The Tor Browser / file comparison
comparison: netwerk/base/public/nsIProtocolHandler.idl
netwerk/base/public/nsIProtocolHandler.idl
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:04ab1cdb0144 |
|---|---|
| 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ | |
| 2 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 3 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 5 | |
| 6 #include "nsISupports.idl" | |
| 7 | |
| 8 interface nsIURI; | |
| 9 interface nsIChannel; | |
| 10 | |
| 11 /** | |
| 12 * nsIProtocolHandler | |
| 13 */ | |
| 14 [scriptable, uuid(f5753fec-a051-4ddc-8891-11f1f1575072)] | |
| 15 interface nsIProtocolHandler : nsISupports | |
| 16 { | |
| 17 /** | |
| 18 * The scheme of this protocol (e.g., "file"). | |
| 19 */ | |
| 20 readonly attribute ACString scheme; | |
| 21 | |
| 22 /** | |
| 23 * The default port is the port that this protocol normally uses. | |
| 24 * If a port does not make sense for the protocol (e.g., "about:") | |
| 25 * then -1 will be returned. | |
| 26 */ | |
| 27 readonly attribute long defaultPort; | |
| 28 | |
| 29 /** | |
| 30 * Returns the protocol specific flags (see flag definitions below). | |
| 31 */ | |
| 32 readonly attribute unsigned long protocolFlags; | |
| 33 | |
| 34 /** | |
| 35 * Makes a URI object that is suitable for loading by this protocol, | |
| 36 * where the URI string is given as an UTF-8 string. The caller may | |
| 37 * provide the charset from which the URI string originated, so that | |
| 38 * the URI string can be translated back to that charset (if necessary) | |
| 39 * before communicating with, for example, the origin server of the URI | |
| 40 * string. (Many servers do not support UTF-8 IRIs at the present time, | |
| 41 * so we must be careful about tracking the native charset of the origin | |
| 42 * server.) | |
| 43 * | |
| 44 * @param aSpec - the URI string in UTF-8 encoding. depending | |
| 45 * on the protocol implementation, unicode character | |
| 46 * sequences may or may not be %xx escaped. | |
| 47 * @param aOriginCharset - the charset of the document from which this URI | |
| 48 * string originated. this corresponds to the | |
| 49 * charset that should be used when communicating | |
| 50 * this URI to an origin server, for example. if | |
| 51 * null, then UTF-8 encoding is assumed (i.e., | |
| 52 * no charset transformation from aSpec). | |
| 53 * @param aBaseURI - if null, aSpec must specify an absolute URI. | |
| 54 * otherwise, aSpec may be resolved relative | |
| 55 * to aBaseURI, depending on the protocol. | |
| 56 * If the protocol has no concept of relative | |
| 57 * URI aBaseURI will simply be ignored. | |
| 58 */ | |
| 59 nsIURI newURI(in AUTF8String aSpec, | |
| 60 in string aOriginCharset, | |
| 61 in nsIURI aBaseURI); | |
| 62 | |
| 63 /** | |
| 64 * Constructs a new channel from the given URI for this protocol handler. | |
| 65 */ | |
| 66 nsIChannel newChannel(in nsIURI aURI); | |
| 67 | |
| 68 /** | |
| 69 * Allows a protocol to override blacklisted ports. | |
| 70 * | |
| 71 * This method will be called when there is an attempt to connect to a port | |
| 72 * that is blacklisted. For example, for most protocols, port 25 (Simple Mail | |
| 73 * Transfer) is banned. When a URI containing this "known-to-do-bad-things" | |
| 74 * port number is encountered, this function will be called to ask if the | |
| 75 * protocol handler wants to override the ban. | |
| 76 */ | |
| 77 boolean allowPort(in long port, in string scheme); | |
| 78 | |
| 79 | |
| 80 /************************************************************************** | |
| 81 * Constants for the protocol flags (the first is the default mask, the | |
| 82 * others are deviations): | |
| 83 * | |
| 84 * NOTE: Implementation must ignore any flags they do not understand. | |
| 85 */ | |
| 86 | |
| 87 /** | |
| 88 * standard full URI with authority component and concept of relative | |
| 89 * URIs (http, ftp, ...) | |
