diff --git a/allmakefiles.sh b/allmakefiles.sh index d0265fe81fc..57db1b59979 100755 --- a/allmakefiles.sh +++ b/allmakefiles.sh @@ -328,6 +328,7 @@ sun-java/stubs/include/Makefile sun-java/stubs/jri/Makefile sun-java/stubs/src/Makefile caps/Makefile +caps/idl/Makefile caps/include/Makefile caps/public/Makefile caps/src/Makefile diff --git a/caps/Makefile.in b/caps/Makefile.in index 02c7654ca5f..c41d8d67aae 100644 --- a/caps/Makefile.in +++ b/caps/Makefile.in @@ -21,6 +21,7 @@ VPATH = @srcdir@ include $(DEPTH)/config/autoconf.mk -DIRS = public include src +DIRS = idl public include src include $(topsrcdir)/config/rules.mk + diff --git a/caps/idl/Makefile.in b/caps/idl/Makefile.in new file mode 100644 index 00000000000..681f27aff4a --- /dev/null +++ b/caps/idl/Makefile.in @@ -0,0 +1,33 @@ +#!gmake +# +# The contents of this file are subject to the Netscape Public License +# Version 1.0 (the "NPL"); you may not use this file except in +# compliance with the NPL. You may obtain a copy of the NPL at +# http://www.mozilla.org/NPL/ +# +# Software distributed under the NPL is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL +# for the specific language governing rights and limitations under the +# NPL. +# +# The Initial Developer of this code under the NPL is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1999 Netscape Communications Corporation. All Rights +# Reserved. + +DEPTH = ../.. +topsrcdir = @top_srcdir@ +srcdir = @srcdir@ +VPATH = @srcdir@ + +include $(DEPTH)/config/autoconf.mk + +MODULE = caps + +XPIDLSRCS = \ + nsIScriptSecurityManager.idl \ + nsICapsSecurityCallbacks.idl \ + nsIPrincipal.idl \ + $(NULL) + +include $(topsrcdir)/config/rules.mk diff --git a/caps/idl/makefile.win b/caps/idl/makefile.win new file mode 100644 index 00000000000..9f76126548d --- /dev/null +++ b/caps/idl/makefile.win @@ -0,0 +1,31 @@ +#!gmake +# +# The contents of this file are subject to the Netscape Public License +# Version 1.0 (the "NPL"); you may not use this file except in +# compliance with the NPL. You may obtain a copy of the NPL at +# http://www.mozilla.org/NPL/ +# +# Software distributed under the NPL is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL +# for the specific language governing rights and limitations under the +# NPL. +# +# The Initial Developer of this code under the NPL is Netscape +# Communications Corporation. Portions created by Netscape are +# Copyright (C) 1999 Netscape Communications Corporation. All Rights +# Reserved. + +DEPTH=..\.. + +MODULE=caps + +XPIDLSRCS= \ + .\nsIScriptSecurityManager.idl \ + .\nsICapsSecurityCallbacks.idl \ + .\nsIPrincipal.idl \ +# .\nsICertificatePrincipal.idl \ +# .\nsICodebasePrincipal.idl \ + $(NULL) + +include <$(DEPTH)\config\rules.mak> + diff --git a/caps/public/nsICapsSecurityCallbacks.h b/caps/idl/nsICapsSecurityCallbacks.idl similarity index 100% rename from caps/public/nsICapsSecurityCallbacks.h rename to caps/idl/nsICapsSecurityCallbacks.idl diff --git a/caps/idl/nsIPrincipal.idl b/caps/idl/nsIPrincipal.idl new file mode 100644 index 00000000000..0056caf7e41 --- /dev/null +++ b/caps/idl/nsIPrincipal.idl @@ -0,0 +1,24 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * + * The contents of this file are subject to the Netscape Public License + * Version 1.0 (the "NPL"); you may not use this file except in + * compliance with the NPL. You may obtain a copy of the NPL at + * http://www.mozilla.org/NPL/ + * + * Software distributed under the NPL is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL + * for the specific language governing rights and limitations under the + * NPL. + * + * The Initial Developer of this code under the NPL is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1999 Netscape Communications Corporation. All Rights + * Reserved. + */ + +#include "nsISupports.idl" +[uuid(ff9313d0-25e1-11d2-8160-006008119d7a)] +interface nsIPrincipal : nsISupports { +void IsTrusted(in string scope, out boolean pbIsTrusted); +}; + diff --git a/caps/idl/nsIScriptSecurityManager.idl b/caps/idl/nsIScriptSecurityManager.idl new file mode 100644 index 00000000000..11b6b15dffd --- /dev/null +++ b/caps/idl/nsIScriptSecurityManager.idl @@ -0,0 +1,77 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- + * + * The contents of this file are subject to the Netscape Public License + * Version 1.0 (the "NPL"); you may not use this file except in + * compliance with the NPL. You may obtain a copy of the NPL at + * http://www.mozilla.org/NPL/ + * + * Software distributed under the NPL is distributed on an "AS IS" basis, + * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL + * for the specific language governing rights and limitations under the + * NPL. + * + * The Initial Developer of this code under the NPL is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 1999 Netscape Communications Corporation. All Rights + * Reserved. + */ +#include "nsISupports.idl" + +[ptr] native nsJSPrincipalsList(nsJSPrincipalsList); +[ptr] native JSContext(JSContext); +[ptr] native JSObject(JSObject); +[ptr] native JSPrincipals(JSPrincipals); +[ptr] native JSFunction(JSFunction); +[ptr] native jsval(jsval); + +interface nsString; +interface nsIScriptContext; +interface nsIScriptGlobalObject; +interface nsIURI; + +%{C++ +struct nsJSPrincipalsList; +%} + +[uuid(58df5780-8006-11d2-bd91-00805f8ae3f4)] +interface nsIScriptSecurityManager : nsISupports +{ + const short SCRIPT_SECURITY_ALL_ACCESS = 0 << 0; + const short SCRIPT_SECURITY_NO_ACCESS = 1 << 0; + const short SCRIPT_SECURITY_SAME_DOMAIN_ACCESS = 1 << 1; + const short SCRIPT_SECURITY_SIGNED_ACCESS = 1 << 2; + + + const short eJSTarget_UniversalBrowserRead=0; + const short eJSTarget_UniversalBrowserWrite=1; + const short eJSTarget_UniversalSendMail=2; + const short eJSTarget_UniversalFileRead=3; + const short eJSTarget_UniversalFileWrite=4; + const short eJSTarget_UniversalPreferencesRead=5; + const short eJSTarget_UniversalPreferencesWrite=6; + const short eJSTarget_UniversalDialerAccess=7; + const short eJSTarget_Max=8; + + void Init(); + void CheckScriptAccess(in nsIScriptContext cx, in voidStar obj, [const] in string prop, out boolean res); + void GetSubjectOriginURL(in JSContext cx, out nsString origin); + void GetObjectOriginURL(in JSContext cx, in JSObject obj, out nsString origin); + void GetPrincipalsFromStackFrame(in JSContext cx, out JSPrincipals prins); + void GetCompilationPrincipals(in nsIScriptContext cx, in nsIScriptGlobalObject go, in JSPrincipals prins, out JSPrincipals resultprins); + void CanAccessTarget(in JSContext cx, in short target, out boolean res); + void CheckPermissions(in JSContext cx, in JSObject obj, in short target, out boolean res); + void CheckContainerAccess(in JSContext cx, in JSObject obj, in short target, out boolean res); + void GetContainerPrincipals(in JSContext cx, in JSObject container, out JSPrincipals prins); + void SetContainerPrincipals(in JSContext cx, in JSObject container, in JSPrincipals prins); + void CanCaptureEvent(in JSContext cx, in