mozilla
/
gecko-dev
зеркало из https://github.com/mozilla/gecko-dev.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Bug 1497203: Apply Meta CSP to about:plugins. r=Gijs 

Differential Revision: https://phabricator.services.mozilla.com/D37727

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Christoph Kerschbaumer 2019-07-12 06:47:42 +00:00
Родитель a216f3dde7
Коммит d0817ff762
6 изменённых файлов: 203 добавлений и 221 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
modules/libpref/init/all.js
Просмотреть файл

@ -2463,7 +2463,7 @@ pref("security.dialog_enable_delay", 1000);
pref("security.notification_enable_delay", 500);
#if defined(DEBUG) && !defined(ANDROID)
pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,addons,config,debugging,downloads,home,newtab,plugins,preferences,sessionrestore,sync-log,welcomeback");
pref("csp.about_uris_without_csp", "blank,printpreview,srcdoc,addons,config,debugging,downloads,home,newtab,preferences,sessionrestore,sync-log,welcomeback");
// the following prefs are for testing purposes only.
pref("csp.overrule_about_uris_without_csp_whitelist", false);
pref("csp.skip_about_page_has_csp_assert", false);

13
toolkit/content/directionDetector.html
Просмотреть файл

@ -1,13 +0,0 @@
<!-- This Source Code Form is subject to the terms of the Mozilla Public
- License, v. 2.0. If a copy of the MPL was not distributed with this
- file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
<!DOCTYPE html>
<html>
<head>
<link rel="stylesheet" type="text/css" href="chrome://global/locale/intl.css">
</head>
<body>
<window id="target" style="display: none;"></window>
</body>
</html>

2
toolkit/content/jar.mn
Просмотреть файл

@ -31,9 +31,9 @@ toolkit.jar:
content/global/aboutUrlClassifier.js
content/global/aboutUrlClassifier.xhtml
content/global/aboutUrlClassifier.css
content/global/directionDetector.html
content/global/plugins.html
content/global/plugins.css
content/global/plugins.js
content/global/browser-child.js
content/global/browser-content.js
* content/global/buildconfig.html

3
toolkit/content/moz.build
Просмотреть файл

@ -260,9 +260,6 @@ with Files('contentAreaUtils.js'):
with Files('*picker*'):
BUG_COMPONENT = ('Toolkit', 'XUL Widgets')
with Files('direction*'):
BUG_COMPONENT = ('Toolkit', 'XUL Widgets')
with Files('edit*'):
BUG_COMPONENT = ('Toolkit', 'XUL Widgets')

