michael@0: /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: /* michael@0: * Content policy implementation that prevents all loads of images, michael@0: * subframes, etc from protocols that don't return data but rather open michael@0: * applications (such as mailto). michael@0: */ michael@0: michael@0: #include "nsNoDataProtocolContentPolicy.h" michael@0: #include "nsIDOMWindow.h" michael@0: #include "nsString.h" michael@0: #include "nsIProtocolHandler.h" michael@0: #include "nsIIOService.h" michael@0: #include "nsIExternalProtocolHandler.h" michael@0: #include "nsNetUtil.h" michael@0: michael@0: NS_IMPL_ISUPPORTS(nsNoDataProtocolContentPolicy, nsIContentPolicy) michael@0: michael@0: NS_IMETHODIMP michael@0: nsNoDataProtocolContentPolicy::ShouldLoad(uint32_t aContentType, michael@0: nsIURI *aContentLocation, michael@0: nsIURI *aRequestingLocation, michael@0: nsISupports *aRequestingContext, michael@0: const nsACString &aMimeGuess, michael@0: nsISupports *aExtra, michael@0: nsIPrincipal *aRequestPrincipal, michael@0: int16_t *aDecision) michael@0: { michael@0: *aDecision = nsIContentPolicy::ACCEPT; michael@0: michael@0: // Don't block for TYPE_OBJECT since such URIs are sometimes loaded by the michael@0: // plugin, so they don't necessarily open external apps michael@0: // TYPE_WEBSOCKET loads can only go to ws:// or wss://, so we don't need to michael@0: // concern ourselves with them. michael@0: if (aContentType != TYPE_DOCUMENT && michael@0: aContentType != TYPE_SUBDOCUMENT && michael@0: aContentType != TYPE_OBJECT && michael@0: aContentType != TYPE_WEBSOCKET) { michael@0: michael@0: // The following are just quick-escapes for the most common cases michael@0: // where we would allow the content to be loaded anyway. michael@0: nsAutoCString scheme; michael@0: aContentLocation->GetScheme(scheme); michael@0: if (scheme.EqualsLiteral("http") || michael@0: scheme.EqualsLiteral("https") || michael@0: scheme.EqualsLiteral("ftp") || michael@0: scheme.EqualsLiteral("file") || michael@0: scheme.EqualsLiteral("chrome")) { michael@0: return NS_OK; michael@0: } michael@0: michael@0: bool shouldBlock; michael@0: nsresult rv = NS_URIChainHasFlags(aContentLocation, michael@0: nsIProtocolHandler::URI_DOES_NOT_RETURN_DATA, michael@0: &shouldBlock); michael@0: if (NS_SUCCEEDED(rv) && shouldBlock) { michael@0: *aDecision = nsIContentPolicy::REJECT_REQUEST; michael@0: } michael@0: } michael@0: michael@0: return NS_OK; michael@0: } michael@0: michael@0: NS_IMETHODIMP michael@0: nsNoDataProtocolContentPolicy::ShouldProcess(uint32_t aContentType, michael@0: nsIURI *aContentLocation, michael@0: nsIURI *aRequestingLocation, michael@0: nsISupports *aRequestingContext, michael@0: const nsACString &aMimeGuess, michael@0: nsISupports *aExtra, michael@0: nsIPrincipal *aRequestPrincipal, michael@0: int16_t *aDecision) michael@0: { michael@0: return ShouldLoad(aContentType, aContentLocation, aRequestingLocation, michael@0: aRequestingContext, aMimeGuess, aExtra, aRequestPrincipal, michael@0: aDecision); michael@0: }