| 90 */ | |
| 91 const unsigned long URI_STD = 0; | |
| 92 | |
| 93 /** | |
| 94 * no concept of relative URIs (about, javascript, finger, ...) | |
| 95 */ | |
| 96 const unsigned long URI_NORELATIVE = (1<<0); | |
| 97 | |
| 98 /** | |
| 99 * no authority component (file, ...) | |
| 100 */ | |
| 101 const unsigned long URI_NOAUTH = (1<<1); | |
| 102 | |
| 103 /** | |
| 104 * This protocol handler can be proxied via a proxy (socks or http) | |
| 105 * (e.g., irc, smtp, http, etc.). If the protocol supports transparent | |
| 106 * proxying, the handler should implement nsIProxiedProtocolHandler. | |
| 107 * | |
| 108 * If it supports only HTTP proxying, then it need not support | |
| 109 * nsIProxiedProtocolHandler, but should instead set the ALLOWS_PROXY_HTTP | |
| 110 * flag (see below). | |
| 111 * | |
| 112 * @see nsIProxiedProtocolHandler | |
| 113 */ | |
| 114 const unsigned long ALLOWS_PROXY = (1<<2); | |
| 115 | |
| 116 /** | |
| 117 * This protocol handler can be proxied using a http proxy (e.g., http, | |
| 118 * ftp, etc.). nsIIOService::newChannelFromURI will feed URIs from this | |
| 119 * protocol handler to the HTTP protocol handler instead. This flag is | |
| 120 * ignored if ALLOWS_PROXY is not set. | |
| 121 */ | |
| 122 const unsigned long ALLOWS_PROXY_HTTP = (1<<3); | |
| 123 | |
| 124 /** | |
| 125 * The URIs for this protocol have no inherent security context, so | |
| 126 * documents loaded via this protocol should inherit the security context | |
| 127 * from the document that loads them. | |
| 128 */ | |
| 129 const unsigned long URI_INHERITS_SECURITY_CONTEXT = (1<<4); | |
| 130 | |
| 131 /** | |
| 132 * "Automatic" loads that would replace the document (e.g. <meta> refresh, | |
| 133 * certain types of XLinks, possibly other loads that the application | |
| 134 * decides are not user triggered) are not allowed if the originating (NOT | |
| 135 * the target) URI has this protocol flag. Note that the decision as to | |
| 136 * what constitutes an "automatic" load is made externally, by the caller | |
| 137 * of nsIScriptSecurityManager::CheckLoadURI. See documentation for that | |
| 138 * method for more information. | |
| 139 * | |
| 140 * A typical protocol that might want to set this flag is a protocol that | |
| 141 * shows highly untrusted content in a viewing area that the user expects | |
| 142 * to have a lot of control over, such as an e-mail reader. | |
| 143 */ | |
| 144 const unsigned long URI_FORBIDS_AUTOMATIC_DOCUMENT_REPLACEMENT = (1<<5); | |
| 145 | |
| 146 /** | |
| 147 * +-------------------------------------------------------------------+ | |
| 148 * | | | |
| 149 * | ALL PROTOCOL HANDLERS MUST SET ONE OF THE FOLLOWING FIVE FLAGS. | | |
| 150 * | | | |
| 151 * +-------------------------------------------------------------------+ | |
| 152 * | |
| 153 * These flags are used to determine who is allowed to load URIs for this | |
| 154 * protocol. Note that if a URI is nested, only the flags for the | |
| 155 * innermost URI matter. See nsINestedURI. | |
| 156 * | |
| 157 * If none of these five flags are set, the URI must be treated as if it | |
| 158 * had the URI_LOADABLE_BY_ANYONE flag set, for compatibility with protocol | |
| 159 * handlers written against Gecko 1.8 or earlier. In this case, there may | |
| 160 * be run-time warning messages indicating that a "default insecure" | |
| 161 * assumption is being made. At some point in the futures (Mozilla 2.0, | |
| 162 * most likely), these warnings will become errors. | |
| 163 */ | |
| 164 | |
| 165 /** | |
| 166 * The URIs for this protocol can be loaded by anyone. For example, any | |
| 167 * website should be allowed to trigger a load of a URI for this protocol. | |
| 168 * Web-safe protocols like "http" should set this flag. | |
| 169 */ | |
| 170 const unsigned long URI_LOADABLE_BY_ANYONE = (1<<6); | |
| 171 | |
| 172 /** | |
| 173 * The URIs for this protocol are UNSAFE if loaded by untrusted (web) | |
