2015-05-12 00:25:59 +03:00
|
|
|
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
|
/* vim: set ts=2 sw=2 et tw=80: */
|
|
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
|
|
|
|
|
|
#include "mozilla/BasePrincipal.h"
|
2015-05-14 23:56:37 +03:00
|
|
|
|
2015-09-23 11:10:21 +03:00
|
|
|
#include "nsDocShell.h"
|
2016-01-30 02:19:56 +03:00
|
|
|
#ifdef MOZ_CRASHREPORTER
|
|
|
|
|
#include "nsExceptionHandler.h"
|
|
|
|
|
#endif
|
2015-07-08 03:53:15 +03:00
|
|
|
#include "nsIAddonPolicyService.h"
|
2015-05-21 21:16:04 +03:00
|
|
|
#include "nsIContentSecurityPolicy.h"
|
2015-05-14 23:56:37 +03:00
|
|
|
#include "nsIObjectInputStream.h"
|
|
|
|
|
#include "nsIObjectOutputStream.h"
|
2015-05-15 23:43:11 +03:00
|
|
|
|
2017-03-22 13:39:31 +03:00
|
|
|
#include "ContentPrincipal.h"
|
2015-05-15 23:43:11 +03:00
|
|
|
#include "nsNetUtil.h"
|
2015-07-06 08:55:00 +03:00
|
|
|
#include "nsIURIWithPrincipal.h"
|
2017-03-22 13:38:40 +03:00
|
|
|
#include "NullPrincipal.h"
|
2015-05-14 04:25:40 +03:00
|
|
|
#include "nsScriptSecurityManager.h"
|
2015-07-08 03:53:15 +03:00
|
|
|
#include "nsServiceManagerUtils.h"
|
2015-05-12 00:25:59 +03:00
|
|
|
|
2016-11-02 20:04:13 +03:00
|
|
|
#include "mozilla/dom/ChromeUtils.h"
|
2015-05-21 21:16:04 +03:00
|
|
|
#include "mozilla/dom/CSPDictionariesBinding.h"
|
2015-05-15 02:24:25 +03:00
|
|
|
#include "mozilla/dom/ToJSValue.h"
|
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
namespace mozilla {
|
|
|
|
|
|
2017-02-24 05:33:40 +03:00
|
|
|
BasePrincipal::BasePrincipal(PrincipalKind aKind)
|
|
|
|
|
: mKind(aKind)
|
2017-03-29 12:17:22 +03:00
|
|
|
, mDomainSet(false)
|
2015-06-04 21:51:57 +03:00
|
|
|
{}
|
|
|
|
|
|
|
|
|
|
BasePrincipal::~BasePrincipal()
|
|
|
|
|
{}
|
|
|
|
|
|
2015-05-15 02:50:44 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetOrigin(nsACString& aOrigin)
|
2015-05-15 02:55:52 +03:00
|
|
|
{
|
2017-02-25 01:02:24 +03:00
|
|
|
nsresult rv = GetOriginNoSuffix(aOrigin);
|
2015-05-15 02:55:52 +03:00
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
2015-07-16 00:50:12 +03:00
|
|
|
|
2015-05-15 02:55:52 +03:00
|
|
|
nsAutoCString suffix;
|
2017-02-25 01:02:24 +03:00
|
|
|
rv = GetOriginSuffix(suffix);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
2015-05-15 02:55:52 +03:00
|
|
|
aOrigin.Append(suffix);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetOriginNoSuffix(nsACString& aOrigin)
|
2015-05-15 02:50:44 +03:00
|
|
|
{
|
2017-03-29 12:17:18 +03:00
|
|
|
if (mOriginNoSuffix) {
|
|
|
|
|
return mOriginNoSuffix->ToUTF8String(aOrigin);
|
|
|
|
|
}
|
2017-03-29 09:19:41 +03:00
|
|
|
return GetOriginNoSuffixInternal(aOrigin);
|
2015-05-15 02:50:44 +03:00
|
|
|
}
|
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
bool
|
|
|
|
|
BasePrincipal::Subsumes(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration)
|
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
MOZ_ASSERT(aOther);
|
2017-02-25 04:27:06 +03:00
|
|
|
MOZ_ASSERT_IF(Kind() == eCodebasePrincipal, mOriginSuffix);
|
2016-11-02 20:04:13 +03:00
|
|
|
|
|
|
|
|
// Expanded principals handle origin attributes for each of their
|
|
|
|
|
// sub-principals individually, null principals do only simple checks for
|
|
|
|
|
// pointer equality, and system principals are immune to origin attributes
|
|
|
|
|
// checks, so only do this check for codebase principals.
