Fix bug 13253.

Enable restrictions on use of Components array from web JavaScript.
1999-09-07 20:40:20 +00:00 · 1999-09-07 20:40:20 +00:00 · eb23e76298
--- a/caps/idl/nsIScriptSecurityManager.idl
+++ b/caps/idl/nsIScriptSecurityManager.idl
@ -15,46 +15,16 @@
 * Copyright (C) 1999 Netscape Communications Corporation.  All Rights
 * Reserved.
 */
+
 #include "nsISupports.idl"
-#include "nsIPrincipal.idl"

-[ptr] native nsJSPrincipalsList(nsJSPrincipalsList);
-[ptr] native JSContext(JSContext);
-[ptr] native JSObject(JSObject);
-[ptr] native JSFunction(JSFunction);
-[ptr] native jsval(jsval);
-
-interface nsString;
+interface nsIPrincipal;
 interface nsIScriptContext;
-interface nsIScriptGlobalObject;
 interface nsIURI;

-%{C++
-struct nsJSPrincipalsList;
-struct JSContext;
-struct JSObject;
-%}
-
 [uuid(58df5780-8006-11d2-bd91-00805f8ae3f4)]
 interface nsIScriptSecurityManager : nsISupports
 {
-	// NB TODO: Change to string representation
-	const short SCRIPT_SECURITY_ALL_ACCESS = 0 << 0;
-	const short SCRIPT_SECURITY_NO_ACCESS = 1 << 0;
-	const short SCRIPT_SECURITY_SAME_DOMAIN_ACCESS  = 1 << 1;
-	const short SCRIPT_SECURITY_SIGNED_ACCESS = 1 << 2;
-
-	// NB TODO: Move to Capabilities manager
-	const short eJSTarget_UniversalBrowserRead=0;
-	const short eJSTarget_UniversalBrowserWrite=1;
-	const short eJSTarget_UniversalSendMail=2;
-	const short eJSTarget_UniversalFileRead=3;
-	const short eJSTarget_UniversalFileWrite=4;
-	const short eJSTarget_UniversalPreferencesRead=5;
-	const short eJSTarget_UniversalPreferencesWrite=6;
-	const short eJSTarget_UniversalDialerAccess=7;
-	const short eJSTarget_Max=8;
-
 	boolean CheckScriptAccess(in nsIScriptContext cx, in voidStar obj, 
 	                          [const] in string prop, in boolean isWrite);

--- a/caps/src/nsCodebasePrincipal.cpp
+++ b/caps/src/nsCodebasePrincipal.cpp
@ -25,7 +25,6 @@
 #include "nsCOMPtr.h"

 static NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
-static char gFileScheme[] = "file";

 NS_IMPL_ISUPPORTS(nsCodebasePrincipal, kICodebasePrincipalIID);

@ -128,7 +127,7 @@ nsCodebasePrincipal::SameOrigin(nsIPrincipal *other, PRBool *result)
        rv = mURI->GetScheme(&scheme2);
    if (NS_SUCCEEDED(rv) && PL_strcmp(scheme1, scheme2) == 0) {

-        if (PL_strcmp(scheme1, gFileScheme) == 0) {
+        if (PL_strcmp(scheme1, "file") == 0) {
            // All file: urls are considered to have the same origin.
            *result = PR_TRUE;
        } else {
@ -172,8 +171,11 @@ nsCodebasePrincipal::Init(nsIURI *uri)
    char *codebase;
    if (NS_FAILED(uri->GetSpec(&codebase))) 
        return NS_ERROR_FAILURE;
-    if (NS_FAILED(mJSPrincipals.Init(codebase))) 
+    if (NS_FAILED(mJSPrincipals.Init(codebase))) {
+        nsCRT::free(codebase);
        return NS_ERROR_FAILURE;
+    }
+    // JSPrincipals::Init adopts codebase, so no need to free now
    NS_ADDREF(this);
    mURI = uri;
    NS_ADDREF(mURI);
--- a/caps/src/nsScriptSecurityManager.cpp
+++ b/caps/src/nsScriptSecurityManager.cpp
@ -38,6 +38,19 @@ static NS_DEFINE_CID(kComponentManagerCID, NS_COMPONENTMANAGER_CID);
 static NS_DEFINE_IID(kIScriptSecurityManagerIID, NS_ISCRIPTSECURITYMANAGER_IID);
 static NS_DEFINE_IID(kIXPCSecurityManagerIID, NS_IXPCSECURITYMANAGER_IID);