JSFunction func, in JSObject eventTarget, out boolean res); + void SetExternalCapture(in JSContext cx, in JSPrincipals prins, in boolean abool); + void CheckSetParentSlot(in JSContext cx, in JSObject obj, in jsval aVp, out boolean res); + void SetDocumentDomain(in JSContext cx, in JSPrincipals prins, in nsString aNewDomain, out boolean res); + void DestroyPrincipalsList(in JSContext cx, in nsJSPrincipalsList list); + void NewJSPrincipals(in nsIURI aURL, in nsString aName, in nsString aCodebase, out JSPrincipals aPrincipals); + void RegisterPrincipals(in nsIScriptContext aContext, in nsIScriptGlobalObject aGlobal, in JSPrincipals principals, + in nsString aName, in nsString aSrc, out JSPrincipals aPrincipals); +}; +%{C++ +extern "C" NS_DOM nsresult NS_NewScriptSecurityManager(nsIScriptSecurityManager ** aInstancePtrResult); +%} diff --git a/caps/include/nsCCertPrincipal.h b/caps/include/nsCCertPrincipal.h index 70b454e8f96..e69de29bb2d 100644 --- a/caps/include/nsCCertPrincipal.h +++ b/caps/include/nsCCertPrincipal.h @@ -1,117 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#ifndef nsCCertPrincipal_h___ -#define nsCCertPrincipal_h___ - -#include "nsICertPrincipal.h" -#include "nsPrincipal.h" - -class nsCCertPrincipal : public nsICertPrincipal { -public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports: - - - NS_DECL_ISUPPORTS - - //////////////////////////////////////////////////////////////////////////// - // from nsIPrincipal: - - NS_IMETHOD - IsTrusted(char* scope, PRBool *pbIsTrusted); - - //////////////////////////////////////////////////////////////////////////// - // from nsICertPrincipal: - - /** - * returns the certificate's data that is passes in via Initialize method. - * - * @param certChain - An array of pointers, with each pointer - * pointing to a certificate data. - * @param certChainLengths - An array of intergers. Each integer indicates - * the length of the cert that is in CertChain - * parametr. - * @param noOfCerts - the number of certifcates that are in the certChain array - */ - NS_IMETHOD - GetCertData(const unsigned char ***certChain, PRUint32 **certChainLengths, PRUint32 *noOfCerts); - - /** - * Returns the public key of the certificate. - * - * @param publicKey - the Public Key data will be returned in this field. - * @param publicKeySize - the length of public key data is returned in this - * parameter. - */ - NS_IMETHOD - GetPublicKey(unsigned char **publicKey, PRUint32 *publicKeySize); - - /** - * Returns the company name of the ceritificate (OU etc parameters of certificate) - * - * @param result - the certificate details about the signer. - */ - NS_IMETHOD - GetCompanyName(const char **ppCompanyName); - - /** - * Returns the certificate issuer's data (OU etc parameters of certificate) - * - * @param result - the details about the issuer - */ - NS_IMETHOD - GetCertificateAuthority(const char **ppCertAuthority); - - /** - * Returns the serial number of certificate - * - * @param result - Returns the serial number of certificate - */ - NS_IMETHOD - GetSerialNumber(const char **ppSerialNumber); - - /** - * Returns the expiration date of certificate - * - * @param result - Returns the expiration date of certificate - */ - NS_IMETHOD - GetExpirationDate(const char **ppExpDate); - - /** - * Returns the finger print of certificate - * - * @param result - Returns the finger print of certificate - */ - NS_IMETHOD - GetFingerPrint(const char **ppFingerPrint); - - //////////////////////////////////////////////////////////////////////////// - // from