1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/caps/include/nsScriptSecurityManager.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,194 @@
1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
1.5 +/* vim: set ts=4 et sw=4 tw=80: */
1.6 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.7 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.9 +
1.10 +#ifndef nsScriptSecurityManager_h__
1.11 +#define nsScriptSecurityManager_h__
1.12 +
1.13 +#include "nsIScriptSecurityManager.h"
1.14 +#include "nsIPrincipal.h"
1.15 +#include "nsIXPCSecurityManager.h"
1.16 +#include "nsCOMPtr.h"
1.17 +#include "nsIChannelEventSink.h"
1.18 +#include "nsIObserver.h"
1.19 +#include "plstr.h"
1.20 +#include "nsIScriptExternalNameSet.h"
1.21 +#include "js/TypeDecls.h"
1.22 +
1.23 +#include <stdint.h>
1.24 +
1.25 +class nsIDocShell;
1.26 +class nsCString;
1.27 +class nsIClassInfo;
1.28 +class nsIIOService;
1.29 +class nsIStringBundle;
1.30 +class nsSystemPrincipal;
1.31 +class ClassInfoData;
1.32 +
1.33 +/////////////////////////////
1.34 +// nsScriptSecurityManager //
1.35 +/////////////////////////////
1.36 +#define NS_SCRIPTSECURITYMANAGER_CID \
1.37 +{ 0x7ee2a4c0, 0x4b93, 0x17d3, \
1.38 +{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
1.39 +
1.40 +class nsScriptSecurityManager : public nsIScriptSecurityManager,
1.41 + public nsIChannelEventSink,
1.42 + public nsIObserver
1.43 +{
1.44 +public:
1.45 + static void Shutdown();
1.46 +
1.47 + NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
1.48 +
1.49 + NS_DECL_ISUPPORTS
1.50 + NS_DECL_NSISCRIPTSECURITYMANAGER
1.51 + NS_DECL_NSIXPCSECURITYMANAGER
1.52 + NS_DECL_NSICHANNELEVENTSINK
1.53 + NS_DECL_NSIOBSERVER
1.54 +
1.55 + static nsScriptSecurityManager*
1.56 + GetScriptSecurityManager();
1.57 +
1.58 + static nsSystemPrincipal*
1.59 + SystemPrincipalSingletonConstructor();
1.60 +
1.61 + JSContext* GetCurrentJSContext();
1.62 +
1.63 + JSContext* GetSafeJSContext();
1.64 +
1.65 + /**
1.66 + * Utility method for comparing two URIs. For security purposes, two URIs
1.67 + * are equivalent if their schemes, hosts, and ports (if any) match. This
1.68 + * method returns true if aSubjectURI and aObjectURI have the same origin,
1.69 + * false otherwise.
1.70 + */
1.71 + static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
1.72 + static uint32_t SecurityHashURI(nsIURI* aURI);
1.73 +
1.74 + static nsresult
1.75 + ReportError(JSContext* cx, const nsAString& messageTag,
1.76 + nsIURI* aSource, nsIURI* aTarget);
1.77 +
1.78 + static uint32_t
1.79 + HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
1.80 +
1.81 + static bool
1.82 + GetStrictFileOriginPolicy()
1.83 + {
1.84 + return sStrictFileOriginPolicy;
1.85 + }
1.86 +
1.87 + /**
1.88 + * Returns true if the two principals share the same app attributes.
1.89 + *
1.90 + * App attributes are appId and the inBrowserElement flag.
1.91 + * Two principals have the same app attributes if those information are
1.92 + * equals.
1.93 + * This method helps keeping principals from different apps isolated from
1.94 + * each other. Also, it helps making sure mozbrowser (web views) and their
1.95 + * parent are isolated from each other. All those entities do not share the
1.96 + * same data (cookies, IndexedDB, localStorage, etc.) so we shouldn't allow
1.97 + * violating that principle.
