gecko-dev/extensions/cookie/nsPermission.cpp

194 строки
5.2 KiB
C++

/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsPermission.h"
#include "nsContentUtils.h"
#include "nsIClassInfoImpl.h"
#include "nsIEffectiveTLDService.h"
#include "mozilla/BasePrincipal.h"
// nsPermission Implementation
NS_IMPL_CLASSINFO(nsPermission, nullptr, 0, {0})
NS_IMPL_ISUPPORTS_CI(nsPermission, nsIPermission)
nsPermission::nsPermission(nsIPrincipal* aPrincipal, const nsACString& aType,
uint32_t aCapability, uint32_t aExpireType,
int64_t aExpireTime)
: mPrincipal(aPrincipal),
mType(aType),
mCapability(aCapability),
mExpireType(aExpireType),
mExpireTime(aExpireTime) {}
already_AddRefed<nsPermission> nsPermission::Create(nsIPrincipal* aPrincipal,
const nsACString& aType,
uint32_t aCapability,
uint32_t aExpireType,
int64_t aExpireTime) {
NS_ENSURE_TRUE(aPrincipal, nullptr);
nsCOMPtr<nsIPrincipal> principal =
mozilla::BasePrincipal::Cast(aPrincipal)
->CloneStrippingUserContextIdAndFirstPartyDomain();
NS_ENSURE_TRUE(principal, nullptr);
RefPtr<nsPermission> permission =
new nsPermission(principal, aType, aCapability, aExpireType, aExpireTime);
return permission.forget();
}
NS_IMETHODIMP
nsPermission::GetPrincipal(nsIPrincipal** aPrincipal) {
nsCOMPtr<nsIPrincipal> copy = mPrincipal;
copy.forget(aPrincipal);
return NS_OK;
}
NS_IMETHODIMP
nsPermission::GetType(nsACString& aType) {
aType = mType;
return NS_OK;
}
NS_IMETHODIMP
nsPermission::GetCapability(uint32_t* aCapability) {
*aCapability = mCapability;
return NS_OK;
}
NS_IMETHODIMP
nsPermission::GetExpireType(uint32_t* aExpireType) {
*aExpireType = mExpireType;
return NS_OK;
}
NS_IMETHODIMP
nsPermission::GetExpireTime(int64_t* aExpireTime) {
*aExpireTime = mExpireTime;
return NS_OK;
}
NS_IMETHODIMP
nsPermission::Matches(nsIPrincipal* aPrincipal, bool aExactHost,
bool* aMatches) {
NS_ENSURE_ARG_POINTER(aPrincipal);
NS_ENSURE_ARG_POINTER(aMatches);
*aMatches = false;
nsCOMPtr<nsIPrincipal> principal =
mozilla::BasePrincipal::Cast(aPrincipal)
->CloneStrippingUserContextIdAndFirstPartyDomain();
if (!principal) {
*aMatches = false;
return NS_OK;
}
// If the principals are equal, then they match.
if (mPrincipal->Equals(principal)) {
*aMatches = true;
return NS_OK;
}
// If we are matching with an exact host, we're done now - the permissions
// don't match otherwise, we need to start comparing subdomains!
if (aExactHost) {
return NS_OK;
}
// Compare their OriginAttributes
const mozilla::OriginAttributes& theirAttrs =
principal->OriginAttributesRef();
const mozilla::OriginAttributes& ourAttrs = mPrincipal->OriginAttributesRef();
if (theirAttrs != ourAttrs) {
return NS_OK;
}
nsCOMPtr<nsIURI> theirURI;
nsresult rv = principal->GetURI(getter_AddRefs(theirURI));
NS_ENSURE_SUCCESS(rv, rv);
nsCOMPtr<nsIURI> ourURI;
rv = mPrincipal->GetURI(getter_AddRefs(ourURI));
NS_ENSURE_SUCCESS(rv, rv);
// Compare schemes
nsAutoCString theirScheme;
rv = theirURI->GetScheme(theirScheme);
NS_ENSURE_SUCCESS(rv, rv);
nsAutoCString ourScheme;
rv = ourURI->GetScheme(ourScheme);
NS_ENSURE_SUCCESS(rv, rv);
if (theirScheme != ourScheme) {
return NS_OK;
}
// Compare ports
int32_t theirPort;
rv = theirURI->GetPort(&theirPort);
NS_ENSURE_SUCCESS(rv, rv);
int32_t ourPort;
rv = ourURI->GetPort(&ourPort);
NS_ENSURE_SUCCESS(rv, rv);
if (theirPort != ourPort) {
return NS_OK;
}
// Check if the host or any subdomain of their host matches.
nsAutoCString theirHost;
rv = theirURI->GetHost(theirHost);
if (NS_FAILED(rv) || theirHost.IsEmpty()) {
return NS_OK;
}
nsAutoCString ourHost;
rv = ourURI->GetHost(ourHost);
if (NS_FAILED(rv) || ourHost.IsEmpty()) {
return NS_OK;
}
nsCOMPtr<nsIEffectiveTLDService> tldService =
do_GetService(NS_EFFECTIVETLDSERVICE_CONTRACTID);
if (!tldService) {
NS_ERROR("Should have a tld service!");
return NS_ERROR_FAILURE;
}
// This loop will not loop forever, as GetNextSubDomain will eventually fail
// with NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS.
while (theirHost != ourHost) {
rv = tldService->GetNextSubDomain(theirHost, theirHost);
if (NS_FAILED(rv)) {
if (rv == NS_ERROR_INSUFFICIENT_DOMAIN_LEVELS) {
return NS_OK;
} else {
return rv;
}
}
}
*aMatches = true;
return NS_OK;
}
NS_IMETHODIMP
nsPermission::MatchesURI(nsIURI* aURI, bool aExactHost, bool* aMatches) {
NS_ENSURE_ARG_POINTER(aURI);
mozilla::OriginAttributes attrs;
nsCOMPtr<nsIPrincipal> principal =
mozilla::BasePrincipal::CreateCodebasePrincipal(aURI, attrs);
NS_ENSURE_TRUE(principal, NS_ERROR_FAILURE);
return Matches(principal, aExactHost, aMatches);
}