nsCCertPrincipal: - nsCCertPrincipal(const unsigned char **certChain, PRUint32 *certChainLengths, PRUint32 noOfCerts, nsresult *result); - nsCCertPrincipal(nsPrincipal *pNSPrincipal); - - virtual ~nsCCertPrincipal(void); - nsPrincipal *GetPeer(void); - -protected: - nsPrincipal *m_pNSPrincipal; -}; - -#endif // nsCCertPrincipal_h___ diff --git a/caps/include/nsCCodeSourcePrincipal.h b/caps/include/nsCCodeSourcePrincipal.h index ba47edb1fa6..4331a1aacf4 100644 --- a/caps/include/nsCCodeSourcePrincipal.h +++ b/caps/include/nsCCodeSourcePrincipal.h @@ -34,7 +34,7 @@ public: // from nsIPrincipal: NS_IMETHOD - IsTrusted(char* scope, PRBool *pbIsTrusted); + IsTrusted(const char* scope, PRBool *pbIsTrusted); //////////////////////////////////////////////////////////////////////////// // from nsICodeSourcePrincipal: diff --git a/caps/include/nsCCodebasePrincipal.h b/caps/include/nsCCodebasePrincipal.h index ea9831bd46e..e69de29bb2d 100644 --- a/caps/include/nsCCodebasePrincipal.h +++ b/caps/include/nsCCodebasePrincipal.h @@ -1,63 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#ifndef nsCCodebasePrincipal_h___ -#define nsCCodebasePrincipal_h___ - -#include "nsICodebasePrincipal.h" -#include "nsPrincipal.h" - -class nsCCodebasePrincipal : public nsICodebasePrincipal { -public: - //////////////////////////////////////////////////////////////////////////// - // from nsISupports: - - NS_DECL_ISUPPORTS - - //////////////////////////////////////////////////////////////////////////// - // from nsIPrincipal: - - NS_IMETHOD - IsTrusted(char* scope, PRBool *pbIsTrusted); - - - /////////////////////////////////////////////////////////////////////////// - // from nsICodebasePrincipal: - - /** - * Returns the codebase URL of the principal. - * - * @param result - the resulting codebase URL - */ - NS_IMETHOD - GetURL(const char **ppCodeBaseURL); - - //////////////////////////////////////////////////////////////////////////// - // from nsCCodebasePrincipal: - - nsCCodebasePrincipal(const char *codebaseURL, nsresult *result); - nsCCodebasePrincipal(nsPrincipal *pNSPrincipal); - - virtual ~nsCCodebasePrincipal(void); - nsPrincipal *GetPeer(void); - -protected: - nsPrincipal *m_pNSPrincipal; -}; - -#endif // nsCCodebasePrincipal_h___ diff --git a/caps/macbuild/CapsIDL.mcp b/caps/macbuild/CapsIDL.mcp new file mode 100644 index 00000000000..afc5db415a9 Binary files /dev/null and b/caps/macbuild/CapsIDL.mcp differ diff --git a/caps/makefile.win b/caps/makefile.win index 7bb5c53142e..0a545c414fc 100644 --- a/caps/makefile.win +++ b/caps/makefile.win @@ -37,7 +37,7 @@ DEPTH=.. #// DIRS - There are subdirectories to process #// #//------------------------------------------------------------------------ -DIRS= public include src +DIRS= idl public include src #//------------------------------------------------------------------------ #// diff --git a/caps/public/Makefile.in b/caps/public/Makefile.in index bba95aa5f1e..9dc2a277090 100644 --- a/caps/public/Makefile.in +++ b/caps/public/Makefile.in @@ -24,13 +24,11 @@ VPATH = @srcdir@ include $(DEPTH)/config/autoconf.mk EXPORTS = \ - nsIPrincipal.h \ nsICodebasePrincipal.h \ nsICertPrincipal.h \ nsICapsManager.h \ nsICodeSourcePrincipal.h \ nsCapsPublicEnums.h \ - nsICapsSecurityCallbacks.h \ $(NULL) EXPORTS := $(addprefix $(srcdir)/, $(EXPORTS)) diff --git a/caps/public/makefile.win b/caps/public/makefile.win index 5e46302b679..3aaec30f7c1 100644 --- a/caps/public/makefile.win +++ b/caps/public/makefile.win @@ -29,13 +29,12 @@ IGNORE_MANIFEST=1 MODULE=caps DEPTH=..