1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/caps/src/DomainPolicy.cpp Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,163 @@
1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
1.5 +/* vim: set ts=4 et sw=4 tw=80: */
1.6 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.7 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.9 +
1.10 +#include "DomainPolicy.h"
1.11 +#include "nsScriptSecurityManager.h"
1.12 +
1.13 +namespace mozilla {
1.14 +
1.15 +NS_IMPL_ISUPPORTS(DomainPolicy, nsIDomainPolicy)
1.16 +
1.17 +DomainPolicy::DomainPolicy() : mBlacklist(new DomainSet())
1.18 + , mSuperBlacklist(new DomainSet())
1.19 + , mWhitelist(new DomainSet())
1.20 + , mSuperWhitelist(new DomainSet())
1.21 +{}
1.22 +
1.23 +DomainPolicy::~DomainPolicy()
1.24 +{
1.25 + // The SSM holds a strong ref to the DomainPolicy until Deactivate() is
1.26 + // invoked, so we should never hit the destructor until that happens.
1.27 + MOZ_ASSERT(!mBlacklist && !mSuperBlacklist &&
1.28 + !mWhitelist && !mSuperWhitelist);
1.29 +}
1.30 +
1.31 +
1.32 +NS_IMETHODIMP
1.33 +DomainPolicy::GetBlacklist(nsIDomainSet** aSet)
1.34 +{
1.35 + nsCOMPtr<nsIDomainSet> set = mBlacklist;
1.36 + set.forget(aSet);
1.37 + return NS_OK;
1.38 +}
1.39 +
1.40 +NS_IMETHODIMP
1.41 +DomainPolicy::GetSuperBlacklist(nsIDomainSet** aSet)
1.42 +{
1.43 + nsCOMPtr<nsIDomainSet> set = mSuperBlacklist;
1.44 + set.forget(aSet);
1.45 + return NS_OK;
1.46 +}
1.47 +
1.48 +NS_IMETHODIMP
1.49 +DomainPolicy::GetWhitelist(nsIDomainSet** aSet)
1.50 +{
1.51 + nsCOMPtr<nsIDomainSet> set = mWhitelist;
1.52 + set.forget(aSet);
1.53 + return NS_OK;
1.54 +}
1.55 +
1.56 +NS_IMETHODIMP
1.57 +DomainPolicy::GetSuperWhitelist(nsIDomainSet** aSet)
1.58 +{
1.59 + nsCOMPtr<nsIDomainSet> set = mSuperWhitelist;
1.60 + set.forget(aSet);
1.61 + return NS_OK;
1.62 +}
1.63 +
1.64 +NS_IMETHODIMP
1.65 +DomainPolicy::Deactivate()
1.66 +{
1.67 + // Clear the hashtables first to free up memory, since script might
1.68 + // hold the doomed sets alive indefinitely.
1.69 + mBlacklist->Clear();
1.70 + mSuperBlacklist->Clear();
1.71 + mWhitelist->Clear();
1.72 + mSuperWhitelist->Clear();
1.73 +
1.74 + // Null them out.
1.75 + mBlacklist = nullptr;
1.76 + mSuperBlacklist = nullptr;
1.77 + mWhitelist = nullptr;
1.78 + mSuperWhitelist = nullptr;
1.79 +
1.80 + // Inform the SSM.
1.81 + nsScriptSecurityManager::GetScriptSecurityManager()->DeactivateDomainPolicy();
1.82 + return NS_OK;
1.83 +}
1.84 +
1.85 +static already_AddRefed<nsIURI>
1.86 +GetCanonicalClone(nsIURI* aURI)
1.87 +{
1.88 + nsCOMPtr<nsIURI> clone;
1.89 + nsresult rv = aURI->Clone(getter_AddRefs(clone));
1.90 + NS_ENSURE_SUCCESS(rv, nullptr);
1.91 + rv = clone->SetUserPass(EmptyCString());
1.92 + NS_ENSURE_SUCCESS(rv, nullptr);
1.93 + rv = clone->SetPath(EmptyCString());
1.94 + NS_ENSURE_SUCCESS(rv, nullptr);
1.95 + return clone.forget();
1.96 +}
1.97 +
1.98 +NS_IMPL_ISUPPORTS(DomainSet, nsIDomainSet)
1.99 +
1.100 +NS_IMETHODIMP
1.101 +DomainSet::Add(nsIURI* aDomain)
1.102 +{
1.103 + nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
1.104 + NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
1.105 + mHashTable.PutEntry(clone);
1.106 + return NS_OK;
1.107 +}
1.108 +
1.109 +NS_IMETHODIMP
1.110 +DomainSet::Remove(nsIURI* aDomain)
1.111 +{
1.112 + nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
1.113 + NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
1.114 + mHashTable.RemoveEntry(clone);
1.115 + return NS_OK;
1.116 +}
1.117 +
1.118 +NS_IMETHODIMP
1.119 +DomainSet::Clear()
1.120 +{
1.121 + mHashTable.Clear();
1.122 + return NS_OK;
1.123 +}
1.124 +
1.125 +NS_IMETHODIMP
1.126 +DomainSet::Contains(nsIURI* aDomain, bool* aContains)
1.127 +{
1.128 + *aContains = false;
1.129 + nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
1.130 + NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
1.131 + *aContains = mHashTable.Contains(clone);
1.132 + return NS_OK;
1.133 +}
1.134 +
1.135 +NS_IMETHODIMP
1.136 +DomainSet::ContainsSuperDomain(nsIURI* aDomain, bool* aContains)
1.137 +{
1.138 + *aContains = false;
1.139 + nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
1.140 + NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
1.141 + nsAutoCString domain;
1.142 + nsresult rv = clone->GetHost(domain);
1.143 + NS_ENSURE_SUCCESS(rv, rv);
1.144 + while (true) {
1.145 + // Check the current domain.
1.146 + if (mHashTable.Contains(clone)) {
1.147 + *aContains = true;
1.148 + return NS_OK;
1.149 + }
1.150 +
1.151 + // Chop off everything before the first dot, or break if there are no
1.152 + // dots left.
1.153 + int32_t index = domain.Find(".");
1.154 + if (index == kNotFound)
1.155 + break;
1.156 + domain.Assign(Substring(domain, index + 1));
1.157 + rv = clone->SetHost(domain);
1.158 + NS_ENSURE_SUCCESS(rv, rv);
1.159 + }
1.160 +
1.161 + // No match.
1.162 + return NS_OK;
1.163 +
1.164 +}
1.165 +
1.166 +} /* namespace mozilla */
