michael@0: /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: #include "nsISupports.idl" michael@0: michael@0: interface nsIURI; michael@0: interface nsIChannel; michael@0: michael@0: /** michael@0: * nsIProtocolHandler michael@0: */ michael@0: [scriptable, uuid(f5753fec-a051-4ddc-8891-11f1f1575072)] michael@0: interface nsIProtocolHandler : nsISupports michael@0: { michael@0: /** michael@0: * The scheme of this protocol (e.g., "file"). michael@0: */ michael@0: readonly attribute ACString scheme; michael@0: michael@0: /** michael@0: * The default port is the port that this protocol normally uses. michael@0: * If a port does not make sense for the protocol (e.g., "about:") michael@0: * then -1 will be returned. michael@0: */ michael@0: readonly attribute long defaultPort; michael@0: michael@0: /** michael@0: * Returns the protocol specific flags (see flag definitions below). michael@0: */ michael@0: readonly attribute unsigned long protocolFlags; michael@0: michael@0: /** michael@0: * Makes a URI object that is suitable for loading by this protocol, michael@0: * where the URI string is given as an UTF-8 string. The caller may michael@0: * provide the charset from which the URI string originated, so that michael@0: * the URI string can be translated back to that charset (if necessary) michael@0: * before communicating with, for example, the origin server of the URI michael@0: * string. (Many servers do not support UTF-8 IRIs at the present time, michael@0: * so we must be careful about tracking the native charset of the origin michael@0: * server.) michael@0: * michael@0: * @param aSpec - the URI string in UTF-8 encoding. depending michael@0: * on the protocol implementation, unicode character michael@0: * sequences may or may not be %xx escaped. michael@0: * @param aOriginCharset - the charset of the document from which this URI michael@0: * string originated. this corresponds to the michael@0: * charset that should be used when communicating michael@0: * this URI to an origin server, for example. if michael@0: * null, then UTF-8 encoding is assumed (i.e., michael@0: * no charset transformation from aSpec). michael@0: * @param aBaseURI - if null, aSpec must specify an absolute URI. michael@0: * otherwise, aSpec may be resolved relative michael@0: * to aBaseURI, depending on the protocol. michael@0: * If the protocol has no concept of relative michael@0: * URI aBaseURI will simply be ignored. michael@0: */ michael@0: nsIURI newURI(in AUTF8String aSpec, michael@0: in string aOriginCharset, michael@0: in nsIURI aBaseURI); michael@0: michael@0: /** michael@0: * Constructs a new channel from the given URI for this protocol handler. michael@0: */ michael@0: nsIChannel newChannel(in nsIURI aURI); michael@0: michael@0: /** michael@0: * Allows a protocol to override blacklisted ports. michael@0: * michael@0: * This method will be called when there is an attempt to connect to a port michael@0: * that is blacklisted. For example, for most protocols, port 25 (Simple Mail michael@0: * Transfer) is banned. When a URI containing this "known-to-do-bad-things" michael@0: * port number is encountered, this function will be called to ask if the michael@0: * protocol handler wants to override the ban. michael@0: */ michael@0: boolean allowPort(in long port, in string scheme); michael@0: michael@0: michael@0: /************************************************************************** michael@0: * Constants for the protocol flags (the first is the default mask, the michael@0: * others are deviations): michael@0: * michael@0: * NOTE: Implementation must ignore any flags they do not understand. michael@0: */ michael@0: michael@0: /** michael@0: * standard full URI with authority component and concept of relative michael@0: * URIs (http, ftp, ...) michael@0: */ michael@0: const unsigned long URI_STD = 0; michael@0: michael@0: /** michael@0: * no concept of relative URIs (about, javascript, finger, ...) michael@0: */ michael@0: const unsigned long URI_NORELATIVE = (1<<0); michael@0: michael@0: /** michael@0: * no authority component (file, ...) michael@0: */ michael@0: const unsigned long URI_NOAUTH = (1<<1); michael@0: michael@0: /** michael@0: * This protocol handler can be proxied via a proxy (socks or http) michael@0: * (e.g., irc, smtp, http, etc.). If the protocol supports transparent michael@0: * proxying, the handler should implement nsIProxiedProtocolHandler. michael@0: * michael@0: * If it supports only HTTP proxying, then it need not support michael@0: * nsIProxiedProtocolHandler, but should instead set the ALLOWS_PROXY_HTTP michael@0: * flag (see below). michael@0: * michael@0: * @see nsIProxiedProtocolHandler michael@0: */ michael@0: const unsigned long ALLOWS_PROXY = (1<<2); michael@0: michael@0: /** michael@0: * This protocol handler can be proxied using a http proxy (e.g., http, michael@0: * ftp, etc.). nsIIOService::newChannelFromURI will feed URIs from this michael@0: * protocol handler to the HTTP protocol handler instead. This flag is michael@0: * ignored if ALLOWS_PROXY is not set. michael@0: */ michael@0: const unsigned long ALLOWS_PROXY_HTTP = (1<<3); michael@0: michael@0: /** michael@0: * The URIs for this protocol have no inherent security context, so michael@0: * documents loaded via this protocol should inherit the security context michael@0: * from the document that loads them. michael@0: */ michael@0: const unsigned long URI_INHERITS_SECURITY_CONTEXT = (1<<4); michael@0: michael@0: /** michael@0: * "Automatic" loads that would replace the document (e.g. refresh, michael@0: * certain types of XLinks, possibly other loads that the application michael@0: * decides are not user triggered) are not allowed if the originating (NOT michael@0: * the target) URI has this protocol flag. Note that the decision as to michael@0: * what constitutes an "automatic" load is made externally, by the caller michael@0: * of nsIScriptSecurityManager::CheckLoadURI. See documentation for that michael@0: * method for more information. michael@0: * michael@0: * A typical protocol that might want to set this flag is a protocol that michael@0: * shows highly untrusted content in a viewing area that the user expects michael@0: * to have a lot of control over, such as an e-mail reader. michael@0: */ michael@0: const unsigned long URI_FORBIDS_AUTOMATIC_DOCUMENT_REPLACEMENT = (1<<5); michael@0: michael@0: /** michael@0: * +-------------------------------------------------------------------+ michael@0: * | | michael@0: * | ALL PROTOCOL HANDLERS MUST SET ONE OF THE FOLLOWING FIVE FLAGS. | michael@0: * | | michael@0: * +-------------------------------------------------------------------+ michael@0: * michael@0: * These flags are used to determine who is allowed to load URIs for this michael@0: * protocol. Note that if a URI is nested, only the flags for the michael@0: * innermost URI matter. See nsINestedURI. michael@0: * michael@0: * If none of these five flags are set, the URI must be treated as if it michael@0: * had the URI_LOADABLE_BY_ANYONE flag set, for compatibility with protocol michael@0: * handlers written against Gecko 1.8 or earlier. In this case, there may michael@0: * be run-time warning messages indicating that a "default insecure" michael@0: * assumption is being made. At some point in the futures (Mozilla 2.0, michael@0: * most likely), these warnings will become errors. michael@0: */ michael@0: michael@0: /** michael@0: * The URIs for this protocol can be loaded by anyone. For example, any michael@0: * website should be allowed to trigger a load of a URI for this protocol. michael@0: * Web-safe protocols like "http" should set this flag. michael@0: */ michael@0: const unsigned long URI_LOADABLE_BY_ANYONE = (1<<6); michael@0: michael@0: /** michael@0: * The URIs for this protocol are UNSAFE if loaded by untrusted (web) michael@0: * content and may only be