1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/caps/src/nsSecurityManagerFactory.cpp Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,129 @@
1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
1.5 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.6 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.7 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.8 +/*Factory for internal browser security resource managers*/
1.9 +
1.10 +#include "nsCOMPtr.h"
1.11 +#include "nsIScriptSecurityManager.h"
1.12 +#include "nsScriptSecurityManager.h"
1.13 +#include "nsIPrincipal.h"
1.14 +#include "nsPrincipal.h"
1.15 +#include "nsSystemPrincipal.h"
1.16 +#include "nsNullPrincipal.h"
1.17 +#include "nsIScriptNameSpaceManager.h"
1.18 +#include "nsIScriptContext.h"
1.19 +#include "nsICategoryManager.h"
1.20 +#include "nsXPIDLString.h"
1.21 +#include "nsCOMPtr.h"
1.22 +#include "nsIServiceManager.h"
1.23 +#include "nsString.h"
1.24 +#include "nsNetCID.h"
1.25 +#include "nsIClassInfoImpl.h"
1.26 +#include "nsJSUtils.h"
1.27 +#include "nsPIDOMWindow.h"
1.28 +#include "nsIScriptGlobalObject.h"
1.29 +#include "nsIDocument.h"
1.30 +#include "jsfriendapi.h"
1.31 +#include "xpcprivate.h"
1.32 +#include "nsCxPusher.h"
1.33 +#include "mozilla/Preferences.h"
1.34 +#include "mozilla/Telemetry.h"
1.35 +
1.36 +using namespace mozilla;
1.37 +
1.38 +///////////////////////
1.39 +// nsSecurityNameSet //
1.40 +///////////////////////
1.41 +
1.42 +nsSecurityNameSet::nsSecurityNameSet()
1.43 +{
1.44 +}
1.45 +
1.46 +nsSecurityNameSet::~nsSecurityNameSet()
1.47 +{
1.48 +}
1.49 +
1.50 +NS_IMPL_ISUPPORTS(nsSecurityNameSet, nsIScriptExternalNameSet)
1.51 +
1.52 +static bool
1.53 +netscape_security_enablePrivilege(JSContext *cx, unsigned argc, JS::Value *vp)
1.54 +{
1.55 + Telemetry::Accumulate(Telemetry::ENABLE_PRIVILEGE_EVER_CALLED, true);
1.56 + return xpc::EnableUniversalXPConnect(cx);
1.57 +}
1.58 +
1.59 +static const JSFunctionSpec PrivilegeManager_static_methods[] = {
1.60 + JS_FS("enablePrivilege", netscape_security_enablePrivilege, 1, 0),
1.61 + JS_FS_END
1.62 +};
1.63 +
1.64 +/*
1.65 + * "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege,
1.66 + * et al. so that code that worked with 4.0 can still work.
1.67 + */
1.68 +NS_IMETHODIMP
1.69 +nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
1.70 +{
1.71 + AutoJSContext cx;
1.72 + JS::Rooted<JSObject*> global(cx, aScriptContext->GetWindowProxy());
1.73 + JSAutoCompartment ac(cx, global);
1.74 +
1.75 + /*
1.76 + * Find Object.prototype's class by walking up the global object's
1.77 + * prototype chain.
1.78 + */
1.79 + JS::Rooted<JSObject*> obj(cx, global);
1.80 + JS::Rooted<JSObject*> proto(cx);
1.81 + for (;;) {
1.82 + MOZ_ALWAYS_TRUE(JS_GetPrototype(cx, obj, &proto));
1.83 + if (!proto)
1.84 + break;
1.85 + obj = proto;
1.86 + }
1.87 + const JSClass *objectClass = JS_GetClass(obj);
1.88 +
1.89 + JS::Rooted<JS::Value> v(cx);
1.90 + if (!JS_GetProperty(cx, global, "netscape", &v))
1.91 + return NS_ERROR_FAILURE;
1.92 +
1.93 + JS::Rooted<JSObject*> securityObj(cx);
1.94 + if (v.isObject()) {
1.95 + /*
1.96 + * "netscape" property of window object exists; get the
1.97 + * "security" property.
1.98 + */
1.99 + obj = &v.toObject();
1.100 + if (!JS_GetProperty(cx, obj, "security", &v) || !v.isObject())
1.101 + return NS_ERROR_FAILURE;
1.102 + securityObj = &v.toObject();
1.103 + } else {
1.104 + /* define netscape.security object */
1.105 + obj = JS_DefineObject(cx, global, "netscape", objectClass, nullptr, 0);
1.106 + if (obj == nullptr)
1.107 + return NS_ERROR_FAILURE;
1.108 + securityObj = JS_DefineObject(cx, obj, "security", objectClass,
1.109 + nullptr, 0);
1.110 + if (securityObj == nullptr)
1.111 + return NS_ERROR_FAILURE;
1.112 + }
1.113 +
1.114 + // We hide enablePrivilege behind a pref because it has been altered in a
1.115 + // way that makes it fundamentally insecure to use in production. Mozilla
1.116 + // uses this pref during automated testing to support legacy test code that
1.117 + // uses enablePrivilege. If you're not doing test automation, you _must_ not
1.118 + // flip this pref, or you will be exposing all your users to security
1.119 + // vulnerabilities.
1.120 + if (!Preferences::GetBool("security.turn_off_all_security_so_that_viruses_can_take_over_this_computer"))
1.121 + return NS_OK;
1.122 +
1.123 + /* Define PrivilegeManager object with the necessary "static" methods. */
1.124 + obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass,
1.125 + nullptr, 0);
1.126 + if (obj == nullptr)
1.127 + return NS_ERROR_FAILURE;
1.128 +
1.129 + return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods)
1.130 + ? NS_OK
1.131 + : NS_ERROR_FAILURE;
1.132 +}
