зеркало из https://github.com/mozilla/gecko-dev.git
Bug 663570 - MetaCSP Part 2: Principal changes (r=bz)
This commit is contained in:
Родитель
96f42dd458
Коммит
b967444f19
|
@ -317,15 +317,31 @@ BasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
|||
NS_IMETHODIMP
|
||||
BasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
|
||||
{
|
||||
// If CSP was already set, it should not be destroyed! Instead, it should
|
||||
// get set anew when a new principal is created.
|
||||
if (mCSP)
|
||||
if (mCSP) {
|
||||
return NS_ERROR_ALREADY_INITIALIZED;
|
||||
}
|
||||
|
||||
mCSP = aCsp;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP)
|
||||
{
|
||||
NS_IF_ADDREF(*aPreloadCSP = mPreloadCSP);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP)
|
||||
{
|
||||
if (mPreloadCSP) {
|
||||
return NS_ERROR_ALREADY_INITIALIZED;
|
||||
}
|
||||
mPreloadCSP = aPreloadCSP;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::GetCspJSON(nsAString& outCSPinJSON)
|
||||
{
|
||||
|
|
|
@ -146,6 +146,8 @@ public:
|
|||
NS_IMETHOD CheckMayLoad(nsIURI* uri, bool report, bool allowIfInheritsPrincipal) final;
|
||||
NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override;
|
||||
NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
|
||||
NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override;
|
||||
NS_IMETHOD SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) override;
|
||||
NS_IMETHOD GetCspJSON(nsAString& outCSPinJSON) override;
|
||||
NS_IMETHOD GetIsNullPrincipal(bool* aResult) override;
|
||||
NS_IMETHOD GetIsCodebasePrincipal(bool* aResult) override;
|
||||
|
@ -200,6 +202,7 @@ protected:
|
|||
bool AddonAllowsLoad(nsIURI* aURI);
|
||||
|
||||
nsCOMPtr<nsIContentSecurityPolicy> mCSP;
|
||||
nsCOMPtr<nsIContentSecurityPolicy> mPreloadCSP;
|
||||
OriginAttributes mOriginAttributes;
|
||||
};
|
||||
|
||||
|
|
|
@ -20,7 +20,7 @@ interface nsIContentSecurityPolicy;
|
|||
[ptr] native JSPrincipals(JSPrincipals);
|
||||
[ptr] native PrincipalArray(nsTArray<nsCOMPtr<nsIPrincipal> >);
|
||||
|
||||
[scriptable, builtinclass, uuid(86e5fd29-dccb-4547-8918-f224005479a0)]
|
||||
[scriptable, builtinclass, uuid(188fc4a2-3157-4956-a7a2-d674991770da)]
|
||||
interface nsIPrincipal : nsISerializable
|
||||
{
|
||||
/**
|
||||
|
@ -132,9 +132,29 @@ interface nsIPrincipal : nsISerializable
|
|||
|
||||
/**
|
||||
* A Content Security Policy associated with this principal.
|
||||
*
|
||||
* Please note that if a csp was already set on the
|
||||
* principal, then it should not be destroyed! Instead, the
|
||||
* current csp should be quried and extended by
|
||||
* calling AppendPolicy() on it.
|
||||
*/
|
||||
[noscript] attribute nsIContentSecurityPolicy csp;
|
||||
|
||||
/**
|
||||
* A speculative Content Security Policy associated with this
|
||||
* principal. Set during speculative loading (preloading) and
|
||||
* used *only* for preloads.
|
||||
*
|
||||
* If you want to query the CSP associated with that principal,
|
||||
* then this is *not* what you want. Instead query 'csp'.
|
||||
*
|
||||
* Please note that if a preloadCSP was already set on the
|
||||
* principal, then it should not be destroyed! Instead, the
|
||||
* current preloadCSP should be quried and extended by
|
||||
* calling AppendPolicy() on it.
|
||||
*/
|
||||
[noscript] attribute nsIContentSecurityPolicy preloadCsp;
|
||||
|
||||
/**
|
||||
* The CSP of the principal in JSON notation.
|
||||
* Note, that the CSP itself is not exposed to JS, but script
|
||||
|
|
|
@ -72,7 +72,21 @@ nsSystemPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
|
|||
NS_IMETHODIMP
|
||||
nsSystemPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
|
||||
{
|
||||
// CSP on a null principal makes no sense
|
||||
// CSP on a system principal makes no sense
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSystemPrincipal::GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP)
|
||||
{
|
||||
*aPreloadCSP = nullptr;
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsSystemPrincipal::SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP)
|
||||
{
|
||||
// CSP on a system principal makes no sense
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
|
|
|
@ -31,6 +31,8 @@ public:
|
|||
NS_IMETHOD SetDomain(nsIURI* aDomain) override;
|
||||
NS_IMETHOD GetCsp(nsIContentSecurityPolicy** aCsp) override;
|
||||
NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
|
||||
NS_IMETHOD GetPreloadCsp(nsIContentSecurityPolicy** aPreloadCSP) override;
|
||||
NS_IMETHOD SetPreloadCsp(nsIContentSecurityPolicy* aPreloadCSP) override;
|
||||
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
|
||||
nsresult GetOriginInternal(nsACString& aOrigin) override;
|
||||
|
||||
|
|
Загрузка…
Ссылка в новой задаче