diff -r 000000000000 -r 6474c204b198 netwerk/base/public/mozIThirdPartyUtil.idl --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/netwerk/base/public/mozIThirdPartyUtil.idl Wed Dec 31 06:09:35 2014 +0100 @@ -0,0 +1,238 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsISupports.idl" + +interface nsIURI; +interface nsIDOMWindow; +interface nsIChannel; +interface nsIDocument; + +/** + * Utility functions for determining whether a given URI, channel, or window + * hierarchy is third party with respect to a known URI. + */ +[scriptable, uuid(d994fd1d-d2fe-4372-9ae7-88b08b7d9d90)] +interface mozIThirdPartyUtil : nsISupports +{ + /** + * isThirdPartyURI + * + * Determine whether two URIs are third party with respect to each other. + * This is determined by computing the base domain for both URIs. If they can + * be determined, and the base domains match, the request is defined as first + * party. If it cannot be determined because one or both URIs do not have a + * base domain (for instance, in the case of IP addresses, host aliases such + * as 'localhost', or a file:// URI), an exact string comparison on host is + * performed. + * + * For example, the URI "http://mail.google.com/" is not third party with + * respect to "http://images.google.com/", but "http://mail.yahoo.com/" and + * "http://192.168.1.1/" are. + * + * @return true if aFirstURI is third party with respect to aSecondURI. + * + * @throws if either URI is null, has a malformed host, or has an empty host + * and is not a file:// URI. + */ + boolean isThirdPartyURI(in nsIURI aFirstURI, in nsIURI aSecondURI); + + /** + * isThirdPartyWindow + * + * Determine whether the given window hierarchy is third party. This is done + * as follows: + * + * 1) Obtain the URI of the principal associated with 'aWindow'. Call this the + * 'bottom URI'. + * 2) If 'aURI' is provided, determine if it is third party with respect to + * the bottom URI. If so, return. + * 3) Find the same-type parent window, if there is one, and its URI. + * Determine whether it is third party with respect to the bottom URI. If + * so, return. + * + * Therefore, each level in the window hierarchy is tested. (This means that + * nested iframes with different base domains, even though the bottommost and + * topmost URIs might be equal, will be considered third party.) + * + * @param aWindow + * The bottommost window in the hierarchy. + * @param aURI + * A URI to test against. If null, the URI of the principal + * associated with 'aWindow' will be used. + * + * For example, if 'aURI' is "http://mail.google.com/", 'aWindow' has a URI + * of "http://google.com/", and its parent is the topmost content window with + * a URI of "http://mozilla.com", the result will be true. + * + * @return true if 'aURI' is third party with respect to any of the URIs + * associated with aWindow and its same-type parents. + * + * @throws if aWindow is null; the same-type parent of any window in the + * hierarchy cannot be determined; or the URI associated with any + * window in the hierarchy is null, has a malformed host, or has an + * empty host and is not a file:// URI. + * + * @see isThirdPartyURI + */ + boolean isThirdPartyWindow(in nsIDOMWindow aWindow, [optional] in nsIURI aURI); + + /** + * isThirdPartyChannel + * + * Determine whether the given channel and its content window hierarchy is + * third party. This is done as follows: + * + * 1) If 'aChannel' is an nsIHttpChannel and has the + * 'forceAllowThirdPartyCookie' property set, then: + * a) If 'aURI' is null, return false. + * b) Otherwise, find the URI of the channel, determine whether it is + * foreign with respect to 'aURI', and return. + * 2) Find the URI of the channel and determine whether it is third party with + * respect to the URI of the channel. If so, return. + * 3) Obtain the bottommost nsIDOMWindow, and its same-type parent if it + * exists, from the channel's notification callbacks. Then: + * a) If the parent is the same as the bottommost window, and the channel + * has the LOAD_DOCUMENT_URI flag set, return false. This represents the + * case where a toplevel load is occurring and the window's URI has not + * yet been updated. (We have already checked that 'aURI' is not foreign + * with respect to the channel URI.) + * b) Otherwise, return the result of isThirdPartyWindow