mozilla
/
mozilla-history
зеркало из https://github.com/mozilla/mozilla-history.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Move several security files into idl. (Create idl directory in caps module.) 

Implement methods of nsIXPCSecurityManager.
Fix random errors in DOM JS security.
This commit is contained in:
norris%netscape.com 1999-07-15 23:23:16 +00:00
Родитель bca299d85d
Коммит 7562aefe4a
26 изменённых файлов: 782 добавлений и 1017 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

1
allmakefiles.sh
Просмотреть файл

@ -328,6 +328,7 @@ sun-java/stubs/include/Makefile
sun-java/stubs/jri/Makefile
sun-java/stubs/src/Makefile
caps/Makefile
caps/idl/Makefile
caps/include/Makefile
caps/public/Makefile
caps/src/Makefile

3
caps/Makefile.in
Просмотреть файл

@ -21,6 +21,7 @@ VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
DIRS = public include src
DIRS = idl public include src
include $(topsrcdir)/config/rules.mk

33
caps/idl/Makefile.in Normal file
Просмотреть файл

@ -0,0 +1,33 @@
#!gmake
#
# The contents of this file are subject to the Netscape Public License
# Version 1.0 (the "NPL"); you may not use this file except in
# compliance with the NPL. You may obtain a copy of the NPL at
# http://www.mozilla.org/NPL/
#
# Software distributed under the NPL is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
# for the specific language governing rights and limitations under the
# NPL.
#
# The Initial Developer of this code under the NPL is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1999 Netscape Communications Corporation. All Rights
# Reserved.
DEPTH = ../..
topsrcdir = @top_srcdir@
srcdir = @srcdir@
VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
MODULE = caps
XPIDLSRCS = \
nsIScriptSecurityManager.idl \
nsICapsSecurityCallbacks.idl \
nsIPrincipal.idl \
$(NULL)
include $(topsrcdir)/config/rules.mk

31
caps/idl/makefile.win Normal file
Просмотреть файл

@ -0,0 +1,31 @@
#!gmake
#
# The contents of this file are subject to the Netscape Public License
# Version 1.0 (the "NPL"); you may not use this file except in
# compliance with the NPL. You may obtain a copy of the NPL at
# http://www.mozilla.org/NPL/
#
# Software distributed under the NPL is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
# for the specific language governing rights and limitations under the
# NPL.
#
# The Initial Developer of this code under the NPL is Netscape
# Communications Corporation. Portions created by Netscape are
# Copyright (C) 1999 Netscape Communications Corporation. All Rights
# Reserved.
DEPTH=..\..
MODULE=caps
XPIDLSRCS= \
.\nsIScriptSecurityManager.idl \
.\nsICapsSecurityCallbacks.idl \
.\nsIPrincipal.idl \
# .\nsICertificatePrincipal.idl \
# .\nsICodebasePrincipal.idl \
$(NULL)
include <$(DEPTH)\config\rules.mak>

0
caps/public/nsICapsSecurityCallbacks.h → caps/idl/nsICapsSecurityCallbacks.idl
Просмотреть файл

24
caps/idl/nsIPrincipal.idl Normal file
Просмотреть файл

@ -0,0 +1,24 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "nsISupports.idl"
[uuid(ff9313d0-25e1-11d2-8160-006008119d7a)]
interface nsIPrincipal : nsISupports {
void IsTrusted(in string scope, out boolean pbIsTrusted);
};

77
caps/idl/nsIScriptSecurityManager.idl Normal file
Просмотреть файл

@ -0,0 +1,77 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "nsISupports.idl"
[ptr] native nsJSPrincipalsList(nsJSPrincipalsList);
[ptr] native JSContext(JSContext);
[ptr] native JSObject(JSObject);
[ptr] native JSPrincipals(JSPrincipals);
[ptr] native JSFunction(JSFunction);
[ptr] native jsval(jsval);
interface nsString;
interface nsIScriptContext;
interface nsIScriptGlobalObject;
interface nsIURI;
%{C++
struct nsJSPrincipalsList;
%}
[uuid(58df5780-8006-11d2-bd91-00805f8ae3f4)]
interface nsIScriptSecurityManager : nsISupports
{
const short SCRIPT_SECURITY_ALL_ACCESS = 0 << 0;
const short SCRIPT_SECURITY_NO_ACCESS = 1 << 0;
const short SCRIPT_SECURITY_SAME_DOMAIN_ACCESS = 1 << 1;
const short SCRIPT_SECURITY_SIGNED_ACCESS = 1 << 2;
const short eJSTarget_UniversalBrowserRead=0;
const short eJSTarget_UniversalBrowserWrite=1;
const short eJSTarget_UniversalSendMail=2;
const short eJSTarget_UniversalFileRead=3;
const short eJSTarget_UniversalFileWrite=4;
const short eJSTarget_UniversalPreferencesRead=5;
const short eJSTarget_UniversalPreferencesWrite=6;
const short eJSTarget_UniversalDialerAccess=7;
const short eJSTarget_Max=8;
void Init();
void CheckScriptAccess(in nsIScriptContext cx, in voidStar obj, [const] in string prop, out boolean res);
void GetSubjectOriginURL(in JSContext cx, out nsString origin);
void GetObjectOriginURL(in JSContext cx, in JSObject obj, out nsString origin);
void GetPrincipalsFromStackFrame(in JSContext cx, out JSPrincipals prins);
void GetCompilationPrincipals(in nsIScriptContext cx, in nsIScriptGlobalObject go, in JSPrincipals prins, out JSPrincipals resultprins);
void CanAccessTarget(in JSContext cx, in short target, out boolean res);
void CheckPermissions(in JSContext cx, in JSObject obj, in short target, out boolean res);
void CheckContainerAccess(in JSContext cx, in JSObject obj, in short target, out boolean res);
void GetContainerPrincipals(in JSContext cx, in JSObject container, out JSPrincipals prins);
void SetContainerPrincipals(in JSContext cx, in JSObject container, in JSPrincipals prins);
void CanCaptureEvent(in JSContext cx, in JSFunction func, in JSObject eventTarget, out boolean res);
void SetExternalCapture(in JSContext cx, in JSPrincipals prins, in boolean abool);
void CheckSetParentSlot(in JSContext cx, in JSObject obj, in jsval aVp, out boolean res);
void SetDocumentDomain(in JSContext cx, in JSPrincipals prins, in nsString aNewDomain, out boolean res);
void DestroyPrincipalsList(in JSContext cx, in nsJSPrincipalsList list);
void NewJSPrincipals(in nsIURI aURL, in nsString aName, in nsString aCodebase, out JSPrincipals aPrincipals);
void RegisterPrincipals(in nsIScriptContext aContext, in nsIScriptGlobalObject aGlobal, in JSPrincipals principals,
in nsString aName, in nsString aSrc, out JSPrincipals aPrincipals);
};
%{C++
extern "C" NS_DOM nsresult NS_NewScriptSecurityManager(nsIScriptSecurityManager ** aInstancePtrResult);
%}

117
caps/include/nsCCertPrincipal.h
Просмотреть файл

@ -1,117 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef nsCCertPrincipal_h___
#define nsCCertPrincipal_h___
#include "nsICertPrincipal.h"
#include "nsPrincipal.h"
class nsCCertPrincipal : public nsICertPrincipal {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
NS_DECL_ISUPPORTS
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_IMETHOD
IsTrusted(char* scope, PRBool *pbIsTrusted);
////////////////////////////////////////////////////////////////////////////
// from nsICertPrincipal:
/**
* returns the certificate's data that is passes in via Initialize method.
*
* @param certChain - An array of pointers, with each pointer
* pointing to a certificate data.
* @param certChainLengths - An array of intergers. Each integer indicates
* the length of the cert that is in CertChain
* parametr.
* @param noOfCerts - the number of certifcates that are in the certChain array
*/
NS_IMETHOD
GetCertData(const unsigned char ***certChain, PRUint32 **certChainLengths, PRUint32 *noOfCerts);
/**
* Returns the public key of the certificate.
*
* @param publicKey - the Public Key data will be returned in this field.
* @param publicKeySize - the length of public key data is returned in this
* parameter.
*/
NS_IMETHOD
GetPublicKey(unsigned char **publicKey, PRUint32 *publicKeySize);
/**
* Returns the company name of the ceritificate (OU etc parameters of certificate)
*
* @param result - the certificate details about the signer.
*/
NS_IMETHOD
GetCompanyName(const char **ppCompanyName);
/**
* Returns the certificate issuer's data (OU etc parameters of certificate)
*
* @param result - the details about the issuer
*/
NS_IMETHOD
GetCertificateAuthority(const char **ppCertAuthority);
/**
* Returns the serial number of certificate
*
* @param result - Returns the serial number of certificate
*/
NS_IMETHOD
GetSerialNumber(const char **ppSerialNumber);
/**
* Returns the expiration date of certificate
*
* @param result - Returns the expiration date of certificate
*/
NS_IMETHOD
GetExpirationDate(const char **ppExpDate);
/**
* Returns the finger print of certificate
*
* @param result - Returns the finger print of certificate
*/
NS_IMETHOD
GetFingerPrint(const char **ppFingerPrint);
////////////////////////////////////////////////////////////////////////////
// from nsCCertPrincipal:
nsCCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result);
nsCCertPrincipal(nsPrincipal *pNSPrincipal);
virtual ~nsCCertPrincipal(void);
nsPrincipal *GetPeer(void);
protected:
nsPrincipal *m_pNSPrincipal;
};
#endif // nsCCertPrincipal_h___