+static const char accessErrorMessage[] = 
+    "access disallowed from scripts at %s to documents at another domain";
+
+enum {
+    SCRIPT_SECURITY_SAME_DOMAIN_ACCESS,
+    SCRIPT_SECURITY_ALL_ACCESS,
+    SCRIPT_SECURITY_NO_ACCESS
+};
+
+////////////////////////////////////
+// Methods implementing ISupports //
+////////////////////////////////////
+
 NS_IMETHODIMP
 nsScriptSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr)
 {
@ -59,29 +72,10 @@ nsScriptSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr)
 NS_IMPL_ADDREF(nsScriptSecurityManager);
 NS_IMPL_RELEASE(nsScriptSecurityManager);

-static const char accessErrorMessage[] = 
-    "access disallowed from scripts at %s to documents at another domain";
-
-nsScriptSecurityManager::nsScriptSecurityManager(void)
-    : mSystemPrincipal(nsnull)
-{
-    NS_INIT_REFCNT();
-}
-
-nsScriptSecurityManager::~nsScriptSecurityManager(void)
-{
-//  nsServiceManager::ReleaseService(kPrefServiceCID, mPrefs);  
-} 
-
-nsScriptSecurityManager *
-nsScriptSecurityManager::GetScriptSecurityManager()
-{
-    static nsScriptSecurityManager *ssecMan = NULL;
-    if (!ssecMan) 
-        ssecMan = new nsScriptSecurityManager();
-    return ssecMan;
-}

+///////////////////////////////////////////////////
+// Methods implementing nsIScriptSecurityManager //
+///////////////////////////////////////////////////

 NS_IMETHODIMP
 nsScriptSecurityManager::CheckScriptAccess(nsIScriptContext *aContext, 
@ -126,14 +120,23 @@ nsScriptSecurityManager::CheckURI(nsIScriptContext *aContext,
        *aResult = PR_TRUE;
        return NS_OK;
    }
-    if (nsCRT::strcmp(scheme, "file") == 0) {
-        JSContext *cx = (JSContext*) aContext->GetNativeContext();
-        nsCOMPtr<nsIPrincipal> principal;
-        if (NS_FAILED(GetSubjectPrincipal(cx, getter_AddRefs(principal))) || 
-            !principal)
-        {
+    if (nsCRT::strcmp(scheme, "about") == 0) {
+        nsXPIDLCString spec;
+        if (NS_FAILED(aURI->GetSpec(getter_Copies(spec))))
            return NS_ERROR_FAILURE;
+        if (nsCRT::strcmp(spec, "about:blank") == 0) {
+            *aResult = PR_TRUE;
+            return NS_OK;
        }
+    }
+    JSContext *cx = (JSContext*) aContext->GetNativeContext();
+    nsCOMPtr<nsIPrincipal> principal;
+    if (NS_FAILED(GetSubjectPrincipal(cx, getter_AddRefs(principal))) || 
+        !principal)
+    {
+        return NS_ERROR_FAILURE;
+    }
+    if (nsCRT::strcmp(scheme, "file") == 0) {
        nsCOMPtr<nsICodebasePrincipal> codebase;
        if (NS_SUCCEEDED(principal->QueryInterface(
                 NS_GET_IID(nsICodebasePrincipal), 
@ -153,27 +156,22 @@ nsScriptSecurityManager::CheckURI(nsIScriptContext *aContext,
        if (NS_FAILED(principal->CanAccess("UniversalFileRead", aResult)))
            return NS_ERROR_FAILURE;

