1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/content/base/src/nsSandboxFlags.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,78 @@
1.4 +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
1.5 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.6 + * License, v. 2.0. If a copy of the MPL was not distributed with this file,
1.7 + * You can obtain one at http://mozilla.org/MPL/2.0/. */
1.8 +
1.9 +/*
1.10 + * Constant flags that describe how a document is sandboxed according to the
1.11 + * HTML5 spec.
1.12 + */
1.13 +
1.14 +#ifndef nsSandboxFlags_h___
1.15 +#define nsSandboxFlags_h___
1.16 +
1.17 +/**
1.18 + * This flag prevents content from navigating browsing contexts other than
1.19 + * itself, browsing contexts nested inside it, the top-level browsing context
1.20 + * and browsing contexts that it has opened.
1.21 + * As it is always on for sandboxed browsing contexts, it is used implicitly
1.22 + * within the code by checking that the overall flags are non-zero.
1.23 + * It is only uesd directly when the sandbox flags are initially set up.
1.24 + */
1.25 +const unsigned long SANDBOXED_NAVIGATION = 0x1;
1.26 +
1.27 +/**
1.28 + * This flag prevents content from navigating their top-level browsing
1.29 + * context.
1.30 + */
1.31 +const unsigned long SANDBOXED_TOPLEVEL_NAVIGATION = 0x2;
1.32 +
1.33 +/**
1.34 + * This flag prevents content from instantiating plugins, whether using the
1.35 + * embed element, the object element, the applet element, or through
1.36 + * navigation of a nested browsing context, unless those plugins can be
1.37 + * secured.
1.38 + */
1.39 +const unsigned long SANDBOXED_PLUGINS = 0x4;
1.40 +
1.41 +/**
1.42 + * This flag forces content into a unique origin, thus preventing it from
1.43 + * accessing other content from the same origin.
1.44 + * This flag also prevents script from reading from or writing to the
1.45 + * document.cookie IDL attribute, and blocks access to localStorage.
1.46 + */
1.47 +const unsigned long SANDBOXED_ORIGIN = 0x8;
1.48 +
1.49 +/**
1.50 + * This flag blocks form submission.
1.51 + */
1.52 +const unsigned long SANDBOXED_FORMS = 0x10;
1.53 +
1.54 +/**
1.55 + * This flag blocks script execution.
1.56 + */
1.57 +const unsigned long SANDBOXED_SCRIPTS = 0x20;
1.58 +
1.59 +/**
1.60 + * This flag blocks features that trigger automatically, such as
1.61 + * automatically playing a video or automatically focusing a form control.
1.62 + */
1.63 +const unsigned long SANDBOXED_AUTOMATIC_FEATURES = 0x40;
1.64 +
1.65 +/**
1.66 + * This flag blocks the document from acquiring pointerlock.
1.67 + */
1.68 +const unsigned long SANDBOXED_POINTER_LOCK = 0x80;
1.69 +
1.70 +/**
1.71 + * This flag blocks the document from changing document.domain.
1.72 + */
1.73 +const unsigned long SANDBOXED_DOMAIN = 0x100;
1.74 +
1.75 +/**
1.76 + * This flag prevents content from creating new auxiliary browsing contexts,
1.77 + * e.g. using the target attribute, the window.open() method, or the
1.78 + * showModalDialog() method.
1.79 + */
1.80 +const unsigned long SANDBOXED_AUXILIARY_NAVIGATION = 0x200;
1.81 +#endif
