, nsIURI* aTarget); | |
| 74 | |
| 75 static uint32_t | |
| 76 HashPrincipalByOrigin(nsIPrincipal* aPrincipal); | |
| 77 | |
| 78 static bool | |
| 79 GetStrictFileOriginPolicy() | |
| 80 { | |
| 81 return sStrictFileOriginPolicy; | |
| 82 } | |
| 83 | |
| 84 /** | |
| 85 * Returns true if the two principals share the same app attributes. | |
| 86 * | |
| 87 * App attributes are appId and the inBrowserElement flag. | |
| 88 * Two principals have the same app attributes if those information are | |
| 89 * equals. | |
| 90 * This method helps keeping principals from different apps isolated from | |
| 91 * each other. Also, it helps making sure mozbrowser (web views) and their | |
| 92 * parent are isolated from each other. All those entities do not share the | |
| 93 * same data (cookies, IndexedDB, localStorage, etc.) so we shouldn't allow | |
| 94 * violating that principle. | |
| 95 */ | |
| 96 static bool | |
| 97 AppAttributesEqual(nsIPrincipal* aFirst, | |
| 98 nsIPrincipal* aSecond); | |
| 99 | |
| 100 void DeactivateDomainPolicy(); | |
| 101 | |
| 102 private: | |
| 103 | |
| 104 // GetScriptSecurityManager is the only call that can make one | |
| 105 nsScriptSecurityManager(); | |
| 106 virtual ~nsScriptSecurityManager(); | |
| 107 | |
| 108 bool SubjectIsPrivileged(); | |
| 109 | |
| 110 // Decides, based on CSP, whether or not eval() and stuff can be executed. | |
| 111 static bool | |
| 112 ContentSecurityPolicyPermitsJSAction(JSContext *cx); | |
| 113 | |
| 114 static bool | |
| 115 JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second); | |
| 116 | |
| 117 // Returns null if a principal cannot be found; generally callers | |
| 118 // should error out at that point. | |
| 119 static nsIPrincipal* doGetObjectPrincipal(JSObject* obj); | |
| 120 | |
| 121 // Returns null if a principal cannot be found. Note that rv can be NS_OK | |
| 122 // when this happens -- this means that there was no JS running. | |
| 123 nsIPrincipal* | |
| 124 doGetSubjectPrincipal(nsresult* rv); | |
| 125 | |
| 126 nsresult | |
| 127 GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId, | |
| 128 bool aInMozBrowser, | |
| 129 nsIPrincipal** result); | |
| 130 | |
| 131 nsresult | |
| 132 CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId, bool aInMozBrowser, | |
| 133 nsIPrincipal** result); | |
| 134 | |
| 135 // Returns null if a principal cannot be found. Note that rv can be NS_OK | |
| 136 // when this happens -- this means that there was no script for the | |
| 137 // context. Callers MUST pass in a non-null rv here. | |
| 138 nsIPrincipal* | |
| 139 GetSubjectPrincipal(JSContext* cx, nsresult* rv); | |
| 140 | |
| 141 nsresult | |
| 142 Init(); | |
| 143 | |
| 144 nsresult | |
| 145 InitPrefs(); | |
| 146 | |
| 147 inline void | |
| 148 ScriptSecurityPrefChanged(); | |
| 149 | |
| 150 inline void | |
| 151 AddSitesToFileURIWhitelist(const nsCString& aSiteList); | |
| 152 | |
| 153 nsCOMPtr<nsIPrincipal> mSystemPrincipal; | |
| 154 bool mPrefInitialized; | |
| 155 bool mIsJavaScriptEnabled; | |
| 156 nsTArray<nsCOMPtr<nsIURI>> mFileURIWhitelist; | |
| 157 | |
| 158 // This machinery controls new-style domain policies. The old-style | |
| 159 // policy machinery will be removed soon. | |
| 160 nsCOMPtr<nsIDomainPolicy> mDomainPolicy; | |
| 161 | |
| 162 static bool sStrictFileOriginPolicy; | |
| 163 | |
| 164 static nsIIOService *sIOService; | |
| 165 static nsIStringBundle *sStrBundle; | |
| 166 static JSRuntime *sRuntime; | |
| 167 }; | |
| 168 | |
| 169 #define NS_SECURITYNAMESET_CID \ | |
| 170 { 0x7c02eadc, 0x76, 0x4d03, \ | |
| 171 { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } } | |
| 172 #define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1" | |
| 173 | |
| 174 class nsSecurityNameSet : public nsIScriptExternalNameSet | |
| 175 { | |
| 176 public: | |
| 177 nsSecurityNameSet(); | |
| 178 virtual ~nsSecurityNameSet(); | |
| 179 | |
| 180 NS_DECL_ISUPPORTS | |
| 181 | |
| 182 NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext); | |
| 183 }; | |
| 184 | |
| 185 namespace mozilla { | |
| 186 | |
| 187 void | |
| 188 GetJarPrefix(uint32_t aAppid, | |
| 189 bool aInMozBrowser, | |
| 190 nsACString& aJarPrefix); | |
| 191 | |
| 192 } // namespace mozilla | |
| 193 | |
| 194 #endif // nsScriptSecurityManager_h__ |
