gecko-dev/dom/ipc/PTabContext.ipdlh

83 строки
2.7 KiB
C++

/* -*- Mode: C++; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 8 -*- */
/* vim: set sw=4 ts=8 et tw=80 ft=cpp : */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
include protocol PBrowser;
include PBrowserOrId;
namespace mozilla {
namespace dom {
// An IPCTabContext which corresponds to a PBrowser opened by a child when it
// receives window.open().
//
// If isMozBrowserElement is false, this PopupIPCTabContext is either a
// <xul:browser> or an app frame. The frame's app-id and app-frame-owner-app-id
// will be equal to the opener's values. For a <xul:browser>, those app IDs
// will be NO_APP_ID.
//
// If isMozBrowserElement is true, the frame's browserFrameOwnerAppId will be
// equal to the opener's app-id.
//
// It's an error to set isMozBrowserElement == false if opener is a mozbrowser
// element. Such a PopupIPCTabContext should be rejected by code which receives
// it.
struct PopupIPCTabContext
{
PBrowserOrId opener;
bool isMozBrowserElement;
};
// An IPCTabContext which corresponds to an app, browser, or normal frame.
struct FrameIPCTabContext
{
// The stringified originAttributes dictionary.
nsCString originSuffix;
// The ID of the app containing this app/browser frame, if applicable.
uint32_t frameOwnerAppId;
// The origin without originAttribute suffix for a signed package.
// This value would be empty if the TabContext doesn't own a signed
// package.
nsCString signedPkgOriginNoSuffix;
// Whether this is a mozbrowser frame. <iframe mozbrowser mozapp> and
// <xul:browser> are not considered to be mozbrowser frames.
bool isMozBrowserElement;
// Whether this TabContext should work in prerender mode.
bool isPrerendered;
// The requested presentation URL.
// This value would be empty if the TabContext isn't created for
// presented content.
nsString presentationURL;
};
// XXXcatalinb: This is only used by ServiceWorkerClients::OpenWindow.
// Because service workers don't have an associated TabChild
// we can't satisfy the security constraints on b2g. As such, the parent
// process will accept this tab context only on desktop.
struct UnsafeIPCTabContext
{ };
// IPCTabContext is an analog to mozilla::dom::TabContext. Both specify an
// iframe/PBrowser's own and containing app-ids and tell you whether the
// iframe/PBrowser is a browser frame. But only IPCTabContext is allowed to
// travel over IPC.
//
// We need IPCTabContext (specifically, PopupIPCTabContext) to prevent a
// privilege escalation attack by a compromised child process.
union IPCTabContext
{
PopupIPCTabContext;
FrameIPCTabContext;
UnsafeIPCTabContext;
};
}
}