2015-05-12 00:25:59 +03:00
|
|
|
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ts=2 sw=2 et tw=80: */
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
#include "mozilla/BasePrincipal.h"
|
2015-05-14 23:56:37 +03:00
|
|
|
|
2015-07-08 03:53:15 +03:00
|
|
|
#include "nsIAddonPolicyService.h"
|
2015-05-21 21:16:04 +03:00
|
|
|
#include "nsIContentSecurityPolicy.h"
|
2015-05-14 23:56:37 +03:00
|
|
|
#include "nsIObjectInputStream.h"
|
|
|
|
#include "nsIObjectOutputStream.h"
|
2015-05-15 23:43:11 +03:00
|
|
|
|
|
|
|
#include "nsPrincipal.h"
|
|
|
|
#include "nsNetUtil.h"
|
2015-07-06 08:55:00 +03:00
|
|
|
#include "nsIURIWithPrincipal.h"
|
2015-05-15 23:43:11 +03:00
|
|
|
#include "nsNullPrincipal.h"
|
2015-05-14 04:25:40 +03:00
|
|
|
#include "nsScriptSecurityManager.h"
|
2015-07-08 03:53:15 +03:00
|
|
|
#include "nsServiceManagerUtils.h"
|
2015-05-12 00:25:59 +03:00
|
|
|
|
2015-05-21 21:16:04 +03:00
|
|
|
#include "mozilla/dom/CSPDictionariesBinding.h"
|
2015-05-15 02:24:25 +03:00
|
|
|
#include "mozilla/dom/ToJSValue.h"
|
2015-06-04 21:51:57 +03:00
|
|
|
#include "mozilla/dom/URLSearchParams.h"
|
2015-05-15 02:24:25 +03:00
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
namespace mozilla {
|
|
|
|
|
2015-06-04 23:45:24 +03:00
|
|
|
using dom::URLParams;
|
2015-06-04 21:51:57 +03:00
|
|
|
|
2015-05-15 02:24:25 +03:00
|
|
|
void
|
2015-06-03 11:43:43 +03:00
|
|
|
OriginAttributes::CreateSuffix(nsACString& aStr) const
|
2015-05-15 02:24:25 +03:00
|
|
|
{
|
|
|
|
MOZ_RELEASE_ASSERT(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
|
2015-06-04 21:51:57 +03:00
|
|
|
|
2015-06-04 23:45:24 +03:00
|
|
|
UniquePtr<URLParams> params(new URLParams());
|
2015-06-04 21:51:57 +03:00
|
|
|
nsAutoString value;
|
2015-05-15 02:24:25 +03:00
|
|
|
|
|
|
|
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
|
2015-06-04 21:51:57 +03:00
|
|
|
value.AppendInt(mAppId);
|
2015-06-04 23:45:24 +03:00
|
|
|
params->Set(NS_LITERAL_STRING("appId"), value);
|
2015-05-15 02:24:25 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
if (mInBrowser) {
|
2015-06-04 23:45:24 +03:00
|
|
|
params->Set(NS_LITERAL_STRING("inBrowser"), NS_LITERAL_STRING("1"));
|
2015-06-04 21:51:57 +03:00
|
|
|
}
|
|
|
|
|
2015-07-08 01:53:15 +03:00
|
|
|
if (!mAddonId.IsEmpty()) {
|
|
|
|
params->Set(NS_LITERAL_STRING("addonId"), mAddonId);
|
|
|
|
}
|
|
|
|
|
2015-07-29 00:32:00 +03:00
|
|
|
if (mUserContextId != nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID) {
|
|
|
|
value.Truncate();
|
|
|
|
value.AppendInt(mUserContextId);
|
|
|
|
params->Set(NS_LITERAL_STRING("userContextId"), value);
|
|
|
|
}
|
|
|
|
|
2015-06-04 21:51:57 +03:00
|
|
|
aStr.Truncate();
|
|
|
|
|
2015-06-04 23:45:24 +03:00
|
|
|
params->Serialize(value);
|
2015-06-04 21:51:57 +03:00
|
|
|
if (!value.IsEmpty()) {
|
2015-07-02 23:50:26 +03:00
|
|
|
aStr.AppendLiteral("^");
|
2015-06-04 21:51:57 +03:00
|
|
|
aStr.Append(NS_ConvertUTF16toUTF8(value));
|
2015-05-15 02:24:25 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-04 21:51:57 +03:00
|
|
|
namespace {
|
|
|
|
|
|
|
|
class MOZ_STACK_CLASS PopulateFromSuffixIterator final
|
2015-06-04 23:45:24 +03:00
|
|
|
: public URLParams::ForEachIterator
|
2015-05-14 23:56:37 +03:00
|
|
|
{
|
2015-06-04 21:51:57 +03:00
|
|
|
public:
|
|
|
|
explicit PopulateFromSuffixIterator(OriginAttributes* aOriginAttributes)
|
|
|
|
: mOriginAttributes(aOriginAttributes)
|
|
|
|
{
|
|
|
|
MOZ_ASSERT(aOriginAttributes);
|
|
|
|
}
|
|
|
|
|
2015-06-04 23:45:24 +03:00
|
|
|
bool URLParamsIterator(const nsString& aName,
|
|
|
|
const nsString& aValue) override
|
2015-06-04 21:51:57 +03:00
|
|
|
{
|
|
|
|
if (aName.EqualsLiteral("appId")) {
|
|
|
|
nsresult rv;
|
|
|
|
mOriginAttributes->mAppId = aValue.ToInteger(&rv);
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (mOriginAttributes->mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
2015-06-04 21:51:57 +03:00
|
|
|
|
2015-06-04 21:51:57 +03:00
|
|
|
if (aName.EqualsLiteral("inBrowser")) {
|
|
|
|
if (!aValue.EqualsLiteral("1")) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
mOriginAttributes->mInBrowser = true;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-07-08 01:53:15 +03:00
|
|
|
if (aName.EqualsLiteral("addonId")) {
|
|
|
|
MOZ_RELEASE_ASSERT(mOriginAttributes->mAddonId.IsEmpty());
|
|
|
|
mOriginAttributes->mAddonId.Assign(aValue);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-07-29 00:32:00 +03:00
|
|
|
if (aName.EqualsLiteral("userContextId")) {
|
|
|
|
nsresult rv;
|
|
|
|
mOriginAttributes->mUserContextId = aValue.ToInteger(&rv);
|
|
|
|
if (NS_WARN_IF(NS_FAILED(rv))) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2015-06-04 21:51:57 +03:00
|
|
|
// No other attributes are supported.
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
private:
|
|
|
|
OriginAttributes* mOriginAttributes;
|
|
|
|
};
|
|
|
|
|
2015-07-13 18:25:42 +03:00
|
|
|
} // namespace
|
2015-06-04 21:51:57 +03:00
|
|
|
|
|
|
|
bool
|
|
|
|
OriginAttributes::PopulateFromSuffix(const nsACString& aStr)
|
2015-05-14 23:56:37 +03:00
|
|
|
{
|
2015-06-04 21:51:57 +03:00
|
|
|
if (aStr.IsEmpty()) {
|
|
|
|
return true;
|
|
|
|
}
|
2015-05-14 23:56:37 +03:00
|
|
|
|
2015-07-02 23:50:26 +03:00
|
|
|
if (aStr[0] != '^') {
|
2015-06-04 21:51:57 +03:00
|
|
|
return false;
|
|
|
|
}
|
2015-06-04 21:51:57 +03:00
|
|
|
|
2015-06-04 23:45:24 +03:00
|
|
|
UniquePtr<URLParams> params(new URLParams());
|
|
|
|
params->ParseInput(Substring(aStr, 1, aStr.Length() - 1));
|
2015-06-04 21:51:57 +03:00
|
|
|
|
|
|
|
PopulateFromSuffixIterator iterator(this);
|
2015-06-04 23:45:24 +03:00
|
|
|
return params->ForEach(iterator);
|
2015-05-14 23:56:37 +03:00
|
|
|
}
|
|
|
|
|
2015-06-05 07:39:34 +03:00
|
|
|
bool
|
|
|
|
OriginAttributes::PopulateFromOrigin(const nsACString& aOrigin,
|
|
|
|
nsACString& aOriginNoSuffix)
|
|
|
|
{
|
|
|
|
// RFindChar is only available on nsCString.
|
|
|
|
nsCString origin(aOrigin);
|
2015-07-02 23:50:26 +03:00
|
|
|
int32_t pos = origin.RFindChar('^');
|
2015-06-05 07:39:34 +03:00
|
|
|
|
|
|
|
if (pos == kNotFound) {
|
|
|
|
aOriginNoSuffix = origin;
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
aOriginNoSuffix = Substring(origin, 0, pos);
|
|
|
|
return PopulateFromSuffix(Substring(origin, pos));
|
|
|
|
}
|
|
|
|
|
2015-06-04 21:51:57 +03:00
|
|
|
BasePrincipal::BasePrincipal()
|
|
|
|
{}
|
|
|
|
|
|
|
|
BasePrincipal::~BasePrincipal()
|
|
|
|
{}
|
|
|
|
|
2015-05-15 02:50:44 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetOrigin(nsACString& aOrigin)
|
2015-05-15 02:55:52 +03:00
|
|
|
{
|
|
|
|
nsresult rv = GetOriginInternal(aOrigin);
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
2015-07-16 00:50:12 +03:00
|
|
|
|
|
|
|
// OriginAttributes::CreateSuffix asserts against UNKNOWN_APP_ID. It's trivial
|
|
|
|
// to trigger this getter from script on such a principal, so we handle it
|
|
|
|
// here at the API entry point.
|
|
|
|
if (mOriginAttributes.mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
|
|
|
NS_WARNING("Refusing to provide canonical origin string to principal with UNKNOWN_APP_ID");
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
}
|
|
|
|
|
2015-05-15 02:55:52 +03:00
|
|
|
nsAutoCString suffix;
|
|
|
|
mOriginAttributes.CreateSuffix(suffix);
|
|
|
|
aOrigin.Append(suffix);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetOriginNoSuffix(nsACString& aOrigin)
|
2015-05-15 02:50:44 +03:00
|
|
|
{
|
|
|
|
return GetOriginInternal(aOrigin);
|
|
|
|
}
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
bool
|
|
|
|
BasePrincipal::Subsumes(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration)
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
MOZ_ASSERT(aOther);
|
2015-05-14 21:15:56 +03:00
|
|
|
return SubsumesInternal(aOther, aConsideration);
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
2015-05-14 21:15:56 +03:00
|
|
|
*aResult = Subsumes(aOther, DontConsiderDocumentDomain) &&
|
|
|
|
Cast(aOther)->Subsumes(this, DontConsiderDocumentDomain);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
2015-05-14 21:15:56 +03:00
|
|
|
*aResult = Subsumes(aOther, ConsiderDocumentDomain) &&
|
|
|
|
Cast(aOther)->Subsumes(this, ConsiderDocumentDomain);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
2015-05-14 21:15:56 +03:00
|
|
|
*aResult = Subsumes(aOther, DontConsiderDocumentDomain);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
2015-05-14 21:15:56 +03:00
|
|
|
*aResult = Subsumes(aOther, ConsiderDocumentDomain);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
|
|
|
{
|
|
|
|
NS_IF_ADDREF(*aCsp = mCSP);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
|
|
|
|
{
|
|
|
|
// If CSP was already set, it should not be destroyed! Instead, it should
|
|
|
|
// get set anew when a new principal is created.
|
|
|
|
if (mCSP)
|
|
|
|
return NS_ERROR_ALREADY_INITIALIZED;
|
|
|
|
|
|
|
|
mCSP = aCsp;
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-21 21:16:04 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetCspJSON(nsAString& outCSPinJSON)
|
|
|
|
{
|
|
|
|
outCSPinJSON.Truncate();
|
|
|
|
dom::CSPPolicies jsonPolicies;
|
|
|
|
|
|
|
|
if (!mCSP) {
|
|
|
|
jsonPolicies.ToJSON(outCSPinJSON);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
return mCSP->ToJSON(outCSPinJSON);
|
|
|
|
}
|
|
|
|
|
2015-05-12 00:36:56 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetIsNullPrincipal(bool* aIsNullPrincipal)
|
|
|
|
{
|
|
|
|
*aIsNullPrincipal = false;
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetJarPrefix(nsACString& aJarPrefix)
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
MOZ_ASSERT(AppId() != nsIScriptSecurityManager::UNKNOWN_APP_ID);
|
2015-05-14 04:25:40 +03:00
|
|
|
|
2015-07-09 22:19:20 +03:00
|
|
|
mozilla::GetJarPrefix(mOriginAttributes.mAppId, mOriginAttributes.mInBrowser, aJarPrefix);
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-15 02:24:25 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetOriginAttributes(JSContext* aCx, JS::MutableHandle<JS::Value> aVal)
|
|
|
|
{
|
|
|
|
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aVal))) {
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
}
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes)
|
|
|
|
{
|
|
|
|
mOriginAttributes.CreateSuffix(aOriginAttributes);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetAppStatus(uint16_t* aAppStatus)
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_WARNING("Asking for app status on a principal with an unknown app id");
|
|
|
|
*aAppStatus = nsIPrincipal::APP_STATUS_NOT_INSTALLED;
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
*aAppStatus = nsScriptSecurityManager::AppStatusForPrincipal(this);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetAppId(uint32_t* aAppId)
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
2015-05-14 04:25:40 +03:00
|
|
|
MOZ_ASSERT(false);
|
|
|
|
*aAppId = nsIScriptSecurityManager::NO_APP_ID;
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-14 22:24:03 +03:00
|
|
|
*aAppId = AppId();
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-07-30 21:15:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetUserContextId(uint32_t* aUserContextId)
|
|
|
|
{
|
|
|
|
*aUserContextId = UserContextId();
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
*aIsInBrowserElement = IsInBrowserElement();
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
BasePrincipal::GetUnknownAppId(bool* aUnknownAppId)
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
*aUnknownAppId = AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID;
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
}
|
2015-05-12 00:36:56 +03:00
|
|
|
|
2015-05-15 23:43:11 +03:00
|
|
|
already_AddRefed<BasePrincipal>
|
|
|
|
BasePrincipal::CreateCodebasePrincipal(nsIURI* aURI, OriginAttributes& aAttrs)
|
|
|
|
{
|
|
|
|
// If the URI is supposed to inherit the security context of whoever loads it,
|
|
|
|
// we shouldn't make a codebase principal for it.
|
|
|
|
bool inheritsPrincipal;
|
|
|
|
nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
|
|
&inheritsPrincipal);
|
|
|
|
nsCOMPtr<nsIPrincipal> principal;
|
|
|
|
if (NS_FAILED(rv) || inheritsPrincipal) {
|
|
|
|
return nsNullPrincipal::Create();
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check whether the URI knows what its principal is supposed to be.
|
|
|
|
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
|
|
|
|
if (uriPrinc) {
|
|
|
|
nsCOMPtr<nsIPrincipal> principal;
|
|
|
|
uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
|
|
|
if (!principal) {
|
|
|
|
return nsNullPrincipal::Create();
|
|
|
|
}
|
|
|
|
nsRefPtr<BasePrincipal> concrete = Cast(principal);
|
|
|
|
return concrete.forget();
|
|
|
|
}
|
|
|
|
|
|
|
|
// Mint a codebase principal.
|
|
|
|
nsRefPtr<nsPrincipal> codebase = new nsPrincipal();
|
|
|
|
rv = codebase->Init(aURI, aAttrs);
|
|
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
|
|
return codebase.forget();
|
|
|
|
}
|
|
|
|
|
2015-07-08 03:53:15 +03:00
|
|
|
bool
|
|
|
|
BasePrincipal::AddonAllowsLoad(nsIURI* aURI)
|
|
|
|
{
|
|
|
|
if (mOriginAttributes.mAddonId.IsEmpty()) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
nsCOMPtr<nsIAddonPolicyService> aps = do_GetService("@mozilla.org/addons/policy-service;1");
|
|
|
|
NS_ENSURE_TRUE(aps, false);
|
|
|
|
|
|
|
|
bool allowed = false;
|
|
|
|
nsresult rv = aps->AddonMayLoadURI(mOriginAttributes.mAddonId, aURI, &allowed);
|
|
|
|
return NS_SUCCEEDED(rv) && allowed;
|
|
|
|
}
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
} // namespace mozilla
|