1.98 + */
1.99 + static bool
1.100 + AppAttributesEqual(nsIPrincipal* aFirst,
1.101 + nsIPrincipal* aSecond);
1.102 +
1.103 + void DeactivateDomainPolicy();
1.104 +
1.105 +private:
1.106 +
1.107 + // GetScriptSecurityManager is the only call that can make one
1.108 + nsScriptSecurityManager();
1.109 + virtual ~nsScriptSecurityManager();
1.110 +
1.111 + bool SubjectIsPrivileged();
1.112 +
1.113 + // Decides, based on CSP, whether or not eval() and stuff can be executed.
1.114 + static bool
1.115 + ContentSecurityPolicyPermitsJSAction(JSContext *cx);
1.116 +
1.117 + static bool
1.118 + JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second);
1.119 +
1.120 + // Returns null if a principal cannot be found; generally callers
1.121 + // should error out at that point.
1.122 + static nsIPrincipal* doGetObjectPrincipal(JSObject* obj);
1.123 +
1.124 + // Returns null if a principal cannot be found. Note that rv can be NS_OK
1.125 + // when this happens -- this means that there was no JS running.
1.126 + nsIPrincipal*
1.127 + doGetSubjectPrincipal(nsresult* rv);
1.128 +
1.129 + nsresult
1.130 + GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId,
1.131 + bool aInMozBrowser,
1.132 + nsIPrincipal** result);
1.133 +
1.134 + nsresult
1.135 + CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId, bool aInMozBrowser,
1.136 + nsIPrincipal** result);
1.137 +
1.138 + // Returns null if a principal cannot be found. Note that rv can be NS_OK
1.139 + // when this happens -- this means that there was no script for the
1.140 + // context. Callers MUST pass in a non-null rv here.
1.141 + nsIPrincipal*
1.142 + GetSubjectPrincipal(JSContext* cx, nsresult* rv);
1.143 +
1.144 + nsresult
1.145 + Init();
1.146 +
1.147 + nsresult
1.148 + InitPrefs();
1.149 +
1.150 + inline void
1.151 + ScriptSecurityPrefChanged();
1.152 +
1.153 + inline void
1.154 + AddSitesToFileURIWhitelist(const nsCString& aSiteList);
1.155 +
1.156 + nsCOMPtr<nsIPrincipal> mSystemPrincipal;
1.157 + bool mPrefInitialized;
1.158 + bool mIsJavaScriptEnabled;
1.159 + nsTArray<nsCOMPtr<nsIURI>> mFileURIWhitelist;
1.160 +
1.161 + // This machinery controls new-style domain policies. The old-style
1.162 + // policy machinery will be removed soon.
1.163 + nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
1.164 +
1.165 + static bool sStrictFileOriginPolicy;
1.166 +
1.167 + static nsIIOService *sIOService;
1.168 + static nsIStringBundle *sStrBundle;
1.169 + static JSRuntime *sRuntime;
1.170 +};
1.171 +
1.172 +#define NS_SECURITYNAMESET_CID \
1.173 + { 0x7c02eadc, 0x76, 0x4d03, \
1.174 + { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } }
1.175 +#define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1"
1.176 +
1.177 +class nsSecurityNameSet : public nsIScriptExternalNameSet
1.178 +{
1.179 +public:
1.180 + nsSecurityNameSet();
1.181 + virtual ~nsSecurityNameSet();
1.182 +
1.183 + NS_DECL_ISUPPORTS
1.184 +
1.185 + NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext);
1.186 +};
1.187 +
1.188 +namespace mozilla {
1.189 +
1.190 +void
1.191 +GetJarPrefix(uint32_t aAppid,
1.192 + bool aInMozBrowser,
1.193 + nsACString& aJarPrefix);
1.194 +
1.195 +} // namespace mozilla
1.196 +
1.197 +#endif // nsScriptSecurityManager_h__