with arguments + * of the channel's bottommost window and the channel URI, respectively. + * + * Therefore, both the channel's URI and each level in the window hierarchy + * associated with the channel is tested. + * + * @param aChannel + * The channel associated with the load. + * @param aURI + * A URI to test against. If null, the URI of the channel will be used. + * + * For example, if 'aURI' is "http://mail.google.com/", 'aChannel' has a URI + * of "http://google.com/", and its parent is the topmost content window with + * a URI of "http://mozilla.com", the result will be true. + * + * @return true if aURI is third party with respect to the channel URI or any + * of the URIs associated with the same-type window hierarchy of the + * channel. + * + * @throws if 'aChannel' is null; the channel has no notification callbacks or + * an associated window; or isThirdPartyWindow throws. + * + * @see isThirdPartyWindow + */ + boolean isThirdPartyChannel(in nsIChannel aChannel, [optional] in nsIURI aURI); + + /** + * getBaseDomain + * + * Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be + * "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing + * dot may be present. If aHostURI is an IP address, an alias such as + * 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will + * be the exact host. The result of this function should only be used in exact + * string comparisons, since substring comparisons will not be valid for the + * special cases elided above. + * + * @param aHostURI + * The URI to analyze. + * + * @return the base domain. + */ + AUTF8String getBaseDomain(in nsIURI aHostURI); + + + /** + * getFirstPartyURI + * + * Obtain the top-level url bar URI for either a channel or a document. + * Either parameter may be null (but not both). + * + * @param aChannel + * An arbitrary channel for some content element of a first party + * load. Can be null. + * + * @param aDoc + * An arbitrary third party document. Can be null. + * + * @return the first party url bar URI for the load. + * + * @throws if the URI cannot be obtained or the URI lacks a hostname and the + * URI's scheme is not white listed. + */ + [noscript] nsIURI getFirstPartyURI(in nsIChannel aChannel, + in nsIDocument aDoc); + + /** + * getFirstPartyIsolationURI + * + * If first-party isolation is active, then + * obtains the top-level url bar URI for either a channel or a document. + * Otherwise returns null. + * Either parameter may be null (but not both). + * + * @param aChannel + * An arbitrary channel for some content element of a first party + * load. Can be null. + * + * @param aDoc + * An arbitrary third party document. Can be null. + * + * @return the first party url bar URI for the load. + * + * @throws if the URI cannot be obtained or the URI lacks a hostname and the + * URI's scheme is not white listed. + */ + [noscript] nsIURI getFirstPartyIsolationURI(in nsIChannel aChannel, + in nsIDocument aDoc); + + /** + * getFirstPartyURIFromChannel + * + * Obtain the top-level url bar URI for a channel. + * + * @param aChannel + * An arbitrary channel for some content element of a first party + * load. + * + * @param aLogErrors + * If true, log errors to the Error Console. + * + * @return the first party url bar URI for the load. + * + * @throws if the URI cannot be obtained or the URI lacks a hostname and the + * URI's scheme is not white listed. + */ + nsIURI getFirstPartyURIFromChannel(in nsIChannel aChannel, + in bool aLogErrors); + + /** + * getFirstPartyHostForIsolation + * + * Obtain the host or pseudo-host for aFirstPartyURI. Some examples: + * aFirstPartyURI Return Value + * -------------- ------------ + * https://news.google.com/nwshp?hl=en "news.google.com" + * about:home "--NoFirstPartyHost-about-home--" + * chrome://browser/content/browser.xul "--NoFirstPartyHost-chrome-browser.xul--" + * + * @param aFirstPartyURI + * The first party URI. + * + * @return host or pseudo host. + * + * @throws if the URI lacks a host and the scheme is not a whitelisted one + * for which we generate a pseudo host. + */ + AUTF8String getFirstPartyHostForIsolation(in nsIURI aFirstPartyURI); +}; + +%{ C++ +/** + * The mozIThirdPartyUtil implementation is an XPCOM service registered + * under the ContractID: + */ +#define THIRDPARTYUTIL_CONTRACTID "@mozilla.org/thirdpartyutil;1" +%} +