michael@0: /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "nsISupports.idl" michael@0: michael@0: interface nsIURI; michael@0: interface nsIDomainSet; michael@0: michael@0: /* michael@0: * When a domain policy is instantiated by invoking activateDomainPolicy() on michael@0: * nsIScriptSecurityManager, these domain sets are consulted when each new michael@0: * global is created (they have no effect on already-created globals). michael@0: * If javascript is globally enabled with |javascript.enabled|, the blacklists michael@0: * are consulted. If globally disabled, the whitelists are consulted. Lookups michael@0: * on blacklist and whitelist happen with contains(), and lookups on michael@0: * superBlacklist and superWhitelist happen with containsSuperDomain(). michael@0: * michael@0: * When deactivate() is invoked, the domain sets are emptied, and the michael@0: * nsIDomainPolicy ceases to have any effect on the system. michael@0: */ michael@0: [scriptable, builtinclass, uuid(27b10f54-f34b-42b7-8594-4348d3ad7953)] michael@0: interface nsIDomainPolicy : nsISupports michael@0: { michael@0: readonly attribute nsIDomainSet blacklist; michael@0: readonly attribute nsIDomainSet superBlacklist; michael@0: readonly attribute nsIDomainSet whitelist; michael@0: readonly attribute nsIDomainSet superWhitelist; michael@0: michael@0: void deactivate(); michael@0: }; michael@0: michael@0: [scriptable, builtinclass, uuid(946a01ff-6525-4007-a2c2-447ebe1875d3)] michael@0: interface nsIDomainSet : nsISupports michael@0: { michael@0: /* michael@0: * Add a domain to the set. No-op if it already exists. michael@0: */ michael@0: void add(in nsIURI aDomain); michael@0: michael@0: /* michael@0: * Remove a domain from the set. No-op if it doesn't exist. michael@0: */ michael@0: void remove(in nsIURI aDomain); michael@0: michael@0: /* michael@0: * Remove all entries from the set. michael@0: */ michael@0: void clear(); michael@0: michael@0: /* michael@0: * Returns true if a given domain is in the set. michael@0: */ michael@0: bool contains(in nsIURI aDomain); michael@0: michael@0: /* michael@0: * Returns true if a given domain is a subdomain of one of the entries in michael@0: * the set. michael@0: */ michael@0: bool containsSuperDomain(in nsIURI aDomain); michael@0: };