| 174 * content and may only be loaded by privileged code (for example, code | |
| 175 * which has the system principal). Various internal protocols should set | |
| 176 * this flag. | |
| 177 */ | |
| 178 const unsigned long URI_DANGEROUS_TO_LOAD = (1<<7); | |
| 179 | |
| 180 /** | |
| 181 * The URIs for this protocol point to resources that are part of the | |
| 182 * application's user interface. There are cases when such resources may | |
| 183 * be made accessible to untrusted content such as web pages, so this is | |
| 184 * less restrictive than URI_DANGEROUS_TO_LOAD but more restrictive than | |
| 185 * URI_LOADABLE_BY_ANYONE. See the documentation for | |
| 186 * nsIScriptSecurityManager::CheckLoadURI. | |
| 187 */ | |
| 188 const unsigned long URI_IS_UI_RESOURCE = (1<<8); | |
| 189 | |
| 190 /** | |
| 191 * Loading of URIs for this protocol from other origins should only be | |
| 192 * allowed if those origins should have access to the local filesystem. | |
| 193 * It's up to the application to decide what origins should have such | |
| 194 * access. Protocols like "file" that point to local data should set this | |
| 195 * flag. | |
| 196 */ | |
| 197 const unsigned long URI_IS_LOCAL_FILE = (1<<9); | |
| 198 | |
| 199 /** | |
| 200 * The URIs for this protocol can be loaded only by callers with a | |
| 201 * principal that subsumes this uri. For example, privileged code and | |
| 202 * websites that are same origin as this uri. | |
| 203 */ | |
| 204 const unsigned long URI_LOADABLE_BY_SUBSUMERS = (1<<10); | |
| 205 | |
| 206 /** | |
| 207 * Channels using this protocol never call OnDataAvailable | |
| 208 * on the listener passed to AsyncOpen and they therefore | |
| 209 * do not return any data that we can use. | |
| 210 */ | |
| 211 const unsigned long URI_DOES_NOT_RETURN_DATA = (1<<11); | |
| 212 | |
| 213 /** | |
| 214 * URIs for this protocol are considered to be local resources. This could | |
| 215 * be a local file (URI_IS_LOCAL_FILE), a UI resource (URI_IS_UI_RESOURCE), | |
| 216 * or something else that would not hit the network. | |
| 217 */ | |
| 218 const unsigned long URI_IS_LOCAL_RESOURCE = (1<<12); | |
| 219 | |
| 220 /** | |
| 221 * URIs for this protocol execute script when they are opened. | |
| 222 */ | |
| 223 const unsigned long URI_OPENING_EXECUTES_SCRIPT = (1<<13); | |
| 224 | |
| 225 /** | |
| 226 * Loading channels from this protocol has side-effects that make | |
| 227 * it unsuitable for saving to a local file. | |
| 228 */ | |
| 229 const unsigned long URI_NON_PERSISTABLE = (1<<14); | |
| 230 | |
| 231 /** | |
| 232 * This protocol handler forbids accessing cookies e.g. for mail related | |
| 233 * protocols. | |
| 234 */ | |
| 235 const unsigned long URI_FORBIDS_COOKIE_ACCESS = (1<<15); | |
| 236 | |
| 237 /** | |
| 238 * URIs for this protocol require the webapps permission on the principal | |
| 239 * when opening URIs for a different domain. See bug#773886 | |
| 240 */ | |
| 241 const unsigned long URI_CROSS_ORIGIN_NEEDS_WEBAPPS_PERM = (1<<16); | |
| 242 | |
| 243 /** | |
| 244 * Channels for this protocol don't need to spin the event loop to handle | |
| 245 * Open() and reads on the resulting stream. | |
| 246 */ | |
| 247 const unsigned long URI_SYNC_LOAD_IS_OK = (1<<17); | |
| 248 | |
| 249 /** | |
| 250 * URI is secure to load in an https page and should not be blocked | |
| 251 * by nsMixedContentBlocker | |
| 252 */ | |
| 253 const unsigned long URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT = (1<<18); | |
| 254 | |
| 255 | |
| 256 }; | |
| 257 | |
| 258 %{C++ | |
| 259 /** | |
| 260 * Protocol handlers are registered with XPCOM under the following CONTRACTID prefix: | |
| 261 */ | |
| 262 #define NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "@mozilla.org/network/protocol;1?name=" | |
| 263 /** | |
| 264 * For example, "@mozilla.org/network/protocol;1?name=http" | |
| 265 */ | |
| 266 %} |