-        if (!*aResult) {
-            // Report error.
-            nsXPIDLCString spec;
-            if (NS_FAILED(aURI->GetSpec(getter_Copies(spec))))
-                return NS_ERROR_FAILURE;
-	        JS_ReportError(cx, "illegal URL method '%s'", (const char *)spec);
-        }
-        return NS_OK;
+        if (*aResult)
+            return NS_OK;
    }
-    if (nsCRT::strcmp(scheme, "about") == 0) {
+
+    // Only allowed for the system principal to create other URIs.
+    if (NS_FAILED(principal->Equals(mSystemPrincipal, aResult)))
+        return NS_ERROR_FAILURE;
+
+    if (!*aResult) {
+        // Report error.
        nsXPIDLCString spec;
        if (NS_FAILED(aURI->GetSpec(getter_Copies(spec))))
            return NS_ERROR_FAILURE;
-        if (nsCRT::strcmp(spec, "about:blank") == 0) {
-            *aResult = PR_TRUE;
-            return NS_OK;
-        }
+	    JS_ReportError(cx, "illegal URL method '%s'", (const char *)spec);
    }

-    // Otherwise, not allowed.
-    *aResult = PR_FALSE;
    return NS_OK;
 }

@ -206,6 +204,89 @@ nsScriptSecurityManager::CreateCodebasePrincipal(nsIURI *aURI,
    return NS_OK;
 }

+////////////////////////////////////////////////
+// Methods implementing nsIXPCSecurityManager //
+////////////////////////////////////////////////
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanCreateWrapper(JSContext *aJSContext, 
+                                          const nsIID &aIID, 
+                                          nsISupports *aObj)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanCreateInstance(JSContext *aJSContext, 
+                                           const nsCID &aCID)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanGetService(JSContext *aJSContext, 
+                                       const nsCID &aCID)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanCallMethod(JSContext *aJSContext, 
+                                       const nsIID &aIID, 
+                                       nsISupports *aObj, 
+                                       nsIInterfaceInfo *aInterfaceInfo, 
+                                       PRUint16 aMethodIndex, 
+                                       const jsid aName)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanGetProperty(JSContext *aJSContext, 
+                                        const nsIID &aIID, 
+                                        nsISupports *aObj, 
+                                        nsIInterfaceInfo *aInterfaceInfo, 
+                                        PRUint16 aMethodIndex, 
+                                        const jsid aName)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+NS_IMETHODIMP
+nsScriptSecurityManager::CanSetProperty(JSContext *aJSContext, 
+                                        const nsIID &aIID, 
+                                        nsISupports *aObj, 
+                                        nsIInterfaceInfo *aInterfaceInfo, 
+                                        PRUint16 aMethodIndex, 
+                                        const jsid aName)
+{
+    return CheckXPCPermissions(aJSContext);
+}
+
+///////////////////
+// Other methods //
+///////////////////
+
+nsScriptSecurityManager::nsScriptSecurityManager(void)
+    : mSystemPrincipal(nsnull)
+{
+    NS_INIT_REFCNT();
+}
+
+nsScriptSecurityManager::~nsScriptSecurityManager(void)
+{
+//  nsServiceManager::ReleaseService(kPrefServiceCID, mPrefs);  
+} 
+
+nsScriptSecurityManager *
+nsScriptSecurityManager::GetScriptSecurityManager()
+{
+    static nsScriptSecurityManager *ssecMan = NULL;
+    if (!ssecMan) 
+        ssecMan = new nsScriptSecurityManager();
+    return ssecMan;
+}
+
 NS_IMETHODIMP
 nsScriptSecurityManager::GetSubjectPrincipal(JSContext *aCx, 
                                             nsIPrincipal **result)
@ -410,7 +491,8 @@ nsScriptSecurityManager::AddSecPolicyPrefix(JSContext *cx, char *pref_str)
 char *
 nsScriptSecurityManager::GetSitePolicy(const char *org)
 {
-    char *sitepol, *sp, *nextsp, *orghost = 0, *retval = 0, *prot, *bar, *end, *match = 0;
+    char *sitepol, *sp, *nextsp, *orghost = 0, *retval = 0, *prot, *bar;
+    char *end, *match = 0;
    int splen, matlen;
    nsIURL *url;
    nsresult rv;
@ -418,7 +500,8 @@ nsScriptSecurityManager::GetSitePolicy(const char *org)
    NS_WITH_SERVICE(nsIComponentManager, compMan, kComponentManagerCID, &rv);
    if (NS_FAILED(rv)) 
        return nsnull;
-    rv = compMan->CreateInstance(kURLCID,NULL, NS_GET_IID(nsIURL), (void**) &url);
+    rv = compMan->CreateInstance(kURLCID, nsnull, NS_GET_IID(nsIURL), 
+                                 (void**) &url);
    if (NS_FAILED(rv)) 
        return nsnull;
    nsServiceManager::GetService(kPrefServiceCID, NS_GET_IID(nsIPref), 
@ -494,11 +577,9 @@ nsScriptSecurityManager::GetSitePolicy(const char *org)
    return retval;
 }