|
|
|
|
|
if (Kind() == eCodebasePrincipal &&
|
2017-02-25 04:27:06 +03:00
|
|
|
mOriginSuffix != Cast(aOther)->mOriginSuffix) {
|
2016-11-02 20:04:13 +03:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
return SubsumesInternal(aOther, aConsideration);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
|
{
|
2015-06-02 01:33:35 +03:00
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
2017-02-25 02:05:44 +03:00
|
|
|
|
|
|
|
|
*aResult = FastEquals(aOther);
|
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-03-07 06:50:10 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
|
{
|
|
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
|
|
|
|
|
|
|
|
*aResult = FastEqualsConsideringDomain(aOther);
|
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-23 05:29:47 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
|
|
|
|
|
{
|
|
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
|
|
|
|
|
|
|
|
*aResult = FastSubsumes(aOther);
|
|
|
|
|
|
2015-05-14 21:15:56 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-18 15:17:19 +03:00
|
|
|
NS_IMETHODIMP
|
2017-03-07 06:50:10 +03:00
|
|
|
BasePrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
|
2017-01-18 15:17:19 +03:00
|
|
|
{
|
|
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
|
|
|
|
2017-03-07 06:50:10 +03:00
|
|
|
*aResult = FastSubsumesConsideringDomain(aOther);
|
|
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::SubsumesConsideringDomainIgnoringFPD(nsIPrincipal *aOther,
|
|
|
|
|
bool *aResult)
|
|
|
|
|
{
|
|
|
|
|
NS_ENSURE_TRUE(aOther, NS_ERROR_INVALID_ARG);
|
|
|
|
|
|
|
|
|
|
*aResult = FastSubsumesConsideringDomainIgnoringFPD(aOther);
|
2017-01-18 15:17:19 +03:00
|
|
|
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-01 06:03:36 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::CheckMayLoad(nsIURI* aURI, bool aReport, bool aAllowIfInheritsPrincipal)
|
|
|
|
|
{
|
|
|
|
|
// Check the internal method first, which allows us to quickly approve loads
|
|
|
|
|
// for the System Principal.
|
|
|
|
|
if (MayLoadInternal(aURI)) {
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsresult rv;
|
|
|
|
|
if (aAllowIfInheritsPrincipal) {
|
|
|
|
|
// If the caller specified to allow loads of URIs that inherit
|
|
|
|
|
// our principal, allow the load if this URI inherits its principal.
|
|
|
|
|
bool doesInheritSecurityContext;
|
|
|
|
|
rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
|
|
|
&doesInheritSecurityContext);
|
|
|
|
|
if (NS_SUCCEEDED(rv) && doesInheritSecurityContext) {
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-01 06:15:26 +03:00
|
|
|
bool fetchableByAnyone;
|
|
|
|
|
rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_FETCHABLE_BY_ANYONE, &fetchableByAnyone);
|
|
|
|
|
if (NS_SUCCEEDED(rv) && fetchableByAnyone) {
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-01 06:03:36 +03:00
|
|
|
if (aReport) {
|
|
|
|
|
nsCOMPtr<nsIURI> prinURI;
|
|
|
|
|
rv = GetURI(getter_AddRefs(prinURI));
|
|
|
|
|
if (NS_SUCCEEDED(rv) && prinURI) {
|
|
|
|
|
nsScriptSecurityManager::ReportError(nullptr, NS_LITERAL_STRING("CheckSameOriginError"), prinURI, aURI);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NS_ERROR_DOM_BAD_URI;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
|
|
|
|
{
|
|
|
|
|
NS_IF_ADDREF(*aCsp = mCSP);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-30 16:09:37 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
|
|
|
|
|
{
|
|
|
|
|
// Never destroy an existing CSP on the principal.