205
toolkit/content/plugins.html
Просмотреть файл

@ -6,216 +6,15 @@
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src chrome: resource:" />
<title data-l10n-id="title-label"></title>
<script>
"use strict";
const {Services} = ChromeUtils.import("resource://gre/modules/Services.jsm");
</script>
<link rel="stylesheet" type="text/css" href="chrome://global/content/plugins.css">
<link rel="stylesheet" type="text/css" href="chrome://global/skin/plugins.css">
<link rel="localization" href="toolkit/about/aboutPlugins.ftl"/>
</head>
<body>
<div id="outside">
<script>
/* eslint-env mozilla/frame-script */
"use strict";
function setDirection() {
var frame = document.getElementById("directionDetector");
var direction = frame.contentDocument
.defaultView
.window
.getComputedStyle(frame.contentDocument.getElementById("target"))
.getPropertyValue("direction");
document.body.removeChild(frame);
document.dir = direction;
}
function setupDirection() {
var frame = document.createElement("iframe");
frame.setAttribute("id", "directionDetector");
frame.setAttribute("src", "chrome://global/content/directionDetector.html");
frame.setAttribute("width", "0");
frame.setAttribute("height", "0");
frame.setAttribute("style", "visibility: hidden;");
frame.setAttribute("onload", "setDirection();");
document.body.appendChild(frame);
}
setupDirection();
/* JavaScript to enumerate and display all installed plug-ins
* First, refresh plugins in case anything has been changed recently in
* prefs: (The "false" argument tells refresh not to reload or activate
* any plug-ins that would be active otherwise. In contrast, one would
* use "true" in the case of ASD instead of restarting)
*/
navigator.plugins.refresh(false);
RPMAddMessageListener("PluginList", function({ data: aPlugins }) {
var fragment = document.createDocumentFragment();
// "Installed plugins"
var id, label;
if (aPlugins.length > 0) {
id = "plugs";
label = "installed-plugins-label";
} else {
id = "noplugs";
label = "no-plugins-are-installed-label";
}
var enabledplugins = document.createElement("h1");
enabledplugins.setAttribute("id", id);
document.l10n.setAttributes(enabledplugins, label);
fragment.appendChild(enabledplugins);
var deprecation = document.createElement("p");
var deprecationLink = document.createElement("a");
let deprecationLink_href = Services.urlFormatter.formatURLPref("app.support.baseURL") + "npapi";
deprecationLink.setAttribute("data-l10n-name", "deprecation-link");
deprecationLink.setAttribute("href", deprecationLink_href);
deprecation.appendChild(deprecationLink);
deprecation.setAttribute("class", "notice");
document.l10n.setAttributes(deprecation, "deprecation-description");
fragment.appendChild(deprecation);
var stateNames = {};
["STATE_SOFTBLOCKED",
"STATE_BLOCKED",
"STATE_OUTDATED",
"STATE_VULNERABLE_UPDATE_AVAILABLE",
"STATE_VULNERABLE_NO_UPDATE"].forEach(function(label) {
stateNames[Ci.nsIBlocklistService[label]] = label;
});
for (var i = 0; i < aPlugins.length; i++) {
var plugin = aPlugins[i];
if (plugin) {
// "Shockwave Flash"
var plugname = document.createElement("h2");
plugname.setAttribute("class", "plugname");
plugname.appendChild(document.createTextNode(plugin.name));
fragment.appendChild(plugname);
var dl = document.createElement("dl");
fragment.appendChild(dl);
// "File: Flash Player.plugin"
var fileDd = document.createElement("dd");
var file = document.createElement("span");
file.setAttribute("data-l10n-name", "file");
file.setAttribute("class", "label");
fileDd.appendChild(file);
document.l10n.setAttributes(fileDd, "file-dd", { pluginLibraries: plugin.pluginLibraries[0] });