2
caps/include/nsCCodeSourcePrincipal.h
Просмотреть файл

@ -34,7 +34,7 @@ public:
// from nsIPrincipal:
NS_IMETHOD
IsTrusted(char* scope, PRBool *pbIsTrusted);
IsTrusted(const char* scope, PRBool *pbIsTrusted);
////////////////////////////////////////////////////////////////////////////
// from nsICodeSourcePrincipal:

63
caps/include/nsCCodebasePrincipal.h
Просмотреть файл

@ -1,63 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef nsCCodebasePrincipal_h___
#define nsCCodebasePrincipal_h___
#include "nsICodebasePrincipal.h"
#include "nsPrincipal.h"
class nsCCodebasePrincipal : public nsICodebasePrincipal {
public:
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
NS_DECL_ISUPPORTS
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_IMETHOD
IsTrusted(char* scope, PRBool *pbIsTrusted);
///////////////////////////////////////////////////////////////////////////
// from nsICodebasePrincipal:
/**
* Returns the codebase URL of the principal.
*
* @param result - the resulting codebase URL
*/
NS_IMETHOD
GetURL(const char **ppCodeBaseURL);
////////////////////////////////////////////////////////////////////////////
// from nsCCodebasePrincipal:
nsCCodebasePrincipal(const char *codebaseURL, nsresult *result);
nsCCodebasePrincipal(nsPrincipal *pNSPrincipal);
virtual ~nsCCodebasePrincipal(void);
nsPrincipal *GetPeer(void);
protected:
nsPrincipal *m_pNSPrincipal;
};
#endif // nsCCodebasePrincipal_h___

Двоичные данные
caps/macbuild/CapsIDL.mcp Normal file
Просмотреть файл

Двоичный файл не отображается.

2
caps/makefile.win
Просмотреть файл

@ -37,7 +37,7 @@ DEPTH=..
#// DIRS - There are subdirectories to process
#//
#//------------------------------------------------------------------------
DIRS= public include src
DIRS= idl public include src
#//------------------------------------------------------------------------
#//

2
caps/public/Makefile.in
Просмотреть файл

@ -24,13 +24,11 @@ VPATH = @srcdir@
include $(DEPTH)/config/autoconf.mk
EXPORTS = \
nsIPrincipal.h \
nsICodebasePrincipal.h \
nsICertPrincipal.h \
nsICapsManager.h \
nsICodeSourcePrincipal.h \
nsCapsPublicEnums.h \
nsICapsSecurityCallbacks.h \
$(NULL)
EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS))

5
caps/public/makefile.win
Просмотреть файл

@ -29,13 +29,12 @@ IGNORE_MANIFEST=1
MODULE=caps
DEPTH=..\..
EXPORTS= \
nsIPrincipal.h \
nsICodebasePrincipal.h \
nsICertPrincipal.h \
nsICapsManager.h \
nsICodeSourcePrincipal.h \
nsCapsPublicEnums.h \
nsICapsSecurityCallbacks.h
nsCapsPublicEnums.h
include <$(DEPTH)/config/rules.mak>

0
caps/public/nsIPrincipal.h
Просмотреть файл

1
caps/src/makefile.win
Просмотреть файл

@ -72,7 +72,6 @@ CPP_OBJS= \
.\$(OBJDIR)\nsCCodebasePrincipal.obj \
.\$(OBJDIR)\nsCCapsManagerFactory.obj \
.\$(OBJDIR)\nsCCodeSourcePrincipal.obj \
.\$(OBJDIR)\nsXPCSecurityManager.obj \
$(NULL)

212
caps/src/nsCCertPrincipal.cpp
Просмотреть файл

@ -1,212 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "nsCCertPrincipal.h"
#include "nsPrincipal.h"
NS_DEFINE_IID(kICertPrincipalIID, NS_ICERTPRINCIPAL_IID);
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
// These macros produce simple version of QueryInterface and AddRef.
// See the nsISupports.h header file for DETAILS.
NS_IMPL_ADDREF(nsCCertPrincipal)
NS_IMPL_RELEASE(nsCCertPrincipal)
NS_IMPL_QUERY_INTERFACE(nsCCertPrincipal, kICertPrincipalIID);
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_METHOD
nsCCertPrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted)
{
if(m_pNSPrincipal == NULL)
{
*pbIsTrusted = PR_FALSE;
return NS_ERROR_ILLEGAL_VALUE;
}
*pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal();
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsICertPrincipal:
/**
* returns the certificate's data that is passes in via Initialize method.
*
* @param certChain - An array of pointers, with each pointer
* pointing to a certificate data.
* @param certChainLengths - An array of intergers. Each integer indicates
* the length of the cert that is in CertChain
* parametr.
* @param noOfCerts - the number of certifcates that are in the certChain array
*/
NS_METHOD
nsCCertPrincipal::GetCertData(const unsigned char ***certChain,
PRUint32 **certChainLengths,
PRUint32 *noOfCerts)
{
*certChain = NULL;
*certChainLengths = 0;
*noOfCerts = 0;
if (m_pNSPrincipal == NULL)
{
return NS_ERROR_ILLEGAL_VALUE;
}
/* XXX: Raman fix it. Return the correct data */
return NS_OK;
}
/**
* Returns the public key of the certificate.
*
* @param publicKey - the Public Key data will be returned in this field.
* @param publicKeySize - the length of public key data is returned in this
* parameter.
*/
NS_METHOD
nsCCertPrincipal::GetPublicKey(unsigned char **publicKey, PRUint32 *publicKeySize)
{
// XXX raman: fix it.
PR_ASSERT(PR_FALSE);
return NS_OK;
}
/**
* Returns the company name of the ceritificate (OU etc parameters of certificate)
*
* @param result - the certificate details about the signer.
*/
NS_METHOD
nsCCertPrincipal::GetCompanyName(const char **ppCompanyName)
{
if(m_pNSPrincipal == NULL)
{
*ppCompanyName = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCompanyName = m_pNSPrincipal->getCompanyName();
return NS_OK;
}
/**
* Returns the certificate issuer's data (OU etc parameters of certificate)
*
* @param result - the details about the issuer
*/
NS_METHOD
nsCCertPrincipal::GetCertificateAuthority(const char **ppCertAuthority)
{
if(m_pNSPrincipal == NULL)
{
*ppCertAuthority = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCertAuthority = m_pNSPrincipal->getSecAuth();
return NS_OK;
}
/**
* Returns the serial number of certificate
*
* @param result - Returns the serial number of certificate
*/
NS_METHOD
nsCCertPrincipal::GetSerialNumber(const char **ppSerialNumber)
{
if(m_pNSPrincipal == NULL)
{
*ppSerialNumber = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppSerialNumber = m_pNSPrincipal->getSerialNo();
return NS_OK;
}
/**
* Returns the expiration date of certificate
*
* @param result - Returns the expiration date of certificate
*/
NS_METHOD
nsCCertPrincipal::GetExpirationDate(const char **ppExpDate)
{
if(m_pNSPrincipal == NULL)
{
*ppExpDate = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppExpDate = m_pNSPrincipal->getExpDate();
return NS_OK;
}
/**
* Returns the finger print of certificate
*
* @param result - Returns the finger print of certificate
*/
NS_METHOD
nsCCertPrincipal::GetFingerPrint(const char **ppFingerPrint)
{
if(m_pNSPrincipal == NULL)
{
*ppFingerPrint = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppFingerPrint = m_pNSPrincipal->getFingerPrint();
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsCCertPrincipal:
nsCCertPrincipal::nsCCertPrincipal(const unsigned char **certChain,
PRUint32 *certChainLengths,
PRUint32 noOfCerts,
nsresult *result)
{
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain,
certChainLengths, noOfCerts);
if(m_pNSPrincipal == NULL)
{
*result = NS_ERROR_OUT_OF_MEMORY;
return;
}
*result = NS_OK;
}
nsCCertPrincipal::nsCCertPrincipal(nsPrincipal *pNSPrincipal)
{
m_pNSPrincipal = pNSPrincipal;
}
nsCCertPrincipal::~nsCCertPrincipal(void)
{
delete m_pNSPrincipal;
}
nsPrincipal*
nsCCertPrincipal::GetPeer(void)
{
return m_pNSPrincipal;
}

2
caps/src/nsCCodeSourcePrincipal.cpp
Просмотреть файл

@ -37,7 +37,7 @@ NS_IMPL_QUERY_INTERFACE(nsCCodeSourcePrincipal, kICodeSourcePrincipalIID);
// from nsIPrincipal:
NS_METHOD
nsCCodeSourcePrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted)
nsCCodeSourcePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted)
{
if(m_pNSICertPrincipal == NULL)
{