|
|
|
|
|
// This method should only be called in rare cases.
|
|
|
|
|
|
|
|
|
|
MOZ_ASSERT(!mCSP, "do not destroy an existing CSP");
|
|
|
|
|
if (mCSP) {
|
|
|
|
|
return NS_ERROR_ALREADY_INITIALIZED;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
mCSP = aCsp;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
NS_IMETHODIMP
|
2016-01-15 00:21:31 +03:00
|
|
|
BasePrincipal::EnsureCSP(nsIDOMDocument* aDocument,
|
|
|
|
|
nsIContentSecurityPolicy** aCSP)
|
2015-05-12 00:25:59 +03:00
|
|
|
{
|
2015-11-15 06:28:23 +03:00
|
|
|
if (mCSP) {
|
2016-01-15 00:21:31 +03:00
|
|
|
// if there is a CSP already associated with this principal
|
|
|
|
|
// then just return that - do not overwrite it!!!
|
|
|
|
|
NS_IF_ADDREF(*aCSP = mCSP);
|
|
|
|
|
return NS_OK;
|
2015-11-15 06:28:23 +03:00
|
|
|
}
|
2015-05-12 00:25:59 +03:00
|
|
|
|
2016-01-15 00:21:31 +03:00
|
|
|
nsresult rv = NS_OK;
|
|
|
|
|
mCSP = do_CreateInstance("@mozilla.org/cspcontext;1", &rv);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
|
|
|
|
|
// Store the request context for violation reports
|
|
|
|
|
rv = aDocument ? mCSP->SetRequestContext(aDocument, nullptr)
|
|
|
|
|
: mCSP->SetRequestContext(nullptr, this);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
NS_IF_ADDREF(*aCSP = mCSP);
|
2015-05-12 00:25:59 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-11-15 06:28:23 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP)
|
|
|
|
|
{
|
|
|
|
|
NS_IF_ADDREF(*aPreloadCSP = mPreloadCSP);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
2016-01-15 00:21:31 +03:00
|
|
|
BasePrincipal::EnsurePreloadCSP(nsIDOMDocument* aDocument,
|
|
|
|
|
nsIContentSecurityPolicy** aPreloadCSP)
|
2015-11-15 06:28:23 +03:00
|
|
|
{
|
|
|
|
|
if (mPreloadCSP) {
|
2016-01-15 00:21:31 +03:00
|
|
|
// if there is a speculative CSP already associated with this principal
|
|
|
|
|
// then just return that - do not overwrite it!!!
|
|
|
|
|
NS_IF_ADDREF(*aPreloadCSP = mPreloadCSP);
|
|
|
|
|
return NS_OK;
|
2015-11-15 06:28:23 +03:00
|
|
|
}
|
2016-01-15 00:21:31 +03:00
|
|
|
|
|
|
|
|
nsresult rv = NS_OK;
|
|
|
|
|
mPreloadCSP = do_CreateInstance("@mozilla.org/cspcontext;1", &rv);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
|
|
|
|
|
// Store the request context for violation reports
|
|
|
|
|
rv = aDocument ? mPreloadCSP->SetRequestContext(aDocument, nullptr)
|
|
|
|
|
: mPreloadCSP->SetRequestContext(nullptr, this);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, rv);
|
|
|
|
|
NS_IF_ADDREF(*aPreloadCSP = mPreloadCSP);
|
2015-11-15 06:28:23 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-21 21:16:04 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetCspJSON(nsAString& outCSPinJSON)
|
|
|
|
|
{
|
|
|
|
|
outCSPinJSON.Truncate();
|
|
|
|
|
dom::CSPPolicies jsonPolicies;
|
|
|
|
|
|
|
|
|
|
if (!mCSP) {
|
|
|
|
|
jsonPolicies.ToJSON(outCSPinJSON);
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
return mCSP->ToJSON(outCSPinJSON);
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-12 00:36:56 +03:00
|
|
|
NS_IMETHODIMP
|
2015-10-24 03:58:21 +03:00
|
|
|
BasePrincipal::GetIsNullPrincipal(bool* aResult)
|
2015-05-12 00:36:56 +03:00
|
|
|
{
|
2015-10-24 03:58:21 +03:00
|
|
|
*aResult = Kind() == eNullPrincipal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetIsCodebasePrincipal(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = Kind() == eCodebasePrincipal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetIsExpandedPrincipal(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = Kind() == eExpandedPrincipal;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetIsSystemPrincipal(bool* aResult)