dl.appendChild(fileDd);
// "Path: /usr/lib/mozilla/plugins/libtotem-cone-plugin.so"
var pathDd = document.createElement("dd");
var path = document.createElement("span");
path.setAttribute("data-l10n-name", "path");
path.setAttribute("class", "label");
pathDd.appendChild(path);
document.l10n.setAttributes(pathDd, "path-dd", { pluginFullPath: plugin.pluginFullpath[0] });
dl.appendChild(pathDd);
// "Version: "
var versionDd = document.createElement("dd");
var version = document.createElement("span");
version.setAttribute("data-l10n-name", "version");
version.setAttribute("class", "label");
versionDd.appendChild(version);
document.l10n.setAttributes(versionDd, "version-dd", { version: plugin.version });
dl.appendChild(versionDd);
// "State: "
var stateDd = document.createElement("dd");
var state = document.createElement("span");
state.setAttribute("data-l10n-name", "state");
state.setAttribute("label", "state");
stateDd.appendChild(state);
if (plugin.isActive) {
if (plugin.blocklistState in stateNames) {
document.l10n.setAttributes(stateDd, "state-dd-enabled-block-list-state", { blockListState: stateNames[plugin.blocklistState] });
} else {
document.l10n.setAttributes(stateDd, "state-dd-enabled");
}
} else if (plugin.blocklistState in stateNames) {
document.l10n.setAttributes(stateDd, "state-dd-disabled-block-list-state", { blockListState: stateNames[plugin.blocklistState] });
} else {
document.l10n.setAttributes(stateDd, "state-dd-disabled");
}
dl.appendChild(stateDd);
// Plugin Description
var descDd = document.createElement("dd");
descDd.appendChild(document.createTextNode(plugin.description));
dl.appendChild(descDd);
// MIME Type table
var mimetypeTable = document.createElement("table");
mimetypeTable.setAttribute("border", "1");
mimetypeTable.setAttribute("class", "contenttable");
fragment.appendChild(mimetypeTable);
var thead = document.createElement("thead");
mimetypeTable.appendChild(thead);
var tr = document.createElement("tr");
thead.appendChild(tr);
// "MIME Type" column header
var typeTh = document.createElement("th");
typeTh.setAttribute("class", "type");
document.l10n.setAttributes(typeTh, "mime-type-label");
tr.appendChild(typeTh);
// "Description" column header
var descTh = document.createElement("th");
descTh.setAttribute("class", "desc");
document.l10n.setAttributes(descTh, "description-label");
tr.appendChild(descTh);
// "Suffixes" column header
var suffixesTh = document.createElement("th");
suffixesTh.setAttribute("class", "suff");
document.l10n.setAttributes(suffixesTh, "suffixes-label");
tr.appendChild(suffixesTh);
var tbody = document.createElement("tbody");
mimetypeTable.appendChild(tbody);
var mimeTypes = plugin.pluginMimeTypes;
for (var j = 0; j < mimeTypes.length; j++) {
var mimetype = mimeTypes[j];
if (mimetype) {
var mimetypeRow = document.createElement("tr");
tbody.appendChild(mimetypeRow);
// "application/x-shockwave-flash"
var typename = document.createElement("td");
typename.appendChild(document.createTextNode(mimetype.type));
mimetypeRow.appendChild(typename);
// "Shockwave Flash"
var description = document.createElement("td");
description.appendChild(document.createTextNode(mimetype.description));
mimetypeRow.appendChild(description);
// "swf"
var suffixes = document.createElement("td");
suffixes.appendChild(document.createTextNode(mimetype.suffixes));
mimetypeRow.appendChild(suffixes);
}
}
}
}
document.getElementById("outside").appendChild(fragment);
});
RPMSendAsyncMessage("RequestPlugins");
</script>
<script type="application/javascript" src="chrome://global/content/plugins.js"></script>
</div>
</body>
</html>