99
caps/src/nsCCodebasePrincipal.cpp
Просмотреть файл

@ -1,99 +0,0 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "nsCCodebasePrincipal.h"
#include "nsPrincipal.h"
#include "xp.h"
NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID);
////////////////////////////////////////////////////////////////////////////
// from nsISupports:
// These macros produce simple version of QueryInterface and AddRef.
// See the nsISupports.h header file for DETAILS.
NS_IMPL_ADDREF(nsCCodebasePrincipal)
NS_IMPL_RELEASE(nsCCodebasePrincipal)
NS_IMPL_QUERY_INTERFACE(nsCCodebasePrincipal, kICodebasePrincipalIID);
////////////////////////////////////////////////////////////////////////////
// from nsIPrincipal:
NS_METHOD
nsCCodebasePrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted)
{
if(m_pNSPrincipal == NULL)
{
*pbIsTrusted = PR_FALSE;
return NS_ERROR_ILLEGAL_VALUE;
}
*pbIsTrusted = m_pNSPrincipal->isSecurePrincipal();
return NS_OK;
}
/**
* Returns the codebase URL of the principal.
*
* @param result - the resulting codebase URL
*/
NS_METHOD
nsCCodebasePrincipal::GetURL(const char **ppCodeBaseURL)
{
if(m_pNSPrincipal == NULL)
{
*ppCodeBaseURL = NULL;
return NS_ERROR_ILLEGAL_VALUE;
}
*ppCodeBaseURL = m_pNSPrincipal->getKey();
return NS_OK;
}
////////////////////////////////////////////////////////////////////////////
// from nsCCodebasePrincipal:
nsCCodebasePrincipal::nsCCodebasePrincipal(const char *codebaseURL,
nsresult *result)
{
m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact,
(void *)codebaseURL,
XP_STRLEN(codebaseURL));
if(m_pNSPrincipal == NULL)
{
*result = NS_ERROR_OUT_OF_MEMORY;
return;
}
*result = NS_OK;
}
nsCCodebasePrincipal::nsCCodebasePrincipal(nsPrincipal *pNSPrincipal)
{
m_pNSPrincipal = pNSPrincipal;
}
nsCCodebasePrincipal::~nsCCodebasePrincipal(void)
{
delete m_pNSPrincipal;
}
nsPrincipal*
nsCCodebasePrincipal::GetPeer(void)
{
return m_pNSPrincipal;
}

0
caps/src/nsXPCSecurityManager.cpp
Просмотреть файл

1
dom/public/Makefile.in
Просмотреть файл

@ -39,7 +39,6 @@ EXPORTS = \
nsIDOMScriptObjectFactory.h \
nsIDOMNativeObjectRegistry.h \
nsDOMCID.h \
nsIScriptSecurityManager.h \
nsIScriptGlobalObjectData.h \
nsIScriptNameSetRegistry.h \
nsIScriptExternalNameSet.h \

1
dom/public/makefile.win
Просмотреть файл

@ -33,7 +33,6 @@ EXPORTS=nsIScriptContext.h \
nsIDOMScriptObjectFactory.h \
nsIDOMNativeObjectRegistry.h \
nsDOMCID.h \
nsIScriptSecurityManager.h \
nsIScriptNameSetRegistry.h \
nsIScriptExternalNameSet.h \
nsIScriptNameSpaceManager.h \