|
|
|
|
|
{
|
|
|
|
|
*aResult = Kind() == eSystemPrincipal;
|
2015-05-12 00:36:56 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-15 02:24:25 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetOriginAttributes(JSContext* aCx, JS::MutableHandle<JS::Value> aVal)
|
|
|
|
|
{
|
|
|
|
|
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aVal))) {
|
|
|
|
|
return NS_ERROR_FAILURE;
|
|
|
|
|
}
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes)
|
|
|
|
|
{
|
2017-02-25 01:02:24 +03:00
|
|
|
MOZ_ASSERT(mOriginSuffix);
|
|
|
|
|
return mOriginSuffix->ToUTF8String(aOriginAttributes);
|
2015-05-15 02:24:25 +03:00
|
|
|
}
|
|
|
|
|
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetAppStatus(uint16_t* aAppStatus)
|
|
|
|
|
{
|
2016-11-17 05:00:04 +03:00
|
|
|
// TODO: Remove GetAppStatus.
|
|
|
|
|
*aAppStatus = nsIPrincipal::APP_STATUS_NOT_INSTALLED;
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetAppId(uint32_t* aAppId)
|
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
if (AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
|
2015-05-14 04:25:40 +03:00
|
|
|
MOZ_ASSERT(false);
|
|
|
|
|
*aAppId = nsIScriptSecurityManager::NO_APP_ID;
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-14 22:24:03 +03:00
|
|
|
*aAppId = AppId();
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-30 21:15:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetUserContextId(uint32_t* aUserContextId)
|
|
|
|
|
{
|
|
|
|
|
*aUserContextId = UserContextId();
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2016-06-29 15:01:00 +03:00
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetPrivateBrowsingId(uint32_t* aPrivateBrowsingId)
|
|
|
|
|
{
|
|
|
|
|
*aPrivateBrowsingId = PrivateBrowsingId();
|
|
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-14 04:25:40 +03:00
|
|
|
NS_IMETHODIMP
|
2016-02-05 04:42:44 +03:00
|
|
|
BasePrincipal::GetIsInIsolatedMozBrowserElement(bool* aIsInIsolatedMozBrowserElement)
|
2015-05-14 04:25:40 +03:00
|
|
|
{
|
2016-02-05 04:42:44 +03:00
|
|
|
*aIsInIsolatedMozBrowserElement = IsInIsolatedMozBrowserElement();
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
|
|
|
|
BasePrincipal::GetUnknownAppId(bool* aUnknownAppId)
|
|
|
|
|
{
|
2015-05-14 22:24:03 +03:00
|
|
|
*aUnknownAppId = AppId() == nsIScriptSecurityManager::UNKNOWN_APP_ID;
|
2015-05-14 04:25:40 +03:00
|
|
|
return NS_OK;
|
|
|
|
|
}
|
2015-05-12 00:36:56 +03:00
|
|
|
|
2016-07-09 03:19:17 +03:00
|
|
|
bool
|
|
|
|
|
BasePrincipal::AddonHasPermission(const nsAString& aPerm)
|
|
|
|
|
{
|
2016-11-05 01:16:50 +03:00
|
|
|
nsAutoString addonId;
|
|
|
|
|
NS_ENSURE_SUCCESS(GetAddonId(addonId), false);
|
|
|
|
|
|
|
|
|
|
if (addonId.IsEmpty()) {
|
2016-07-09 03:19:17 +03:00
|
|
|
return false;
|
|
|
|
|
}
|
2016-11-05 01:16:50 +03:00
|
|
|
|
2016-07-09 03:19:17 +03:00
|
|
|
nsCOMPtr<nsIAddonPolicyService> aps =
|
|
|
|
|
do_GetService("@mozilla.org/addons/policy-service;1");
|
|
|
|
|
NS_ENSURE_TRUE(aps, false);
|
|
|
|
|
|
|
|
|
|
bool retval = false;
|
2016-11-05 01:16:50 +03:00
|
|
|
nsresult rv = aps->AddonHasPermission(addonId, aPerm, &retval);
|
2016-07-09 03:19:17 +03:00
|
|
|
NS_ENSURE_SUCCESS(rv, false);
|
|
|
|
|
return retval;
|
|
|
|
|
}
|
|
|
|
|
|
2015-05-15 23:43:11 +03:00
|
|
|
already_AddRefed<BasePrincipal>
|
2017-03-29 12:17:13 +03:00
|
|
|
BasePrincipal::CreateCodebasePrincipal(nsIURI* aURI, const OriginAttributes& aAttrs)
|
2015-05-15 23:43:11 +03:00
|
|
|
{
|
|
|
|
|
// If the URI is supposed to inherit the security context of whoever loads it,
|
|
|
|
|
// we shouldn't make a codebase principal for it.
