/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "nsISupports.idl" interface nsICookie2; interface nsIURI; interface nsIChannel; interface nsIPrincipal; typedef long nsCookieAccess; /** * An interface to test for cookie permissions */ [scriptable, uuid(11ddd4ed-8f5b-40b3-b2a0-27c20ea1c88d)] interface nsICookiePermission : nsISupports { /** * nsCookieAccess values */ const nsCookieAccess ACCESS_DEFAULT = 0; const nsCookieAccess ACCESS_ALLOW = 1; const nsCookieAccess ACCESS_DENY = 2; /** * additional values for nsCookieAccess which may not match * nsIPermissionManager. Keep 3-7 available to allow nsIPermissionManager to * add values without colliding. ACCESS_SESSION is not directly returned by * any methods on this interface. */ const nsCookieAccess ACCESS_SESSION = 8; const nsCookieAccess ACCESS_ALLOW_FIRST_PARTY_ONLY = 9; const nsCookieAccess ACCESS_LIMIT_THIRD_PARTY = 10; /** * setAccess * * this method is called to block cookie access for the given URI. this * may result in other URIs being blocked as well (e.g., URIs which share * the same host name). * * @param aURI * the URI to block * @param aAccess * the new cookie access for the URI. */ void setAccess(in nsIURI aURI, in nsCookieAccess aAccess); /** * canAccess * * this method is called to test whether or not the given principal may * access the cookie database, either to set or get cookies. * * @param aPrincipal * the principal trying to access cookies. * * @return one of the following nsCookieAccess values: * ACCESS_DEFAULT, ACCESS_ALLOW, ACCESS_DENY, or * ACCESS_ALLOW_FIRST_PARTY_ONLY */ nsCookieAccess canAccess(in nsIPrincipal aPrincipal); /** * canSetCookie * * this method is called to test whether or not the given URI/channel may * set a specific cookie. this method is always preceded by a call to * canAccess. it may modify the isSession and expiry attributes of the * cookie via the aIsSession and aExpiry parameters, in order to limit * or extend the lifetime of the cookie. this is useful, for instance, to * downgrade a cookie to session-only if it fails to meet certain criteria. * * @param aURI * the URI trying to set the cookie * @param aChannel * the channel corresponding to aURI * @param aCookie * the cookie being added to the cookie database * @param aIsSession * when canSetCookie is invoked, this is the current isSession attribute * of the cookie. canSetCookie may leave this value unchanged to * preserve this attribute of the cookie. * @param aExpiry * when canSetCookie is invoked, this is the current expiry time of * the cookie. canSetCookie may leave this value unchanged to * preserve this attribute of the cookie. * * @return true if the cookie can be set. */ boolean canSetCookie(in nsIURI aURI, in nsIChannel aChannel, in nsICookie2 aCookie, inout boolean aIsSession, inout int64_t aExpiry); };