0
dom/public/nsIScriptSecurityManager.h
Просмотреть файл

616
dom/src/base/nsJSEnvironment.cpp
Просмотреть файл

@ -1,20 +1,20 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#include "nsJSEnvironment.h"
#include "nsIScriptObjectOwner.h"
@ -30,12 +30,14 @@
#include "nsIDOMNodeList.h"
#include "nsIDOMHTMLImageElement.h"
#include "nsIDOMHTMLOptionElement.h"
#include "nsJSSecurityManager.h"
#include "nsIScriptSecurityManager.h"
#include "nsIScriptNameSetRegistry.h"
#include "nsIScriptNameSpaceManager.h"
#include "nsDOMCID.h"
#include "nsIServiceManager.h"
#include "nsIXPConnect.h"
#include "nsIXPCSecurityManager.h"
#if defined(OJI)
#include "nsIJVMManager.h"
@ -57,32 +59,32 @@ void PR_CALLBACK
NS_ScriptErrorReporter(JSContext *cx, const char *message, JSErrorReport *report)
{
if (nsnull != report) {
printf("JavaScript error: ");
printf("JavaScript error: ");
if(message) {
printf("%s\n", message);
}
if(report->filename) {
printf("URL: %s ", report->filename);
}
if(report->lineno) {
printf("LineNo: %u", report->lineno);
}
printf("\n");
if(report->linebuf) {
printf("Line text: '%s', ", report->linebuf);
}
if(report->tokenptr) {
printf("Error text: '%s'", report->tokenptr);
}
printf("\n");
} else if(message) {
printf("JavaScript error: %s\n", message);
} else {
@ -92,31 +94,31 @@ NS_ScriptErrorReporter(JSContext *cx, const char *message, JSErrorReport *report
nsJSContext::nsJSContext(JSRuntime *aRuntime)
{
mRefCnt = 0;
mContext = JS_NewContext(aRuntime, gStackSize);
JS_SetContextPrivate(mContext, (void *)this);
mNameSpaceManager = nsnull;
mIsInitialized = PR_FALSE;
mNumEvaluations = 0;
mSecManager = nsnull;
mRefCnt = 0;
mContext = JS_NewContext(aRuntime, gStackSize);
JS_SetContextPrivate(mContext, (void *)this);
mNameSpaceManager = nsnull;
mIsInitialized = PR_FALSE;
mNumEvaluations = 0;
mSecManager = nsnull;
}
nsJSContext::~nsJSContext()
{
// Tell xpconnect that we're about to destroy the JSContext so it can cleanup
nsIXPConnect* xpc;
nsresult res;
res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(),
(nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect");
if (NS_SUCCEEDED(res)) {
xpc->AbandonJSContext(mContext);
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
NS_IF_RELEASE(mNameSpaceManager);
JS_DestroyContext(mContext);
NS_IF_RELEASE(mSecManager);
// Tell xpconnect that we're about to destroy the JSContext so it can cleanup
nsIXPConnect* xpc;
nsresult res;
res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(),
(nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect");
if (NS_SUCCEEDED(res)) {
xpc->AbandonJSContext(mContext);
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
NS_IF_RELEASE(mNameSpaceManager);
JS_DestroyContext(mContext);
NS_IF_RELEASE(mSecManager);
}
NS_IMPL_ISUPPORTS(nsJSContext, kIScriptContextIID);
@ -128,119 +130,119 @@ nsJSContext::EvaluateString(const nsString& aScript,
nsString& aRetValue,
PRBool* aIsUndefined)
{
jsval val;
nsIScriptGlobalObject *global = GetGlobalObject();
nsIScriptGlobalObjectData *globalData;
JSPrincipals* principals = nsnull;
if (global && NS_SUCCEEDED(global->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData))) {
if (NS_FAILED(globalData->GetPrincipals((void**)&principals))) {
NS_RELEASE(global);
NS_RELEASE(globalData);
return NS_ERROR_FAILURE;
}
NS_RELEASE(globalData);
}
NS_IF_RELEASE(global);
PRBool ret = ::JS_EvaluateUCScriptForPrincipals(mContext,
JS_GetGlobalObject(mContext),
principals,
(jschar*)aScript.GetUnicode(),
aScript.Length(),
aURL,
aLineNo,
&val);
if (ret) {
*aIsUndefined = JSVAL_IS_VOID(val);
JSString* jsstring = JS_ValueToString(mContext, val);
aRetValue.SetString(JS_GetStringChars(jsstring));
}
else {
aRetValue.Truncate();
}
ScriptEvaluated();
return ret;
jsval val;
nsIScriptGlobalObject *global = GetGlobalObject();
nsIScriptGlobalObjectData *globalData;
JSPrincipals* principals = nsnull;
if (global && NS_SUCCEEDED(global->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData))) {
if (NS_FAILED(globalData->GetPrincipals((void**)&principals))) {
NS_RELEASE(global);
NS_RELEASE(globalData);
return NS_ERROR_FAILURE;
}
NS_RELEASE(globalData);
}
NS_IF_RELEASE(global);
PRBool ret = ::JS_EvaluateUCScriptForPrincipals(mContext,
JS_GetGlobalObject(mContext),
principals,
(jschar*)aScript.GetUnicode(),
aScript.Length(),
aURL,
aLineNo,
&val);
if (ret) {
*aIsUndefined = JSVAL_IS_VOID(val);
JSString* jsstring = JS_ValueToString(mContext, val);
aRetValue.SetString(JS_GetStringChars(jsstring));
}
else {
aRetValue.Truncate();
}
ScriptEvaluated();
return ret;
}
NS_IMETHODIMP_(nsIScriptGlobalObject*)
nsJSContext::GetGlobalObject()
{
JSObject *global = JS_GetGlobalObject(mContext);
nsIScriptGlobalObject *script_global = nsnull;
if (nsnull != global) {
nsISupports* sup = (nsISupports *)JS_GetPrivate(mContext, global);
if (nsnull != sup) {
sup->QueryInterface(kIScriptGlobalObjectIID, (void**) &script_global);
}
return script_global;
}
else {
return nsnull;
}
JSObject *global = JS_GetGlobalObject(mContext);
nsIScriptGlobalObject *script_global = nsnull;
if (nsnull != global) {
nsISupports* sup = (nsISupports *)JS_GetPrivate(mContext, global);
if (nsnull != sup) {
sup->QueryInterface(kIScriptGlobalObjectIID, (void**) &script_global);
}
return script_global;
}
else {
return nsnull;
}
}
NS_IMETHODIMP_(void*)
nsJSContext::GetNativeContext()
{
return (void *)mContext;
return (void *)mContext;
}
NS_IMETHODIMP
nsJSContext::InitContext(nsIScriptGlobalObject *aGlobalObject)
{
nsIScriptObjectOwner *owner;
JSObject *global;
nsresult res = aGlobalObject->QueryInterface(kIScriptObjectOwnerIID, (void **)&owner);
mIsInitialized = PR_FALSE;
if (NS_OK == res) {
res = owner->GetScriptObject(this, (void **)&global);
// init standard classes
if ((NS_OK == res) && ::JS_InitStandardClasses(mContext, global)) {
JS_SetGlobalObject(mContext, global);
res = InitClasses(); // this will complete the global object initialization
}
NS_RELEASE(owner);
if (NS_OK == res) {
::JS_SetErrorReporter(mContext, NS_ScriptErrorReporter);
}
}
return res;
nsIScriptObjectOwner *owner;
JSObject *global;
nsresult res = aGlobalObject->QueryInterface(kIScriptObjectOwnerIID, (void **)&owner);
mIsInitialized = PR_FALSE;
if (NS_OK == res) {
res = owner->GetScriptObject(this, (void **)&global);
// init standard classes
if ((NS_OK == res) && ::JS_InitStandardClasses(mContext, global)) {
JS_SetGlobalObject(mContext, global);
res = InitClasses(); // this will complete the global object initialization
}
NS_RELEASE(owner);
if (NS_OK == res) {
::JS_SetErrorReporter(mContext, NS_ScriptErrorReporter);
}
}
return res;
}
nsresult
nsJSContext::InitializeExternalClasses()
{
nsresult result = NS_OK;
nsIScriptNameSetRegistry* registry;
result = nsServiceManager::GetService(kCScriptNameSetRegistryCID,
kIScriptNameSetRegistryIID,
(nsISupports **)&registry);
if (NS_OK == result) {
result = registry->InitializeClasses(this);
nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID,
registry);
}
return result;
nsresult result = NS_OK;
nsIScriptNameSetRegistry* registry;
result = nsServiceManager::GetService(kCScriptNameSetRegistryCID,
kIScriptNameSetRegistryIID,
(nsISupports **)&registry);
if (NS_OK == result) {
result = registry->InitializeClasses(this);
nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID,
registry);
}
return result;
}
nsresult
nsJSContext::InitializeLiveConnectClasses()
{
nsresult rv = NS_OK;
#if defined(OJI)
NS_WITH_SERVICE(nsIJVMManager, jvmManager, nsIJVMManager::GetCID(), &rv);
if (rv == NS_OK && jvmManager != nsnull) {
@ -248,14 +250,14 @@ nsJSContext::InitializeLiveConnectClasses()
if (NS_OK == jvmManager->IsJavaEnabled(&javaEnabled) && javaEnabled) {
nsILiveConnectManager* liveConnectManager = nsnull;
if (NS_OK == jvmManager->QueryInterface(nsILiveConnectManager::GetIID(),
(void**)&liveConnectManager)) {
(void**)&liveConnectManager)) {
rv = liveConnectManager->InitLiveConnectClasses(mContext, JS_GetGlobalObject(mContext));
NS_RELEASE(liveConnectManager);
}
}
}
#endif
// return all is well until things are stable.
return NS_OK;
}
@ -263,56 +265,56 @@ nsJSContext::InitializeLiveConnectClasses()
NS_IMETHODIMP
nsJSContext::InitClasses()
{
nsresult res = NS_ERROR_FAILURE;
nsIScriptGlobalObject *global = GetGlobalObject();
if (NS_OK == NS_InitWindowClass(this, global) &&
NS_OK == NS_InitNodeClass(this, nsnull) &&
NS_OK == NS_InitElementClass(this, nsnull) &&
NS_OK == NS_InitDocumentClass(this, nsnull) &&
NS_OK == NS_InitTextClass(this, nsnull) &&
NS_OK == NS_InitAttrClass(this, nsnull) &&
NS_OK == NS_InitNamedNodeMapClass(this, nsnull) &&
NS_OK == NS_InitNodeListClass(this, nsnull) &&
NS_OK == InitializeExternalClasses() &&
NS_OK == InitializeLiveConnectClasses() &&
// XXX Temporarily here. These shouldn't be hardcoded.
NS_OK == NS_InitHTMLImageElementClass(this, nsnull) &&
NS_OK == NS_InitHTMLOptionElementClass(this, nsnull)) {
res = NS_OK;
}
// Hook up XPConnect
{
nsIXPConnect* xpc;
res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect");
if (NS_SUCCEEDED(res)) {
res = xpc->AddNewComponentsObject(mContext, JS_GetGlobalObject(mContext));
NS_ASSERTION(NS_SUCCEEDED(res), "unable to add Components object");
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
else {
// silently fail for now
res = NS_OK;
}
}
mIsInitialized = PR_TRUE;
NS_RELEASE(global);
return res;
nsresult res = NS_ERROR_FAILURE;
nsIScriptGlobalObject *global = GetGlobalObject();
if (NS_OK == NS_InitWindowClass(this, global) &&
NS_OK == NS_InitNodeClass(this, nsnull) &&
NS_OK == NS_InitElementClass(this, nsnull) &&
NS_OK == NS_InitDocumentClass(this, nsnull) &&
NS_OK == NS_InitTextClass(this, nsnull) &&
NS_OK == NS_InitAttrClass(this, nsnull) &&
NS_OK == NS_InitNamedNodeMapClass(this, nsnull) &&
NS_OK == NS_InitNodeListClass(this, nsnull) &&
NS_OK == InitializeExternalClasses() &&
NS_OK == InitializeLiveConnectClasses() &&
// XXX Temporarily here. These shouldn't be hardcoded.
NS_OK == NS_InitHTMLImageElementClass(this, nsnull) &&
NS_OK == NS_InitHTMLOptionElementClass(this, nsnull)) {
res = NS_OK;
}
// Hook up XPConnect
{
nsIXPConnect* xpc;
res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect");
if (NS_SUCCEEDED(res)) {
res = xpc->AddNewComponentsObject(mContext, JS_GetGlobalObject(mContext));
NS_ASSERTION(NS_SUCCEEDED(res), "unable to add Components object");
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
else {
// silently fail for now
res = NS_OK;
}
}
mIsInitialized = PR_TRUE;
NS_RELEASE(global);
return res;
}
NS_IMETHODIMP
nsJSContext::IsContextInitialized()
{
if (mIsInitialized) {
return NS_OK;
}
else {
return NS_COMFALSE;
}
if (mIsInitialized) {
return NS_OK;
}
else {
return NS_COMFALSE;
}
}
NS_IMETHODIMP
@ -320,87 +322,87 @@ nsJSContext::AddNamedReference(void *aSlot,
void *aScriptObject,
const char *aName)
{
if (::JS_AddNamedRoot(mContext, aSlot, aName)) {
return NS_OK;
}
else {
return NS_ERROR_FAILURE;
}
if (::JS_AddNamedRoot(mContext, aSlot, aName)) {
return NS_OK;
}
else {
return NS_ERROR_FAILURE;
}
}
NS_IMETHODIMP
nsJSContext::RemoveReference(void *aSlot, void *aScriptObject)
{
JSObject *obj = (JSObject *)aScriptObject;
if (::JS_RemoveRoot(mContext, aSlot)) {
return NS_OK;
}
else {
return NS_ERROR_FAILURE;
}
JSObject *obj = (JSObject *)aScriptObject;
if (::JS_RemoveRoot(mContext, aSlot)) {
return NS_OK;
}
else {
return NS_ERROR_FAILURE;
}
}
NS_IMETHODIMP
nsJSContext::GC()
{
JS_GC(mContext);
return NS_OK;
JS_GC(mContext);
return NS_OK;
}
NS_IMETHODIMP
nsJSContext::ScriptEvaluated(void)
{
mNumEvaluations++;
if (mNumEvaluations > 20) {
mNumEvaluations = 0;
GC();
}
return NS_OK;
mNumEvaluations++;
if (mNumEvaluations > 20) {
mNumEvaluations = 0;
GC();
}
return NS_OK;
}
NS_IMETHODIMP
nsJSContext::GetNameSpaceManager(nsIScriptNameSpaceManager** aInstancePtr)
{
nsresult result = NS_OK;
if (nsnull == mNameSpaceManager) {
result = NS_NewScriptNameSpaceManager(&mNameSpaceManager);
if (NS_OK == result) {
nsIScriptNameSetRegistry* registry;
result = nsServiceManager::GetService(kCScriptNameSetRegistryCID,
kIScriptNameSetRegistryIID,
(nsISupports **)&registry);
if (NS_OK == result) {
result = registry->PopulateNameSpace(this);
nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID,
registry);
}
}
}
*aInstancePtr = mNameSpaceManager;
NS_ADDREF(mNameSpaceManager);
return result;
nsresult result = NS_OK;
if (nsnull == mNameSpaceManager) {
result = NS_NewScriptNameSpaceManager(&mNameSpaceManager);
if (NS_OK == result) {
nsIScriptNameSetRegistry* registry;
result = nsServiceManager::GetService(kCScriptNameSetRegistryCID,
kIScriptNameSetRegistryIID,
(nsISupports **)&registry);
if (NS_OK == result) {
result = registry->PopulateNameSpace(this);
nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID,
registry);
}
}
}
*aInstancePtr = mNameSpaceManager;
NS_ADDREF(mNameSpaceManager);
return result;
}
NS_IMETHODIMP
nsJSContext::GetSecurityManager(nsIScriptSecurityManager** aInstancePtr)
{
if (mSecManager) {
*aInstancePtr = mSecManager;
NS_ADDREF(*aInstancePtr);
return NS_OK;
}
nsresult ret = NS_NewScriptSecurityManager(&mSecManager);
if (NS_OK == ret) {
*aInstancePtr = mSecManager;
NS_ADDREF(*aInstancePtr);
}
return ret;
if (mSecManager) {
*aInstancePtr = mSecManager;
NS_ADDREF(*aInstancePtr);
return NS_OK;
}
nsresult ret = NS_NewScriptSecurityManager(&mSecManager);
if (NS_OK == ret) {
*aInstancePtr = mSecManager;
NS_ADDREF(*aInstancePtr);
}
return ret;
}
nsJSEnvironment *nsJSEnvironment::sTheEnvironment = nsnull;
@ -408,15 +410,15 @@ nsJSEnvironment *nsJSEnvironment::sTheEnvironment = nsnull;
// Class to manage destruction of the singleton
// JSEnvironment
struct JSEnvironmentInit {
JSEnvironmentInit() {
}
~JSEnvironmentInit() {
if (nsJSEnvironment::sTheEnvironment) {
delete nsJSEnvironment::sTheEnvironment;
nsJSEnvironment::sTheEnvironment = nsnull;
}
}
JSEnvironmentInit() {
}
~JSEnvironmentInit() {
if (nsJSEnvironment::sTheEnvironment) {
delete nsJSEnvironment::sTheEnvironment;
nsJSEnvironment::sTheEnvironment = nsnull;
}
}
};
#ifndef XP_MAC
@ -426,85 +428,91 @@ static JSEnvironmentInit initJSEnvironment;
nsJSEnvironment *
nsJSEnvironment::GetScriptingEnvironment()
{
if (nsnull == sTheEnvironment) {
sTheEnvironment = new nsJSEnvironment();
}
return sTheEnvironment;
if (nsnull == sTheEnvironment) {
sTheEnvironment = new nsJSEnvironment();
}
return sTheEnvironment;
}
nsJSEnvironment::nsJSEnvironment()
{
mRuntime = JS_Init(gGCSize);
mRuntime = JS_Init(gGCSize);
#if defined(OJI)
// Initialize LiveConnect.
nsILiveConnectManager* manager = NULL;
nsresult result = nsServiceManager::GetService(nsIJVMManager::GetCID(),
nsILiveConnectManager::GetIID(),
(nsISupports **)&manager);
// Should the JVM manager perhaps define methods for starting up LiveConnect?
if (result == NS_OK && manager != NULL) {
PRBool started = PR_FALSE;
result = manager->StartupLiveConnect(mRuntime, started);
result = nsServiceManager::ReleaseService(nsIJVMManager::GetCID(), manager);
}
// Initialize LiveConnect.
nsILiveConnectManager* manager = NULL;
nsresult result = nsServiceManager::GetService(nsIJVMManager::GetCID(),
nsILiveConnectManager::GetIID(),
(nsISupports **)&manager);
// Should the JVM manager perhaps define methods for starting up LiveConnect?
if (result == NS_OK && manager != NULL) {
PRBool started = PR_FALSE;
result = manager->StartupLiveConnect(mRuntime, started);
result = nsServiceManager::ReleaseService(nsIJVMManager::GetCID(), manager);
}
#endif
}
nsJSEnvironment::~nsJSEnvironment()
{
JS_Finish(mRuntime);
JS_Finish(mRuntime);
}
nsIScriptContext* nsJSEnvironment::GetNewContext()
{
nsIScriptContext *context;
context = new nsJSContext(mRuntime);
NS_ADDREF(context);
return context;
nsIScriptContext *context;
context = new nsJSContext(mRuntime);
NS_ADDREF(context);
return context;
}
extern "C" NS_DOM nsresult NS_CreateContext(nsIScriptGlobalObject *aGlobal, nsIScriptContext **aContext)
{
nsresult rv = NS_OK;
nsresult rv = NS_OK;
nsJSEnvironment *environment = nsJSEnvironment::GetScriptingEnvironment();
*aContext = environment->GetNewContext();
if (! *aContext)
return NS_ERROR_OUT_OF_MEMORY; // XXX
// Hook up XPConnect
nsIXPConnect* xpc;
rv = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(rv), "unable to get xpconnect");
if (NS_SUCCEEDED(rv)) {
nsIScriptObjectOwner* owner;
rv = aGlobal->QueryInterface(nsIScriptObjectOwner::GetIID(), (void**) &owner);
if (NS_SUCCEEDED(rv)) {
JSObject* global;
rv = owner->GetScriptObject(*aContext, (void**) &global);
if (NS_SUCCEEDED(rv)) {
JSContext *cx = (JSContext*) (*aContext)->GetNativeContext();
rv = xpc->InitJSContext(cx, global, JS_FALSE);
//NS_ASSERTION(NS_SUCCEEDED(rv), "xpconnect unable to init jscontext");
nsIScriptSecurityManager *mgr=NULL;
nsIXPCSecurityManager *xpcSecurityManager=NULL;
if (NS_SUCCEEDED(rv))
rv=(*aContext)->GetSecurityManager(&mgr);
if (NS_SUCCEEDED(rv))
rv = mgr->QueryInterface(nsIXPCSecurityManager::GetIID(), (void**)&xpcSecurityManager);
nsJSEnvironment *environment = nsJSEnvironment::GetScriptingEnvironment();
*aContext = environment->GetNewContext();
if (! *aContext)
return NS_ERROR_OUT_OF_MEMORY; // XXX
// Bind the script context and the global object
(*aContext)->InitContext(aGlobal);
aGlobal->SetContext(*aContext);
// Hook up XPConnect
{
nsIXPConnect* xpc;
rv = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc);
//NS_ASSERTION(NS_SUCCEEDED(rv), "unable to get xpconnect");
if (NS_SUCCEEDED(rv)) {
nsIScriptObjectOwner* owner;
rv = aGlobal->QueryInterface(nsIScriptObjectOwner::GetIID(), (void**) &owner);
if (NS_SUCCEEDED(rv)) {
JSObject* global;
rv = owner->GetScriptObject(*aContext, (void**) &global);
if (NS_SUCCEEDED(rv)) {
rv = xpc->InitJSContext((JSContext*) (*aContext)->GetNativeContext(), global, JS_FALSE);
// NS_ASSERTION(NS_SUCCEEDED(rv), "xpconnect unable to init jscontext");
}
NS_RELEASE(owner);
}
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
else {
// silently fail for now
rv = NS_OK;
}
}
// Bind the script context and the global object
(*aContext)->InitContext(aGlobal);
aGlobal->SetContext(*aContext);
// XXX silently fail for now
// return rv;
return NS_OK;
if (NS_SUCCEEDED(rv))
xpc->SetSecurityManagerForJSContext(cx, xpcSecurityManager, nsIXPCSecurityManager::HOOK_ALL);
}
NS_RELEASE(owner);
}
nsServiceManager::ReleaseService(kXPConnectCID, xpc);
}
else {
(*aContext)->InitContext(aGlobal);
aGlobal->SetContext(*aContext);
rv = NS_OK;
}
// XXX silently fail for now
// return rv;
return NS_OK;
}

195
dom/src/base/nsJSSecurityManager.cpp
Просмотреть файл

@ -12,7 +12,7 @@
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Copyright (C) 1998-1999 Netscape Communications Corporation. All Rights
* Reserved.
*/
@ -30,6 +30,7 @@
#include "nsIPref.h"
#include "nsIURL.h"
static NS_DEFINE_IID(kIXPCSecurityManagerIID, NS_IXPCSECURITYMANAGER_IID);
static NS_DEFINE_IID(kIScriptSecurityManagerIID, NS_ISCRIPTSECURITYMANAGER_IID);
static NS_DEFINE_IID(kICapsSecurityCallbacksIID, NS_ICAPSSECURITYCALLBACKS_IID);
static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID);
@ -44,7 +45,7 @@ nsJSSecurityManager::nsJSSecurityManager()
NS_INIT_REFCNT();
mCapsManager = nsnull;
mPrefs = nsnull;
}
}
nsJSSecurityManager::~nsJSSecurityManager()
{
@ -52,7 +53,8 @@ nsJSSecurityManager::~nsJSSecurityManager()
NS_IF_RELEASE(mCapsManager);
}
nsresult nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr)
NS_IMETHODIMP
nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr)
{
if (nsnull == aInstancePtr) {
return NS_ERROR_NULL_POINTER;
@ -67,6 +69,11 @@ nsresult nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr)
NS_ADDREF_THIS();
return NS_OK;
}
if (aIID.Equals(kIXPCSecurityManagerIID)) {
*aInstancePtr = (void*)(nsIXPCSecurityManager*)this;
NS_ADDREF_THIS();
return NS_OK;
}
return NS_NOINTERFACE;
}
@ -80,26 +87,29 @@ nsJSSecurityManager::Init()
}
NS_IMETHODIMP
nsJSSecurityManager::CheckScriptAccess(nsIScriptContext* aContext,
void* aObj,
const char* aProp,
PRBool* aResult)
nsJSSecurityManager::CheckScriptAccess(nsIScriptContext* aContext, void* aObj,
const char* aProp, PRBool* aResult)
{
/* temporarily disable security checks */
*aResult = PR_TRUE;
return NS_OK;
#if 0
#ifdef SECURITY_ENABLED
*aResult = PR_FALSE;
JSContext* cx = (JSContext*)aContext->GetNativeContext();
PRInt32 secLevel = CheckForPrivilege(cx, (char*)aProp, nsnull);
if (SCRIPT_SECURITY_ALL_ACCESS == secLevel) {
*aResult = PR_TRUE;
switch (secLevel) {
case SCRIPT_SECURITY_ALL_ACCESS:
*aResult = PR_TRUE;
return NS_OK;
case SCRIPT_SECURITY_SAME_DOMAIN_ACCESS:
return CheckPermissions(cx, (JSObject*)aObj, eJSTarget_Max, aResult);
default:
// Default is no access
*aResult = PR_FALSE;
return NS_OK;
}
else if (SCRIPT_SECURITY_SAME_DOMAIN_ACCESS == secLevel) {
return CheckPermissions(cx, (JSObject*)aObj, eJSTarget_Max, aResult);
}
//Default is no access
#else
*aResult = PR_TRUE;
return NS_OK;
#endif
}
@ -113,7 +123,6 @@ nsJSSecurityManager::InitCaps(void)
nsresult res = nsServiceManager::GetService(kCCapsManagerCID, kICapsManagerIID,
(nsISupports**)&mCapsManager);
if ((NS_OK == res) && (nsnull != mCapsManager)) {
mCapsManager->InitializeFrameWalker(this);
}
@ -123,7 +132,7 @@ static nsString gUnknownOriginStr("[unknown origin]");
static nsString gFileDoubleSlashUrlPrefix("file://");
static nsString gFileUrlPrefix("file:");
/* This array must be kept in sync with the eJSTarget enum in nsIScripSecurityManager.h */
/* This array must be kept in sync with nsIScriptSecurityManager.idl */
static char * targetStrings[] = {
"UniversalBrowserRead",
"UniversalBrowserWrite",
@ -290,7 +299,7 @@ lm_InitSecurity(MochaDecoder *decoder)
*/
NS_IMETHODIMP
nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin)
nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString **aOrigin)
{
/*
* Get origin from script of innermost interpreted frame.
@ -321,16 +330,17 @@ nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin)
script = JS_GetFrameScript(aCx, fp);
if (script) {
principals = JS_GetScriptPrincipals(aCx, script);
aOrigin = new nsString(principals ? principals->codebase : JS_GetScriptFilename(aCx, script));
return NS_OK;
*aOrigin = new nsString(principals ? principals->codebase
: JS_GetScriptFilename(aCx, script));
return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
}
fp = JS_FrameIterator(aCx, &fp);
}
#ifdef OJI
principals = JVM_GetJavaPrincipalsFromStack(pFrameToStartLooking);
if (nsnull == principals) {
aOrigin = new nsString(principals->codebase);
return NS_OK;
if (principals) {
*aOrigin = new nsString(principals->codebase);
return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
}
#endif
@ -342,12 +352,12 @@ nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin)
}
NS_IMETHODIMP
nsJSSecurityManager::GetObjectOriginURL(JSContext *aCx, JSObject *aObj, nsString* aOrigin)
nsJSSecurityManager::GetObjectOriginURL(JSContext *aCx, JSObject *aObj, nsString** aOrigin)
{
JSPrincipals *principals;
GetContainerPrincipals(aCx, aObj, &principals);
aOrigin = new nsString(principals ? principals->codebase : nsnull);
return NS_OK;
*aOrigin = new nsString(principals ? principals->codebase : nsnull);
return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
}
//+++
@ -450,7 +460,7 @@ nsJSSecurityManager::GetCompilationPrincipals(nsIScriptContext *aContext,
}
NS_IMETHODIMP
nsJSSecurityManager::CanAccessTarget(JSContext *aCx, eJSTarget aTarget, PRBool* aReturn)
nsJSSecurityManager::CanAccessTarget(JSContext *aCx, PRInt16 aTarget, PRBool* aReturn)
{
JSPrincipals *principals;
*aReturn = PR_TRUE;
@ -480,7 +490,7 @@ nsJSSecurityManager::CanAccessTarget(JSContext *aCx, eJSTarget aTarget, PRBool*
* to the given target.
*/
PRBool
nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, eJSTarget aTarget)
nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, PRInt16 aTarget)
{
struct nsPrivilegeTable *annotation;
JSStackFrame *fp;
@ -580,17 +590,20 @@ nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, eJSTarget aTarget
}
NS_IMETHODIMP
nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget aTarget, PRBool* aReturn)
nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, PRInt16 aTarget, PRBool* aReturn)
{
nsString* subjectOrigin = nsnull;
nsString* objectOrigin = nsnull;
nsISupports* running;
nsIScriptGlobalObjectData *globalData;
JSPrincipals *principals;
nsresult rv=NS_OK;
/* May be in a layer loaded from a different origin.*/
GetSubjectOriginURL(aCx, subjectOrigin);
rv = GetSubjectOriginURL(aCx, &subjectOrigin);
if(rv != NS_OK)
return rv;
/*
* Hold onto reference to the running decoder's principals
* in case a call to GetObjectOriginURL ends up
@ -608,9 +621,9 @@ nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget
JSPRINCIPALS_HOLD(aCx, principals);
}
GetObjectOriginURL(aCx, aObj, objectOrigin);
rv = GetObjectOriginURL(aCx, aObj, &objectOrigin);
if (!subjectOrigin || !objectOrigin) {
if (rv != NS_OK || !subjectOrigin || !objectOrigin) {
*aReturn = PR_FALSE;
goto out;
}
@ -655,7 +668,7 @@ out:
NS_IMETHODIMP
nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj,
eJSTarget aTarget, PRBool* aReturn)
PRInt16 aTarget, PRBool* aReturn)
{
JSPrincipals *principals;
nsJSPrincipalsData *data;
@ -748,7 +761,7 @@ nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj,
*aReturn = PR_TRUE;
return NS_OK;
}
GetSubjectOriginURL(aCx, fn);
GetSubjectOriginURL(aCx, &fn);
if (!fn) {
*aReturn = PR_FALSE;
return NS_OK;
@ -776,14 +789,10 @@ nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj,
NS_IMETHODIMP
nsJSSecurityManager::GetContainerPrincipals(JSContext *aCx, JSObject *container, JSPrincipals** aPrincipals)
{
//Start from topmost item.
while (nsnull != (container = JS_GetParent(aCx, container)));
*aPrincipals = nsnull;
// Need to check that the origin hasn't changed underneath us
char* originUrl = FindOriginURL(aCx, container);
if (!originUrl) {
return NS_ERROR_FAILURE;
}
@ -863,7 +872,7 @@ nsJSSecurityManager::CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject
*aReturn = PR_FALSE;
return NS_OK;
}
GetObjectOriginURL(aCx, aEventTarget, origin);
GetObjectOriginURL(aCx, aEventTarget, &origin);
char* originChar;
if (origin) {
originChar = origin->ToNewCString();
@ -914,7 +923,7 @@ nsJSSecurityManager::SetExternalCapture(JSContext *aCx, JSPrincipals *aPrincipal
}
NS_IMETHODIMP
nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval aId, jsval *aVp, PRBool* aReturn)
nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval *aVp, PRBool* aReturn)
{
JSObject *newParent;
*aReturn = PR_TRUE;
@ -927,11 +936,11 @@ nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval aI
nsString* oldOrigin = nsnull;
nsString* newOrigin = nsnull;
GetObjectOriginURL(aCx, aObj, oldOrigin);
GetObjectOriginURL(aCx, aObj, &oldOrigin);
if (!oldOrigin) {
return NS_ERROR_FAILURE;
}
GetObjectOriginURL(aCx, newParent, newOrigin);
GetObjectOriginURL(aCx, newParent, &newOrigin);
if (!newOrigin) {
delete oldOrigin;
return NS_ERROR_FAILURE;
@ -964,6 +973,7 @@ nsJSSecurityManager::SetDocumentDomain(JSContext *aCx, JSPrincipals *aPrincipals
nsString* aNewDomain, PRBool* aReturn)
{
nsJSPrincipalsData *data;
nsresult result;
if (aNewDomain->Equals(aPrincipals->codebase)) {
*aReturn = PR_TRUE;
@ -976,7 +986,10 @@ nsJSSecurityManager::SetDocumentDomain(JSContext *aCx, JSPrincipals *aPrincipals
else {
delete aPrincipals->codebase;
}
nsString* codebaseStr = GetOriginFromSourceURL(aNewDomain);
nsString* codebaseStr;
if ((result = GetOriginFromSourceURL(aNewDomain, &codebaseStr)) != NS_OK)
return result;
if (!codebaseStr) {
return NS_ERROR_FAILURE;
@ -1115,11 +1128,12 @@ static nsJSPrincipalsData unknownPrincipals = {
nsnull
};
nsString*
nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL)
NS_IMETHODIMP
nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL, nsString **result)
{
if (aSourceURL->Length() == 0 || aSourceURL->EqualsIgnoreCase(gUnknownOriginStr)) {
return &gUnknownOriginStr;
*result = nsnull;
return NS_OK;
}
#if 0 //need to get url type
int urlType;
@ -1127,7 +1141,8 @@ nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL)
urlType = NET_URL_Type(sourceURL);
if (urlType == MOCHA_TYPE_URL) {
NS_ASSERTION(PR_FALSE, "Invalid URL type");/* this shouldn't occur */
return &gUnknownOriginStr;
*result = nsnull;
return NS_OK;
}
#endif
nsAutoString sourceURL(*aSourceURL);
@ -1139,13 +1154,13 @@ nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL)
char* chS = sourceURL.ToNewCString();
if (!chS) {
return &gUnknownOriginStr;
*result = nsnull;
return NS_ERROR_OUT_OF_MEMORY;
}
char *result = ParseURL(chS, GET_PROTOCOL_PART|GET_HOST_PART|GET_PATH_PART);
*result = new nsString(ParseURL(chS, GET_PROTOCOL_PART|GET_HOST_PART|GET_PATH_PART));
delete chS;
return new nsString(result);
return *result ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
}
NS_IMETHODIMP
@ -1199,7 +1214,10 @@ nsJSSecurityManager::NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aC
return NS_ERROR_FAILURE;
}
nsString* codebaseStr = GetOriginFromSourceURL(aCodebase);
nsString* codebaseStr;
nsresult rv;
if ((rv = GetOriginFromSourceURL(aCodebase, &codebaseStr)) != NS_OK)
return rv;
if (!codebaseStr) {
PR_Free(result);
@ -1559,7 +1577,7 @@ NS_IMETHODIMP
nsJSSecurityManager::CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn)
{
int intTarget = findTarget(target);
eJSTarget eJSTarget;
PRInt16 eJSTarget;
if(intTarget < 0)
{
return PR_FALSE;
@ -2110,16 +2128,16 @@ nsJSSecurityManager::AddSecPolicyPrefix(JSContext *cx, char *pref_str)
char *retval = 0;
if ((policy_str = GetSitePolicy(subjectOrigin)) == 0) {
/* No site-specific policy. Get global policy name. */
/* No site-specific policy. Get global policy name. */
if (NS_OK != mPrefs->CopyCharPref("javascript.security_policy", (char**)&policy_str))
policy_str = PL_strcpy(policy_str, "default");
if (NS_OK != mPrefs->CopyCharPref("javascript.security_policy", &policy_str))
policy_str = PL_strdup("default");
}
if (policy_str) { //why can't this be default? && PL_strcasecmp(policy_str, "default") != 0) {
retval = PR_sprintf_append(NULL, "js_security.%s.%s", policy_str, pref_str);
PR_Free(policy_str);
}
PR_FREEIF(policy_str);
return retval;
}
@ -2945,3 +2963,58 @@ extern "C" NS_DOM nsresult NS_NewScriptSecurityManager(nsIScriptSecurityManager
return ret;
}
NS_IMETHODIMP
nsJSSecurityManager::CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID,
nsISupports *aObj)
{
#if 0
nsString* aOrigin=nsnull;
nsresult rv=this->GetSubjectOriginURL(aJSContext, &aOrigin);
#endif
return NS_OK;
}
NS_IMETHODIMP
nsJSSecurityManager::CanCreateInstance(JSContext * aJSContext, const nsCID & aCID)
{
return NS_OK;
}
NS_IMETHODIMP
nsJSSecurityManager::CanGetService(JSContext * aJSContext, const nsCID & aCID)
{
return NS_OK;
}
NS_IMETHODIMP
nsJSSecurityManager::CanCallMethod(JSContext * aJSContext,
const nsIID & aIID,
nsISupports *aObj,
nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex,
const jsid aName)
{
return NS_OK;
}
NS_IMETHODIMP
nsJSSecurityManager::CanGetProperty(JSContext * aJSContext,
const nsIID & aIID,
nsISupports *aObj,
nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex,
const jsid aName)
{
return NS_OK;
}
NS_IMETHODIMP
nsJSSecurityManager::CanSetProperty(JSContext * aJSContext,
const nsIID & aIID,
nsISupports *aObj,
nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex,
const jsid aName)
{
return NS_OK;
}

312
dom/src/base/nsJSSecurityManager.h
Просмотреть файл

@ -1,183 +1,197 @@
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
*
* The contents of this file are subject to the Netscape Public License
* Version 1.0 (the "NPL"); you may not use this file except in
* compliance with the NPL. You may obtain a copy of the NPL at
* http://www.mozilla.org/NPL/
*
* Software distributed under the NPL is distributed on an "AS IS" basis,
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL
* for the specific language governing rights and limitations under the
* NPL.
*
* The Initial Developer of this code under the NPL is Netscape
* Communications Corporation. Portions created by Netscape are
* Copyright (C) 1998 Netscape Communications Corporation. All Rights
* Reserved.
*/
#ifndef nsJSSecurityManager_h___
#define nsJSSecurityManager_h___
#include "nsIScriptSecurityManager.h"
#include "nsICapsSecurityCallbacks.h"
#include "nsIScriptContext.h"
#include "jsapi.h"
#include "jsdbgapi.h"
#include "nsIXPCSecurityManager.h"
#include "nsIScriptSecurityManager.h"
#include "nsICapsSecurityCallbacks.h"
class nsICapsManager;
class nsIPref;
typedef struct nsJSFrameIterator {
JSStackFrame *fp;
JSContext *cx;
void *intersect;
PRBool sawEmptyPrincipals;
JSStackFrame *fp;
JSContext *cx;
void *intersect;
PRBool sawEmptyPrincipals;
} nsJSFrameIterator;
typedef struct nsFrameWrapper {
void *iterator;
} nsFrameWrapper;
typedef struct nsJSPrincipalsList {
JSPrincipals *principals;
struct nsJSPrincipalsList *next;
} nsJSPrincipalsList;
enum Signedness {
HAS_NO_SCRIPTS,
HAS_UNSIGNED_SCRIPTS,
HAS_SIGNED_SCRIPTS
HAS_NO_SCRIPTS,
HAS_UNSIGNED_SCRIPTS,
HAS_SIGNED_SCRIPTS
};
typedef struct nsJSPrincipalsData {
JSPrincipals principals;
void* principalsArrayRef;
nsIURI *url;
char* name;
void* zip; //ns_zip_t
uint32 externalCapturePrincipalsCount;
nsString* untransformed;
nsString* transformed;
PRBool needUnlock;
char* codebaseBeforeSettingDomain;
enum Signedness signedness;
void* pNSISecurityContext;
// nsJSSecurityManager* secManager;
JSPrincipals principals;
void* principalsArrayRef;
nsIURI *url;
char* name;
void* zip;
uint32 externalCapturePrincipalsCount;
nsString* untransformed;
nsString* transformed;
PRBool needUnlock;
char* codebaseBeforeSettingDomain;
enum Signedness signedness;
void* pNSISecurityContext;
} nsJSPrincipalsData;
class nsJSSecurityManager : public nsIScriptSecurityManager,
public nsICapsSecurityCallbacks {
public nsICapsSecurityCallbacks,
public nsIXPCSecurityManager {
public:
nsJSSecurityManager();
virtual ~nsJSSecurityManager();
NS_DECL_ISUPPORTS
//nsIScriptSecurityManager interface
NS_IMETHOD Init();
NS_IMETHOD CheckScriptAccess(nsIScriptContext* aContext,
void* aObj,
const char* aProp,
PRBool* aResult);
//XXX From lib/libmocha/lm.h
NS_IMETHOD GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin);
NS_IMETHOD GetObjectOriginURL(JSContext *aCx, JSObject *object, nsString* aOrigin);
NS_IMETHOD GetPrincipalsFromStackFrame(JSContext *aCx, JSPrincipals** aPrincipals);
NS_IMETHOD GetCompilationPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal,
JSPrincipals *aLayoutPrincipals, JSPrincipals** aPrincipals);
NS_IMETHOD CanAccessTarget(JSContext *aCx, eJSTarget target, PRBool* aReturn);
NS_IMETHOD CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget target, PRBool* aReturn);
NS_IMETHOD CheckContainerAccess(JSContext *aCx, JSObject *aObj, eJSTarget aTarget, PRBool* aReturn);
NS_IMETHOD GetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals** aPrincipals);
NS_IMETHOD SetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals* aPrincipals);
NS_IMETHOD CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject *aEventTarget, PRBool* aReturn);
NS_IMETHOD SetExternalCapture(JSContext *aCx, JSPrincipals* aPrincipals, PRBool aBool);
NS_IMETHOD CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval id, jsval *vp, PRBool* aReturn);
NS_IMETHOD SetDocumentDomain(JSContext *aCx, JSPrincipals *principals,
nsString* newDomain, PRBool* aReturn);
NS_IMETHOD DestroyPrincipalsList(JSContext *aCx, nsJSPrincipalsList *list);
//XXX End from lib/libmocha/lm.h
//XXX From include/libmocha.h
NS_IMETHOD NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aCodebase, JSPrincipals** aPrincipals);
nsJSSecurityManager();
virtual ~nsJSSecurityManager();
NS_DECL_ISUPPORTS
//nsIScriptSecurityManager interface
NS_IMETHOD Init();
NS_IMETHOD CheckScriptAccess(nsIScriptContext* aContext,
void* aObj,
const char* aProp,
PRBool* aResult);
//XXX From lib/libmocha/lm.h
NS_IMETHOD GetSubjectOriginURL(JSContext *aCx, nsString** aOrigin);
NS_IMETHOD GetObjectOriginURL(JSContext *aCx, JSObject *object, nsString** aOrigin);
NS_IMETHOD GetPrincipalsFromStackFrame(JSContext *aCx, JSPrincipals** aPrincipals);
NS_IMETHOD GetCompilationPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal,
JSPrincipals *aLayoutPrincipals, JSPrincipals** aPrincipals);
NS_IMETHOD CanAccessTarget(JSContext *aCx, PRInt16 target, PRBool* aReturn);
NS_IMETHOD CheckPermissions(JSContext *aCx, JSObject *aObj, short target, PRBool* aReturn);
NS_IMETHOD CheckContainerAccess(JSContext *aCx, JSObject *aObj, PRInt16 aTarget, PRBool* aReturn);
NS_IMETHOD GetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals** aPrincipals);
NS_IMETHOD SetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals* aPrincipals);
NS_IMETHOD CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject *aEventTarget, PRBool* aReturn);
NS_IMETHOD SetExternalCapture(JSContext *aCx, JSPrincipals* aPrincipals, PRBool aBool);
NS_IMETHOD CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval *vp, PRBool* aReturn);
NS_IMETHOD SetDocumentDomain(JSContext *aCx, JSPrincipals *principals,
nsString* newDomain, PRBool* aReturn);
NS_IMETHOD DestroyPrincipalsList(JSContext *aCx, nsJSPrincipalsList *list);
//XXX From include/libmocha.h
NS_IMETHOD NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aCodebase, JSPrincipals** aPrincipals);
#ifdef DO_JAVA_STUFF
NS_IMETHOD ExtractFromPrincipalsArchive(JSPrincipals *aPrincipals, char *aName,
uint *aLength, char** aReturn);
NS_IMETHOD SetUntransformedSource(JSPrincipals *principals, char *original,
char *transformed, PRBool* aReturn);
NS_IMETHOD GetJSPrincipalsFromJavaCaller(JSContext *aCx, void *principalsArray, void *pNSISecurityContext, JSPrincipals** aPrincipals);
NS_IMETHOD ExtractFromPrincipalsArchive(JSPrincipals *aPrincipals, char *aName,
uint *aLength, char** aReturn);
NS_IMETHOD SetUntransformedSource(JSPrincipals *principals, char *original,
char *transformed, PRBool* aReturn);
NS_IMETHOD GetJSPrincipalsFromJavaCaller(JSContext *aCx, void *principalsArray, void *pNSISecurityContext, JSPrincipals** aPrincipals);
#endif
#if 0
NS_IMETHOD CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn);
NS_IMETHOD CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn);
#endif
NS_IMETHOD RegisterPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, JSPrincipals *aPrincipals,
nsString* aName, nsString* aSrc, JSPrincipals** aRetPrincipals);
//XXX End from include/libmocha.h
//nsICapsSecurityCallbacks interface
NS_IMETHOD NewNSJSJavaFrameWrapper(void *aContext, struct nsFrameWrapper ** aWrapper);
NS_IMETHOD FreeNSJSJavaFrameWrapper(struct nsFrameWrapper *aWrapper);
NS_IMETHOD GetStartFrame(struct nsFrameWrapper *aWrapper);
NS_IMETHOD IsEndOfFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn);
NS_IMETHOD IsValidFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn);
NS_IMETHOD GetNextFrame(struct nsFrameWrapper *aWrapper, int *aDepth, void** aReturn);
NS_IMETHOD OJIGetPrincipalArray(struct nsFrameWrapper *aWrapper, void** aReturn);
NS_IMETHOD OJIGetAnnotation(struct nsFrameWrapper *aWrapper, void** aReturn);
NS_IMETHOD OJISetAnnotation(struct nsFrameWrapper *aWrapper, void *aPrivTable, void** aReturn);
NS_IMETHOD RegisterPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, JSPrincipals *aPrincipals,
nsString* aName, nsString* aSrc, JSPrincipals** aRetPrincipals);
//nsICapsSecurityCallbacks interface
NS_IMETHOD NewNSJSJavaFrameWrapper(void *aContext, struct nsFrameWrapper ** aWrapper);
NS_IMETHOD FreeNSJSJavaFrameWrapper(struct nsFrameWrapper *aWrapper);
NS_IMETHOD GetStartFrame(struct nsFrameWrapper *aWrapper);
NS_IMETHOD IsEndOfFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn);
NS_IMETHOD IsValidFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn);
NS_IMETHOD GetNextFrame(struct nsFrameWrapper *aWrapper, int *aDepth, void** aReturn);
NS_IMETHOD OJIGetPrincipalArray(struct nsFrameWrapper *aWrapper, void** aReturn);
NS_IMETHOD OJIGetAnnotation(struct nsFrameWrapper *aWrapper, void** aReturn);
NS_IMETHOD OJISetAnnotation(struct nsFrameWrapper *aWrapper, void *aPrivTable, void** aReturn);
//nsIXPCSecurityManager interface
NS_IMETHOD CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj);
NS_IMETHOD CanCreateInstance(JSContext * aJSContext, const nsCID & aCID);
NS_IMETHOD CanGetService(JSContext * aJSContext, const nsCID & aCID);
NS_IMETHOD CanCallMethod(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex, const jsid aName);
NS_IMETHOD CanGetProperty(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex, const jsid aName);
NS_IMETHOD CanSetProperty(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo,
PRUint16 aMethodIndex, const jsid aName);
private:
void PrintToConsole(const char *data);
void PrintPrincipalsToConsole(JSContext *cx, JSPrincipals *principals);
PRUint32 GetPrincipalsCount(JSContext *aCx, JSPrincipals *aPrincipals);
PRBool PrincipalsCanAccessTarget(JSContext *cx, eJSTarget target);
void InvalidateCertPrincipals(JSContext *cx, JSPrincipals *principals);
//Helper funcs for RegisterPrincipals
void PrintToConsole(const char *data);
void PrintPrincipalsToConsole(JSContext *cx, JSPrincipals *principals);
PRUint32 GetPrincipalsCount(JSContext *aCx, JSPrincipals *aPrincipals);
PRBool PrincipalsCanAccessTarget(JSContext *cx, short target);
void InvalidateCertPrincipals(JSContext *cx, JSPrincipals *principals);
//Helper funcs for RegisterPrincipals
#ifdef EARLY_ACCESS_STUFF
PRBool CheckEarlyAccess(MochaDecoder *decoder, JSPrincipals *principals);
PRBool CheckEarlyAccess(MochaDecoder *decoder, JSPrincipals *principals);
#endif
PRBool IntersectPrincipals(JSContext *aCx, JSPrincipals *principals,
JSPrincipals *newPrincipals);
PRBool PrincipalsEqual(JSContext *aCx, JSPrincipals *aA, JSPrincipals *aB);
PRBool IsExternalCaptureEnabled(JSContext *cx, JSPrincipals *principals);
PRBool CanExtendTrust(JSContext *cx, void *from, void *to);
char* GetJavaCodebaseFromOrigin(const char *origin);
nsString* GetOriginFromSourceURL(nsString* sourceURL);
char* FindOriginURL(JSContext *aCx, JSObject *aGlobal);
PRBool SameOrigins(JSContext *aCx, const char* aOrigin1, const char* aOrigin2);
PRBool SameOriginsStr(JSContext *aCx, nsString* aOrigin1, nsString* aOrigin2);
nsString* GetCanonicalizedOrigin(JSContext *cx, nsString* aUrlString);
// Glue code for JS stack crawling callbacks
nsJSFrameIterator* NewJSFrameIterator(void *aContext);
PRBool NextJSJavaFrame(struct nsJSFrameIterator *aIterator);
PRBool NextJSFrame(struct nsJSFrameIterator **aIterator);
void InitCaps(void);
//Helper funcs
char* AddSecPolicyPrefix(JSContext *cx, char *pref_str);
char* GetSitePolicy(const char *org);
PRInt32 CheckForPrivilege(JSContext *cx, char *prop_name, int priv_code);
JSBool ContinueOnViolation(JSContext *cx, int pref_code);
JSBool CheckForPrivilegeContinue(JSContext *cx, char *prop_name, int priv_code, int pref_code);
//XXX temporarily
char * ParseURL (const char *url, int parts_requested);
char * SACopy (char *destination, const char *source);
char * SACat (char *destination, const char *source);
//Local vars
nsIPref* mPrefs;
nsICapsManager* mCapsManager;
PRBool IntersectPrincipals(JSContext *aCx, JSPrincipals *principals,
JSPrincipals *newPrincipals);
PRBool PrincipalsEqual(JSContext *aCx, JSPrincipals *aA, JSPrincipals *aB);
PRBool IsExternalCaptureEnabled(JSContext *cx, JSPrincipals *principals);
PRBool CanExtendTrust(JSContext *cx, void *from, void *to);
char* GetJavaCodebaseFromOrigin(const char *origin);
NS_IMETHOD GetOriginFromSourceURL(nsString* sourceURL, nsString* *result);
char* FindOriginURL(JSContext *aCx, JSObject *aGlobal);
PRBool SameOrigins(JSContext *aCx, const char* aOrigin1, const char* aOrigin2);
PRBool SameOriginsStr(JSContext *aCx, nsString* aOrigin1, nsString* aOrigin2);
nsString* GetCanonicalizedOrigin(JSContext *cx, nsString* aUrlString);
// Glue code for JS stack crawling callbacks
nsJSFrameIterator* NewJSFrameIterator(void *aContext);
PRBool NextJSJavaFrame(struct nsJSFrameIterator *aIterator);
PRBool NextJSFrame(struct nsJSFrameIterator **aIterator);
void InitCaps(void);
//Helper funcs
char* AddSecPolicyPrefix(JSContext *cx, char *pref_str);
char* GetSitePolicy(const char *org);
PRInt32 CheckForPrivilege(JSContext *cx, char *prop_name, int priv_code);
JSBool ContinueOnViolation(JSContext *cx, int pref_code);
JSBool CheckForPrivilegeContinue(JSContext *cx, char *prop_name, int priv_code, int pref_code);
//XXX temporarily
char * ParseURL (const char *url, int parts_requested);
char * SACopy (char *destination, const char *source);
char * SACat (char *destination, const char *source);
//Local vars
nsIPref* mPrefs;
nsICapsManager* mCapsManager;
};
//XXX temporarily bit flags for determining what we want to parse from the URL
#define GET_ALL_PARTS 127
#define GET_PASSWORD_PART 64
#define GET_USERNAME_PART 32
#define GET_PROTOCOL_PART 16
#define GET_HOST_PART 8
#define GET_PATH_PART 4
#define GET_HASH_PART 2
#define GET_SEARCH_PART 1
#define GET_ALL_PARTS 127
#define GET_PASSWORD_PART 64
#define GET_USERNAME_PART 32
#define GET_PROTOCOL_PART 16
#define GET_HOST_PART 8
#define GET_PATH_PART 4
#define GET_HASH_PART 2
#define GET_SEARCH_PART 1
#endif /* nsJSSecurityManager_h___ */