|
|
|
|
|
bool inheritsPrincipal;
|
|
|
|
|
nsresult rv = NS_URIChainHasFlags(aURI, nsIProtocolHandler::URI_INHERITS_SECURITY_CONTEXT,
|
|
|
|
|
&inheritsPrincipal);
|
|
|
|
|
if (NS_FAILED(rv) || inheritsPrincipal) {
|
2017-03-22 13:38:40 +03:00
|
|
|
return NullPrincipal::Create(aAttrs);
|
2015-05-15 23:43:11 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check whether the URI knows what its principal is supposed to be.
|
|
|
|
|
nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
|
|
|
|
|
if (uriPrinc) {
|
|
|
|
|
nsCOMPtr<nsIPrincipal> principal;
|
|
|
|
|
uriPrinc->GetPrincipal(getter_AddRefs(principal));
|
|
|
|
|
if (!principal) {
|
2017-03-22 13:38:40 +03:00
|
|
|
return NullPrincipal::Create(aAttrs);
|
2015-05-15 23:43:11 +03:00
|
|
|
}
|
2015-10-18 08:24:48 +03:00
|
|
|
RefPtr<BasePrincipal> concrete = Cast(principal);
|
2015-05-15 23:43:11 +03:00
|
|
|
return concrete.forget();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Mint a codebase principal.
|
2017-03-22 13:39:31 +03:00
|
|
|
RefPtr<ContentPrincipal> codebase = new ContentPrincipal();
|
2017-03-29 12:17:13 +03:00
|
|
|
rv = codebase->Init(aURI, aAttrs);
|
2015-05-15 23:43:11 +03:00
|
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
|
|
|
return codebase.forget();
|
|
|
|
|
}
|
|
|
|
|
|
2015-08-26 14:12:13 +03:00
|
|
|
already_AddRefed<BasePrincipal>
|
|
|
|
|
BasePrincipal::CreateCodebasePrincipal(const nsACString& aOrigin)
|
|
|
|
|
{
|
|
|
|
|
MOZ_ASSERT(!StringBeginsWith(aOrigin, NS_LITERAL_CSTRING("[")),
|
|
|
|
|
"CreateCodebasePrincipal does not support System and Expanded principals");
|
|
|
|
|
|
|
|
|
|
MOZ_ASSERT(!StringBeginsWith(aOrigin, NS_LITERAL_CSTRING(NS_NULLPRINCIPAL_SCHEME ":")),
|
2017-03-22 13:38:40 +03:00
|
|
|
"CreateCodebasePrincipal does not support NullPrincipal");
|
2015-08-26 14:12:13 +03:00
|
|
|
|
|
|
|
|
nsAutoCString originNoSuffix;
|
2017-01-12 19:38:48 +03:00
|
|
|
mozilla::OriginAttributes attrs;
|
2015-08-26 14:12:13 +03:00
|
|
|
if (!attrs.PopulateFromOrigin(aOrigin, originNoSuffix)) {
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIURI> uri;
|
|
|
|
|
nsresult rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
|
|
|
|
|
|
|
|
return BasePrincipal::CreateCodebasePrincipal(uri, attrs);
|
|
|
|
|
}
|
|
|
|
|
|
2016-09-20 11:35:21 +03:00
|
|
|
already_AddRefed<BasePrincipal>
|
|
|
|
|
BasePrincipal::CloneStrippingUserContextIdAndFirstPartyDomain()
|
|
|
|
|
{
|
2017-01-12 19:38:48 +03:00
|
|
|
OriginAttributes attrs = OriginAttributesRef();
|
|
|
|
|