199
toolkit/content/plugins.js Normal file
Просмотреть файл

@ -0,0 +1,199 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
/* eslint-env mozilla/frame-script */
"use strict";
const { Services } = ChromeUtils.import("resource://gre/modules/Services.jsm");
/* JavaScript to enumerate and display all installed plug-ins
* First, refresh plugins in case anything has been changed recently in
* prefs: (The "false" argument tells refresh not to reload or activate
* any plug-ins that would be active otherwise. In contrast, one would
* use "true" in the case of ASD instead of restarting)
*/
navigator.plugins.refresh(false);
RPMAddMessageListener("PluginList", function({ data: aPlugins }) {
var fragment = document.createDocumentFragment();
// "Installed plugins"
var id, label;
if (aPlugins.length > 0) {
id = "plugs";
label = "installed-plugins-label";
} else {
id = "noplugs";
label = "no-plugins-are-installed-label";
}
var enabledplugins = document.createElement("h1");
enabledplugins.setAttribute("id", id);
document.l10n.setAttributes(enabledplugins, label);
fragment.appendChild(enabledplugins);
var deprecation = document.createElement("p");
var deprecationLink = document.createElement("a");
let deprecationLink_href =
Services.urlFormatter.formatURLPref("app.support.baseURL") + "npapi";
deprecationLink.setAttribute("data-l10n-name", "deprecation-link");
deprecationLink.setAttribute("href", deprecationLink_href);
deprecation.appendChild(deprecationLink);
deprecation.setAttribute("class", "notice");
document.l10n.setAttributes(deprecation, "deprecation-description");
fragment.appendChild(deprecation);
var stateNames = {};
[
"STATE_SOFTBLOCKED",
"STATE_BLOCKED",
"STATE_OUTDATED",
"STATE_VULNERABLE_UPDATE_AVAILABLE",
"STATE_VULNERABLE_NO_UPDATE",
].forEach(function(label) {
stateNames[Ci.nsIBlocklistService[label]] = label;
});
for (var i = 0; i < aPlugins.length; i++) {
var plugin = aPlugins[i];
if (plugin) {
// "Shockwave Flash"
var plugname = document.createElement("h2");
plugname.setAttribute("class", "plugname");
plugname.appendChild(document.createTextNode(plugin.name));
fragment.appendChild(plugname);
var dl = document.createElement("dl");
fragment.appendChild(dl);
// "File: Flash Player.plugin"
var fileDd = document.createElement("dd");
var file = document.createElement("span");
file.setAttribute("data-l10n-name", "file");
file.setAttribute("class", "label");
fileDd.appendChild(file);
document.l10n.setAttributes(fileDd, "file-dd", {
pluginLibraries: plugin.pluginLibraries[0],
});
dl.appendChild(fileDd);
// "Path: /usr/lib/mozilla/plugins/libtotem-cone-plugin.so"
var pathDd = document.createElement("dd");
var path = document.createElement("span");
path.setAttribute("data-l10n-name", "path");
path.setAttribute("class", "label");
pathDd.appendChild(path);
document.l10n.setAttributes(pathDd, "path-dd", {
pluginFullPath: plugin.pluginFullpath[0],
});
dl.appendChild(pathDd);
// "Version: "
var versionDd = document.createElement("dd");
var version = document.createElement("span");
version.setAttribute("data-l10n-name", "version");
version.setAttribute("class", "label");
versionDd.appendChild(version);
document.l10n.setAttributes(versionDd, "version-dd", {
version: plugin.version,
});
dl.appendChild(versionDd);
// "State: "
var stateDd = document.createElement("dd");
var state = document.createElement("span");
state.setAttribute("data-l10n-name", "state");
state.setAttribute("label", "state");
stateDd.appendChild(state);
if (plugin.isActive) {
if (plugin.blocklistState in stateNames) {
document.l10n.setAttributes(
stateDd,
"state-dd-enabled-block-list-state",
{ blockListState: stateNames[plugin.blocklistState] }
);
} else {
document.l10n.setAttributes(stateDd, "state-dd-enabled");
}
} else if (plugin.blocklistState in stateNames) {
document.l10n.setAttributes(
stateDd,
"state-dd-disabled-block-list-state",
{ blockListState: stateNames[plugin.blocklistState] }
);
} else {
document.l10n.setAttributes(stateDd, "state-dd-disabled");
}
dl.appendChild(stateDd);
// Plugin Description
var descDd = document.createElement("dd");
descDd.appendChild(document.createTextNode(plugin.description));
dl.appendChild(descDd);
// MIME Type table
var mimetypeTable = document.createElement("table");
mimetypeTable.setAttribute("border", "1");
mimetypeTable.setAttribute("class", "contenttable");
fragment.appendChild(mimetypeTable);
var thead = document.createElement("thead");
mimetypeTable.appendChild(thead);
var tr = document.createElement("tr");
thead.appendChild(tr);
// "MIME Type" column header
var typeTh = document.createElement("th");
typeTh.setAttribute("class", "type");
document.l10n.setAttributes(typeTh, "mime-type-label");
tr.appendChild(typeTh);
// "Description" column header
var descTh = document.createElement("th");
descTh.setAttribute("class", "desc");
document.l10n.setAttributes(descTh, "description-label");
tr.appendChild(descTh);
// "Suffixes" column header
var suffixesTh = document.createElement("th");
suffixesTh.setAttribute("class", "suff");
document.l10n.setAttributes(suffixesTh, "suffixes-label");
tr.appendChild(suffixesTh);
var tbody = document.createElement("tbody");
mimetypeTable.appendChild(tbody);
var mimeTypes = plugin.pluginMimeTypes;
for (var j = 0; j < mimeTypes.length; j++) {
var mimetype = mimeTypes[j];
if (mimetype) {
var mimetypeRow = document.createElement("tr");
tbody.appendChild(mimetypeRow);
// "application/x-shockwave-flash"
var typename = document.createElement("td");
typename.appendChild(document.createTextNode(mimetype.type));
mimetypeRow.appendChild(typename);
// "Shockwave Flash"
var description = document.createElement("td");
description.appendChild(
document.createTextNode(mimetype.description)
);
mimetypeRow.appendChild(description);
// "swf"
var suffixes = document.createElement("td");
suffixes.appendChild(document.createTextNode(mimetype.suffixes));
mimetypeRow.appendChild(suffixes);
}
}
}
}
document.getElementById("outside").appendChild(fragment);
});
RPMSendAsyncMessage("RequestPlugins");