The Tor Browser / file revision

dom/ipc/PTabContext.ipdlh@129ffea94266

dom/ipc/PTabContext.ipdlh

Sat, 03 Jan 2015 20:18:00 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Sat, 03 Jan 2015 20:18:00 +0100
branch
TOR_BUG_3246
changeset 7
129ffea94266
permissions
-rw-r--r--

Conditionally enable double key logic according to:
private browsing mode or privacy.thirdparty.isolate preference and
implement in GetCookieStringCommon and FindCookie where it counts...
With some reservations of how to convince FindCookie users to test
condition and pass a nullptr when disabling double key logic.

     1 /* -*- Mode: C++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 8 -*- */

     2 /* vim: set sw=4 ts=8 et tw=80 ft=cpp : */

     3 /* This Source Code Form is subject to the terms of the Mozilla Public

     4  * License, v. 2.0. If a copy of the MPL was not distributed with this

     5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     6 

     7 include protocol PBrowser;

     8 

     9 

    10 using mozilla::layout::ScrollingBehavior from "mozilla/layout/RenderFrameUtils.h";

    11 

    12 namespace mozilla {

    13 namespace dom {

    14 

    15 // An IPCTabContext which corresponds to a PBrowser opened by a child when it

    16 // receives window.open().

    17 //

    18 // If isBrowserElement is false, this PopupIPCTabContext corresponds to an app

    19 // frame, and the frame's app-id and app-frame-owner-app-id will be equal to the

    20 // opener's values.

    21 //

    22 // If isBrowserElement is true, the frame's browserFrameOwnerAppId will be equal

    23 // to the opener's app-id.

    24 //

    25 // It's an error to set isBrowserElement == false if opener is a browser

    26 // element.  Such a PopupIPCTabContext should be rejected by code which receives

    27 // it.

    28 struct PopupIPCTabContext

    29 {

    30   PBrowser opener;

    31   bool isBrowserElement;

    32 };

    33 

    34 // An IPCTabContext which corresponds to an app frame.

    35 struct AppFrameIPCTabContext

    36 {

    37   // The ID of the app this frame corresponds to.  May be NO_APP_ID.

    38   uint32_t ownAppId;

    39 

    40   // The ID of the app containing this frame.  May be NO_APP_ID.

    41   uint32_t appFrameOwnerAppId;

    42 };

    43 

    44 // An IPCTabContext which corresponds to a browser frame.

    45 struct BrowserFrameIPCTabContext

    46 {

    47   // The ID of the app which contains this browser frame.  May be NO_APP_ID.

    48   uint32_t browserFrameOwnerAppId;

    49 };

    50 

    51 // This is equivalent to AppFrameIPCTabContext with all fields set to NO_APP_ID.

    52 struct VanillaFrameIPCTabContext

    53 {};

    54 

    55 // IPCTabContext is an analog to mozilla::dom::TabContext.  Both specify an

    56 // iframe/PBrowser's own and containing app-ids and tell you whether the

    57 // iframe/PBrowser is a browser frame.  But only IPCTabContext is allowed to

    58 // travel over IPC.

    59 //

    60 // We need IPCTabContext (specifically, PopupIPCTabContext) to prevent a

    61 // privilege escalation attack by a compromised child process.  See the comment

    62 // on AllocPBrowser for details.

    63 union IPCTabAppBrowserContext

    64 {

    65   PopupIPCTabContext;

    66   AppFrameIPCTabContext;

    67   BrowserFrameIPCTabContext;

    68   VanillaFrameIPCTabContext;

    69 };

    70 

    71 struct IPCTabContext {

    72   IPCTabAppBrowserContext appBrowserContext;

    73   ScrollingBehavior scrollingBehavior;

    74 };

    75 

    76 }

    77 }

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial