2018-11-30 22:52:05 +03:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
2018-11-30 18:39:55 +03:00
|
|
|
/* vim: set ts=4 et sw=2 tw=80: */
|
2012-05-21 15:12:37 +04:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
2000-02-10 07:56:56 +03:00
|
|
|
|
2003-10-22 02:11:49 +04:00
|
|
|
#ifndef nsScriptSecurityManager_h__
|
|
|
|
#define nsScriptSecurityManager_h__
|
1999-08-20 13:51:02 +04:00
|
|
|
|
|
|
|
#include "nsIScriptSecurityManager.h"
|
2015-07-20 04:42:16 +03:00
|
|
|
|
|
|
|
#include "mozilla/Maybe.h"
|
1999-08-20 13:51:02 +04:00
|
|
|
#include "nsIPrincipal.h"
|
2000-01-19 00:54:01 +03:00
|
|
|
#include "nsCOMPtr.h"
|
2015-07-20 04:42:16 +03:00
|
|
|
#include "nsServiceManagerUtils.h"
|
2017-08-17 02:48:52 +03:00
|
|
|
#include "nsStringFwd.h"
|
2002-05-15 22:55:21 +04:00
|
|
|
#include "plstr.h"
|
2013-08-28 06:59:14 +04:00
|
|
|
#include "js/TypeDecls.h"
|
2000-08-22 10:02:14 +04:00
|
|
|
|
2013-07-30 18:25:31 +04:00
|
|
|
#include <stdint.h>
|
2012-04-12 04:17:44 +04:00
|
|
|
|
2003-10-22 02:11:49 +04:00
|
|
|
class nsIIOService;
|
2003-07-29 09:28:00 +04:00
|
|
|
class nsIStringBundle;
|
2006-02-24 07:38:46 +03:00
|
|
|
|
2015-05-15 23:43:11 +03:00
|
|
|
namespace mozilla {
|
2017-01-12 19:38:48 +03:00
|
|
|
class OriginAttributes;
|
2018-07-17 22:38:19 +03:00
|
|
|
class SystemPrincipal;
|
2015-07-13 18:25:42 +03:00
|
|
|
} // namespace mozilla
|
2015-05-15 23:43:11 +03:00
|
|
|
|
2002-02-13 07:20:46 +03:00
|
|
|
/////////////////////////////
|
|
|
|
// nsScriptSecurityManager //
|
|
|
|
/////////////////////////////
|
1999-08-20 13:51:02 +04:00
|
|
|
#define NS_SCRIPTSECURITYMANAGER_CID \
|
2018-11-30 13:46:48 +03:00
|
|
|
{ \
|
1999-08-20 13:51:02 +04:00
|
|
|
0x7ee2a4c0, 0x4b93, 0x17d3, { \
|
|
|
|
0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 \
|
|
|
|
} \
|
2018-11-30 13:46:48 +03:00
|
|
|
}
|
1999-08-20 13:51:02 +04:00
|
|
|
|
2018-07-06 00:53:14 +03:00
|
|
|
class nsScriptSecurityManager final : public nsIScriptSecurityManager {
|
1999-08-20 13:51:02 +04:00
|
|
|
public:
|
2002-02-13 07:20:46 +03:00
|
|
|
static void Shutdown();
|
2014-05-07 10:17:43 +04:00
|
|
|
|
1999-08-30 01:58:42 +04:00
|
|
|
NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
|
2014-05-07 10:17:43 +04:00
|
|
|
|
1999-08-30 01:58:42 +04:00
|
|
|
NS_DECL_ISUPPORTS
|
|
|
|
NS_DECL_NSISCRIPTSECURITYMANAGER
|
2001-04-17 05:21:44 +04:00
|
|
|
|
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 20:46:42 +04:00
|
|
|
static nsScriptSecurityManager* GetScriptSecurityManager();
|
2000-08-22 10:02:14 +04:00
|
|
|
|
2014-05-07 10:17:43 +04:00
|
|
|
// Invoked exactly once, by XPConnect.
|
|
|
|
static void InitStatics();
|
|
|
|
|
2019-11-22 15:40:17 +03:00
|
|
|
void InitJSCallbacks(JSContext* aCx);
|
2019-11-27 23:57:43 +03:00
|
|
|
|
|
|
|
// This has to be static because it is called after gScriptSecMan is cleared.
|
|
|
|
static void ClearJSCallbacks(JSContext* aCx);
|
2019-11-22 15:40:17 +03:00
|
|
|
|
2018-07-17 22:38:19 +03:00
|
|
|
static already_AddRefed<mozilla::SystemPrincipal>
|
2001-08-07 07:59:29 +04:00
|
|
|
SystemPrincipalSingletonConstructor();
|
|
|
|
|
2008-02-27 06:45:29 +03:00
|
|
|
/**
|
|
|
|
* Utility method for comparing two URIs. For security purposes, two URIs
|
|
|
|
* are equivalent if their schemes, hosts, and ports (if any) match. This
|
|
|
|
* method returns true if aSubjectURI and aObjectURI have the same origin,
|
|
|
|
* false otherwise.
|
|
|
|
*/
|
2011-09-29 10:19:26 +04:00
|
|
|
static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
|
2012-08-22 19:56:38 +04:00
|
|
|
static uint32_t SecurityHashURI(nsIURI* aURI);
|
2008-02-27 06:45:29 +03:00
|
|
|
|
2018-09-25 08:25:05 +03:00
|
|
|
static nsresult ReportError(const char* aMessageTag, nsIURI* aSource,
|
2019-12-12 19:41:26 +03:00
|
|
|
nsIURI* aTarget, bool aFromPrivateWindow,
|
|
|
|
uint64_t aInnerWindowID = 0);
|
2020-01-06 18:30:35 +03:00
|
|
|
static nsresult ReportError(const char* aMessageTag,
|
|
|
|
const nsACString& sourceSpec,
|
|
|
|
const nsACString& targetSpec,
|
|
|
|
bool aFromPrivateWindow,
|
|
|
|
uint64_t aInnerWindowID = 0);
|
|
|
|
|
|
|
|
static uint32_t HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
|
2008-10-08 17:16:27 +04:00
|
|
|
|
2008-03-22 19:50:47 +03:00
|
|
|
static bool GetStrictFileOriginPolicy() { return sStrictFileOriginPolicy; }
|
|
|
|
|
2013-11-13 04:43:35 +04:00
|
|
|
void DeactivateDomainPolicy();
|
|
|
|
|
1999-08-20 13:51:02 +04:00
|
|
|
private:
|
2003-01-17 05:00:01 +03:00
|
|
|
// GetScriptSecurityManager is the only call that can make one
|
|
|
|
nsScriptSecurityManager();
|
|
|
|
virtual ~nsScriptSecurityManager();
|
2000-01-19 00:54:01 +03:00
|
|
|
|
2003-01-17 05:00:01 +03:00
|
|
|
// Decides, based on CSP, whether or not eval() and stuff can be executed.
|
|
|
|
static bool ContentSecurityPolicyPermitsJSAction(JSContext* cx,
|
2020-02-14 18:05:27 +03:00
|
|
|
JS::HandleString aCode);
|
2003-01-17 05:00:01 +03:00
|
|
|
|
2018-07-16 18:58:04 +03:00
|
|
|
static bool JSPrincipalsSubsume(JSPrincipals* first, JSPrincipals* second);
|
2010-03-08 11:24:50 +03:00
|
|
|
|
2014-01-03 20:32:56 +04:00
|
|
|
nsresult Init();
|
|
|
|
|
2003-01-17 05:00:01 +03:00
|
|
|
nsresult InitPrefs();
|
2009-05-14 02:01:01 +04:00
|
|
|
|
2019-11-01 05:57:20 +03:00
|
|
|
static void ScriptSecurityPrefChanged(const char* aPref, void* aSelf);
|
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 20:46:42 +04:00
|
|
|
void ScriptSecurityPrefChanged(const char* aPref = nullptr);
|
2000-11-30 08:32:08 +03:00
|
|
|
|
2018-07-06 00:53:14 +03:00
|
|
|
inline void AddSitesToFileURIAllowlist(const nsCString& aSiteList);
|
2000-01-06 03:59:18 +03:00
|
|
|
|
2018-10-31 20:56:43 +03:00
|
|
|
nsresult GetChannelResultPrincipal(nsIChannel* aChannel,
|
|
|
|
nsIPrincipal** aPrincipal,
|
|
|
|
bool aIgnoreSandboxing);
|
2014-05-09 20:59:22 +04:00
|
|
|
|
2016-04-28 13:13:09 +03:00
|
|
|
nsresult CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI,
|
|
|
|
nsIURI* aSourceBaseURI, nsIURI* aTargetBaseURI,
|
2019-12-12 19:41:19 +03:00
|
|
|
uint32_t aFlags, bool aFromPrivateWindow,
|
|
|
|
uint64_t aInnerWindowID);
|
2016-04-28 13:13:09 +03:00
|
|
|
|
2016-07-13 14:05:22 +03:00
|
|
|
// Returns the file URI allowlist, initializing it if it has not been
|
2018-09-25 08:25:05 +03:00
|
|
|
// initialized.
|
|
|
|
const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIAllowlist();
|
2016-07-13 14:05:22 +03:00
|
|
|
|
2018-10-31 20:56:43 +03:00
|
|
|
nsCOMPtr<nsIPrincipal> mSystemPrincipal;
|
|
|
|
bool mPrefInitialized;
|
|
|
|
bool mIsJavaScriptEnabled;
|
2016-10-03 07:43:17 +03:00
|
|
|
|
2003-10-22 02:11:49 +04:00
|
|
|
// List of URIs whose domains and sub-domains are allowlisted to allow
|
|
|
|
// access to file: URIs. Lazily initialized; isNothing() when not yet
|
2016-10-03 07:43:17 +03:00
|
|
|
// initialized.
|
2003-10-22 02:11:49 +04:00
|
|
|
mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIAllowlist;
|
2016-10-03 07:43:17 +03:00
|
|
|
|
2018-10-31 20:56:43 +03:00
|
|
|
// This machinery controls new-style domain policies. The old-style
|
2016-10-03 07:43:17 +03:00
|
|
|
// policy machinery will be removed soon.
|
2018-10-31 20:56:43 +03:00
|
|
|
nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
|
2008-02-27 06:45:29 +03:00
|
|
|
|
2013-11-13 04:43:35 +04:00
|
|
|
static bool sStrictFileOriginPolicy;
|
|
|
|
|
2003-10-22 02:11:49 +04:00
|
|
|
static nsIIOService* sIOService;
|
2003-07-29 09:28:00 +04:00
|
|
|
static nsIStringBundle* sStrBundle;
|
2003-07-24 09:15:20 +04:00
|
|
|
};
|
2003-10-22 02:11:49 +04:00
|
|
|
|
|
|
|
#endif // nsScriptSecurityManager_h__
|