1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/manager/boot/src/nsSiteSecurityService.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,165 @@
1.4 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.5 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.6 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.7 +
1.8 +/**
1.9 + * This wraps nsSimpleURI so that all calls to it are done on the main thread.
1.10 + */
1.11 +
1.12 +#ifndef __nsSiteSecurityService_h__
1.13 +#define __nsSiteSecurityService_h__
1.14 +
1.15 +#include "nsISiteSecurityService.h"
1.16 +#include "nsIObserver.h"
1.17 +#include "nsIObserverService.h"
1.18 +#include "nsIPermissionManager.h"
1.19 +#include "nsCOMPtr.h"
1.20 +#include "nsIURI.h"
1.21 +#include "nsString.h"
1.22 +#include "nsTHashtable.h"
1.23 +#include "prtime.h"
1.24 +
1.25 +// {16955eee-6c48-4152-9309-c42a465138a1}
1.26 +#define NS_SITE_SECURITY_SERVICE_CID \
1.27 + {0x16955eee, 0x6c48, 0x4152, \
1.28 + {0x93, 0x09, 0xc4, 0x2a, 0x46, 0x51, 0x38, 0xa1} }
1.29 +
1.30 +////////////////////////////////////////////////////////////////////////////////
1.31 +// nsSSSHostEntry - similar to the nsHostEntry class in
1.32 +// nsPermissionManager.cpp, but specific to private-mode caching of STS
1.33 +// permissions.
1.34 +//
1.35 +// Each nsSSSHostEntry contains:
1.36 +// - Expiry time (PRTime, milliseconds)
1.37 +// - Expired flag (bool, default false)
1.38 +// - STS permission (uint32_t, default STS_UNSET)
1.39 +// - Include subdomains flag (bool, default false)
1.40 +//
1.41 +// Note: the subdomains flag has no meaning if the STS permission is STS_UNSET.
1.42 +//
1.43 +// The existence of the nsSSSHostEntry implies STS state is set for the given
1.44 +// host -- unless the expired flag is set, in which case not only is the STS
1.45 +// state not set for the host, but any permission actually present in the
1.46 +// permission manager should be ignored.
1.47 +//
1.48 +// Note: Only one expiry time is stored since the subdomains and STS
1.49 +// permissions are both encountered at the same time in the HTTP header; if the
1.50 +// includeSubdomains directive isn't present in the header, it means to delete
1.51 +// the permission, so the subdomains flag in the nsSSSHostEntry means both that
1.52 +// the permission doesn't exist and any permission in the real permission
1.53 +// manager should be ignored since newer information about it has been
1.54 +// encountered in private browsing mode.
1.55 +//
1.56 +// Note: If there's a permission set by the user (EXPIRE_NEVER), STS is not set
1.57 +// for the host (including the subdomains permission) when the header is
1.58 +// encountered. Furthermore, any user-set permissions are stored persistently
1.59 +// and can't be shadowed.
1.60 +
1.61 +class nsSSSHostEntry : public PLDHashEntryHdr
1.62 +{
1.63 + public:
1.64 + explicit nsSSSHostEntry(const char* aHost);
1.65 + explicit nsSSSHostEntry(const nsSSSHostEntry& toCopy);
1.66 +
1.67 + nsCString mHost;
1.68 + PRTime mExpireTime;
1.69 + uint32_t mStsPermission;
1.70 + bool mExpired;
1.71 + bool mIncludeSubdomains;
1.72 +
1.73 + // Hash methods
1.74 + typedef const char* KeyType;
1.75 + typedef const char* KeyTypePointer;
1.76 +
1.77 + KeyType GetKey() const
1.78 + {
1.79 + return mHost.get();
1.80 + }
1.81 +
1.82 + bool KeyEquals(KeyTypePointer aKey) const
1.83 + {
1.84 + return !strcmp(mHost.get(), aKey);
1.85 + }
1.86 +
1.87 + static KeyTypePointer KeyToPointer(KeyType aKey)
1.88 + {
1.89 + return aKey;
1.90 + }
1.91 +
1.92 + static PLDHashNumber HashKey(KeyTypePointer aKey)
1.93 + {
1.94 + return PL_DHashStringKey(nullptr, aKey);
1.95 + }
1.96 +
1.97 + void SetExpireTime(PRTime aExpireTime)
1.98 + {
1.99 + mExpireTime = aExpireTime;
1.100 + mExpired = false;
1.101 + }
1.102 +
1.103 + bool IsExpired()
1.104 + {
1.105 + // If mExpireTime is 0, this entry never expires (this is the case for
1.106 + // knockout entries).
1.107 + // If we've already expired or we never expire, return early.
1.108 + if (mExpired || mExpireTime == 0) {
1.109 + return mExpired;
1.110 + }
1.111 +
1.112 + PRTime now = PR_Now() / PR_USEC_PER_MSEC;
1.113 + if (now > mExpireTime) {
1.114 + mExpired = true;
1.115 + }
1.116 +
1.117 + return mExpired;
1.118 + }
1.119 +
1.120 + // force the hashtable to use the copy constructor.
1.121 + enum { ALLOW_MEMMOVE = false };
1.122 +};
1.123 +////////////////////////////////////////////////////////////////////////////////
1.124 +
1.125 +class nsSTSPreload;
1.126 +
1.127 +class nsSiteSecurityService : public nsISiteSecurityService
1.128 + , public nsIObserver
1.129 +{
1.130 +public:
1.131 + NS_DECL_THREADSAFE_ISUPPORTS
1.132 + NS_DECL_NSIOBSERVER
1.133 + NS_DECL_NSISITESECURITYSERVICE
1.134 +
1.135 + nsSiteSecurityService();
1.136 + nsresult Init();
1.137 + virtual ~nsSiteSecurityService();
1.138 +
1.139 +private:
1.140 + nsresult GetHost(nsIURI *aURI, nsACString &aResult);
1.141 + nsresult GetPrincipalForURI(nsIURI *aURI, nsIPrincipal **aPrincipal);
1.142 + nsresult SetState(uint32_t aType, nsIURI* aSourceURI, int64_t maxage,
1.143 + bool includeSubdomains, uint32_t flags);
1.144 + nsresult ProcessHeaderMutating(uint32_t aType, nsIURI* aSourceURI,
1.145 + char* aHeader, uint32_t flags,
1.146 + uint64_t *aMaxAge, bool *aIncludeSubdomains);
1.147 + const nsSTSPreload *GetPreloadListEntry(const char *aHost);
1.148 +
1.149 + // private-mode-preserving permission manager overlay functions
1.150 + nsresult AddPermission(nsIURI *aURI,
1.151 + const char *aType,
1.152 + uint32_t aPermission,
1.153 + uint32_t aExpireType,
1.154 + int64_t aExpireTime,
1.155 + bool aIsPrivate);
1.156 + nsresult RemovePermission(const nsCString &aHost,
1.157 + const char *aType,
1.158 + bool aIsPrivate);
1.159 +
1.160 + // cached services
1.161 + nsCOMPtr<nsIPermissionManager> mPermMgr;
1.162 + nsCOMPtr<nsIObserverService> mObserverService;
1.163 +
1.164 + nsTHashtable<nsSSSHostEntry> mPrivateModeHostTable;
1.165 + bool mUsePreloadList;
1.166 +};
1.167 +
1.168 +#endif // __nsSiteSecurityService_h__