attrs.StripAttributes(OriginAttributes::STRIP_USER_CONTEXT_ID |
|
|
|
|
|
OriginAttributes::STRIP_FIRST_PARTY_DOMAIN);
|
2016-09-20 11:35:21 +03:00
|
|
|
|
|
|
|
|
nsAutoCString originNoSuffix;
|
|
|
|
|
nsresult rv = GetOriginNoSuffix(originNoSuffix);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIURI> uri;
|
|
|
|
|
rv = NS_NewURI(getter_AddRefs(uri), originNoSuffix);
|
|
|
|
|
NS_ENSURE_SUCCESS(rv, nullptr);
|
|
|
|
|
|
|
|
|
|
return BasePrincipal::CreateCodebasePrincipal(uri, attrs);
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-08 03:53:15 +03:00
|
|
|
bool
|
2017-02-10 08:08:06 +03:00
|
|
|
BasePrincipal::AddonAllowsLoad(nsIURI* aURI, bool aExplicit /* = false */)
|
2015-07-08 03:53:15 +03:00
|
|
|
{
|
2016-11-05 01:16:50 +03:00
|
|
|
nsAutoString addonId;
|
|
|
|
|
NS_ENSURE_SUCCESS(GetAddonId(addonId), false);
|
|
|
|
|
|
|
|
|
|
if (addonId.IsEmpty()) {
|
2015-07-08 03:53:15 +03:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
nsCOMPtr<nsIAddonPolicyService> aps = do_GetService("@mozilla.org/addons/policy-service;1");
|
|
|
|
|
NS_ENSURE_TRUE(aps, false);
|
|
|
|
|
|
|
|
|
|
bool allowed = false;
|
2016-11-05 01:16:50 +03:00
|
|
|
nsresult rv = aps->AddonMayLoadURI(addonId, aURI, aExplicit, &allowed);
|
2015-07-08 03:53:15 +03:00
|
|
|
return NS_SUCCEEDED(rv) && allowed;
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-25 01:02:24 +03:00
|
|
|
void
|
2017-03-29 12:17:22 +03:00
|
|
|
BasePrincipal::FinishInit()
|
2017-02-25 01:02:24 +03:00
|
|
|
{
|
|
|
|
|
// First compute the origin suffix since it's infallible.
|
|
|
|
|
nsAutoCString originSuffix;
|
|
|
|
|
mOriginAttributes.CreateSuffix(originSuffix);
|
|
|
|
|
mOriginSuffix = NS_Atomize(originSuffix);
|
|
|
|
|
|
2017-03-29 12:17:18 +03:00
|
|
|
// Then compute the origin without the suffix.
|
|
|
|
|
nsAutoCString originNoSuffix;
|
2017-03-29 09:19:41 +03:00
|
|
|
nsresult rv = GetOriginNoSuffixInternal(originNoSuffix);
|
2017-03-29 12:17:18 +03:00
|
|
|
if (NS_FAILED(rv)) {
|
2017-03-29 09:19:41 +03:00
|
|
|
// If GetOriginNoSuffixInternal fails, we will get a null atom for
|
|
|
|
|
// mOriginNoSuffix, which we deal with anywhere mOriginNoSuffix is used.
|
2017-03-29 12:17:18 +03:00
|
|
|
// Once this is made infallible we can remove those null checks.
|
|
|
|
|
mOriginNoSuffix = nullptr;
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
mOriginNoSuffix = NS_Atomize(originNoSuffix);
|
2017-02-25 01:02:24 +03:00
|
|
|
}
|
|
|
|
|
|
2015-05-12 00:25:59 +03:00
|
|
|
} // namespace mozilla
|