-
 NS_IMETHODIMP
 nsScriptSecurityManager::CheckXPCPermissions(JSContext *aJSContext)
 {
-#if 0
    nsCOMPtr<nsIPrincipal> subject;
    if (NS_FAILED(GetSubjectPrincipal(aJSContext, getter_AddRefs(subject))))
        return NS_ERROR_FAILURE;
@ -509,67 +590,8 @@ nsScriptSecurityManager::CheckXPCPermissions(JSContext *aJSContext)
        return NS_ERROR_FAILURE;
    if (!ok) {
        JS_ReportError(aJSContext, "Access denied to XPConnect service.");
-        NS_ASSERTION(ok, "Access denied to XPConnect service.");
        return NS_ERROR_FAILURE;
    }
-#endif
    return NS_OK;
 }

-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanCreateWrapper(JSContext * aJSContext, 
-                                          const nsIID & aIID, 
-                                          nsISupports * aObj)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanCreateInstance(JSContext * aJSContext, 
-                                           const nsCID & aCID)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanGetService(JSContext * aJSContext, 
-                                       const nsCID & aCID)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanCallMethod(JSContext * aJSContext, 
-                                       const nsIID & aIID, 
-                                       nsISupports *aObj, 
-                                       nsIInterfaceInfo *aInterfaceInfo, 
-                                       PRUint16 aMethodIndex, 
-                                       const jsid aName)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanGetProperty(JSContext * aJSContext, 
-                                        const nsIID & aIID, 
-                                        nsISupports *aObj, 
-                                        nsIInterfaceInfo *aInterfaceInfo, 
-                                        PRUint16 aMethodIndex, 
-                                        const jsid aName)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-NS_IMETHODIMP
-nsScriptSecurityManager::CanSetProperty(JSContext * aJSContext, 
-                                        const nsIID & aIID, 
-                                        nsISupports *aObj, 
-                                        nsIInterfaceInfo *aInterfaceInfo, 
-                                        PRUint16 aMethodIndex, 
-                                        const jsid aName)
-{
-    return CheckXPCPermissions(aJSContext);
-}
-
-
--- a/suite/browser/navigator.xul
+++ b/suite/browser/navigator.xul
@ -539,9 +539,8 @@ Contributor(s): ______________________________________. -->
  </toolbox>

  
-  <html:iframe id="content-frame" src="contentframe.xul" flex="100%" />
+  <html:iframe id="content-frame" src="chrome://navigator/content/contentframe.xul" flex="100%" />

- 


  <box align="horizontal" id="status-bar" chromeclass="status">
--- a/xpfe/browser/resources/content/navigator.xul
+++ b/xpfe/browser/resources/content/navigator.xul
@ -539,9 +539,8 @@ Contributor(s): ______________________________________. -->
  </toolbox>

  
-  <html:iframe id="content-frame" src="contentframe.xul" flex="100%" />
+  <html:iframe id="content-frame" src="chrome://navigator/content/contentframe.xul" flex="100%" />

- 


  <box align="horizontal" id="status-bar" chromeclass="status">