loaded by privileged code (for example, code michael@0: * which has the system principal). Various internal protocols should set michael@0: * this flag. michael@0: */ michael@0: const unsigned long URI_DANGEROUS_TO_LOAD = (1<<7); michael@0: michael@0: /** michael@0: * The URIs for this protocol point to resources that are part of the michael@0: * application's user interface. There are cases when such resources may michael@0: * be made accessible to untrusted content such as web pages, so this is michael@0: * less restrictive than URI_DANGEROUS_TO_LOAD but more restrictive than michael@0: * URI_LOADABLE_BY_ANYONE. See the documentation for michael@0: * nsIScriptSecurityManager::CheckLoadURI. michael@0: */ michael@0: const unsigned long URI_IS_UI_RESOURCE = (1<<8); michael@0: michael@0: /** michael@0: * Loading of URIs for this protocol from other origins should only be michael@0: * allowed if those origins should have access to the local filesystem. michael@0: * It's up to the application to decide what origins should have such michael@0: * access. Protocols like "file" that point to local data should set this michael@0: * flag. michael@0: */ michael@0: const unsigned long URI_IS_LOCAL_FILE = (1<<9); michael@0: michael@0: /** michael@0: * The URIs for this protocol can be loaded only by callers with a michael@0: * principal that subsumes this uri. For example, privileged code and michael@0: * websites that are same origin as this uri. michael@0: */ michael@0: const unsigned long URI_LOADABLE_BY_SUBSUMERS = (1<<10); michael@0: michael@0: /** michael@0: * Channels using this protocol never call OnDataAvailable michael@0: * on the listener passed to AsyncOpen and they therefore michael@0: * do not return any data that we can use. michael@0: */ michael@0: const unsigned long URI_DOES_NOT_RETURN_DATA = (1<<11); michael@0: michael@0: /** michael@0: * URIs for this protocol are considered to be local resources. This could michael@0: * be a local file (URI_IS_LOCAL_FILE), a UI resource (URI_IS_UI_RESOURCE), michael@0: * or something else that would not hit the network. michael@0: */ michael@0: const unsigned long URI_IS_LOCAL_RESOURCE = (1<<12); michael@0: michael@0: /** michael@0: * URIs for this protocol execute script when they are opened. michael@0: */ michael@0: const unsigned long URI_OPENING_EXECUTES_SCRIPT = (1<<13); michael@0: michael@0: /** michael@0: * Loading channels from this protocol has side-effects that make michael@0: * it unsuitable for saving to a local file. michael@0: */ michael@0: const unsigned long URI_NON_PERSISTABLE = (1<<14); michael@0: michael@0: /** michael@0: * This protocol handler forbids accessing cookies e.g. for mail related michael@0: * protocols. michael@0: */ michael@0: const unsigned long URI_FORBIDS_COOKIE_ACCESS = (1<<15); michael@0: michael@0: /** michael@0: * URIs for this protocol require the webapps permission on the principal michael@0: * when opening URIs for a different domain. See bug#773886 michael@0: */ michael@0: const unsigned long URI_CROSS_ORIGIN_NEEDS_WEBAPPS_PERM = (1<<16); michael@0: michael@0: /** michael@0: * Channels for this protocol don't need to spin the event loop to handle michael@0: * Open() and reads on the resulting stream. michael@0: */ michael@0: const unsigned long URI_SYNC_LOAD_IS_OK = (1<<17); michael@0: michael@0: /** michael@0: * URI is secure to load in an https page and should not be blocked michael@0: * by nsMixedContentBlocker michael@0: */ michael@0: const unsigned long URI_SAFE_TO_LOAD_IN_SECURE_CONTEXT = (1<<18); michael@0: michael@0: michael@0: }; michael@0: michael@0: %{C++ michael@0: /** michael@0: * Protocol handlers are registered with XPCOM under the following CONTRACTID prefix: michael@0: */ michael@0: #define NS_NETWORK_PROTOCOL_CONTRACTID_PREFIX "@mozilla.org/network/protocol;1?name=" michael@0: /** michael@0: * For example, "@mozilla.org/network/protocol;1?name=http" michael@0: */ michael@0: %}