\.. EXPORTS= \ - nsIPrincipal.h \ nsICodebasePrincipal.h \ nsICertPrincipal.h \ nsICapsManager.h \ nsICodeSourcePrincipal.h \ - nsCapsPublicEnums.h \ - nsICapsSecurityCallbacks.h + nsCapsPublicEnums.h + include <$(DEPTH)/config/rules.mak> diff --git a/caps/public/nsIPrincipal.h b/caps/public/nsIPrincipal.h deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/caps/src/makefile.win b/caps/src/makefile.win index 0d04654dba3..96b8479fef7 100755 --- a/caps/src/makefile.win +++ b/caps/src/makefile.win @@ -72,7 +72,6 @@ CPP_OBJS= \ .\$(OBJDIR)\nsCCodebasePrincipal.obj \ .\$(OBJDIR)\nsCCapsManagerFactory.obj \ .\$(OBJDIR)\nsCCodeSourcePrincipal.obj \ - .\$(OBJDIR)\nsXPCSecurityManager.obj \ $(NULL) diff --git a/caps/src/nsCCertPrincipal.cpp b/caps/src/nsCCertPrincipal.cpp index c57500eaecf..e69de29bb2d 100644 --- a/caps/src/nsCCertPrincipal.cpp +++ b/caps/src/nsCCertPrincipal.cpp @@ -1,212 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#include "nsCCertPrincipal.h" -#include "nsPrincipal.h" - -NS_DEFINE_IID(kICertPrincipalIID, NS_ICERTPRINCIPAL_IID); - -//////////////////////////////////////////////////////////////////////////// -// from nsISupports: - -// These macros produce simple version of QueryInterface and AddRef. -// See the nsISupports.h header file for DETAILS. - -NS_IMPL_ADDREF(nsCCertPrincipal) -NS_IMPL_RELEASE(nsCCertPrincipal) -NS_IMPL_QUERY_INTERFACE(nsCCertPrincipal, kICertPrincipalIID); - -//////////////////////////////////////////////////////////////////////////// -// from nsIPrincipal: - -NS_METHOD -nsCCertPrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted) -{ - if(m_pNSPrincipal == NULL) - { - *pbIsTrusted = PR_FALSE; - return NS_ERROR_ILLEGAL_VALUE; - } - *pbIsTrusted = m_pNSPrincipal->isTrustedCertChainPrincipal(); - return NS_OK; -} - -//////////////////////////////////////////////////////////////////////////// -// from nsICertPrincipal: - -/** - * returns the certificate's data that is passes in via Initialize method. - * - * @param certChain - An array of pointers, with each pointer - * pointing to a certificate data. - * @param certChainLengths - An array of intergers. Each integer indicates - * the length of the cert that is in CertChain - * parametr. - * @param noOfCerts - the number of certifcates that are in the certChain array - */ -NS_METHOD -nsCCertPrincipal::GetCertData(const unsigned char ***certChain, - PRUint32 **certChainLengths, - PRUint32 *noOfCerts) -{ - *certChain = NULL; - *certChainLengths = 0; - *noOfCerts = 0; - if (m_pNSPrincipal == NULL) - { - return NS_ERROR_ILLEGAL_VALUE; - } - /* XXX: Raman fix it. Return the correct data */ - return NS_OK; -} - -/** - * Returns the public key of the certificate. - * - * @param publicKey - the Public Key data will be returned in this field. - * @param publicKeySize - the length of public key data is returned in this - * parameter. - */ -NS_METHOD -nsCCertPrincipal::GetPublicKey(unsigned char **publicKey, PRUint32 *publicKeySize) -{ - // XXX raman: fix it. - PR_ASSERT(PR_FALSE); - return NS_OK; -} - -/** - * Returns the company name of the ceritificate (OU etc parameters of certificate) - * - * @param result - the certificate details about the signer. - */ -NS_METHOD -nsCCertPrincipal::GetCompanyName(const char **ppCompanyName) -{ - if(m_pNSPrincipal == NULL) - { - *ppCompanyName = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCompanyName = m_pNSPrincipal->getCompanyName(); - return NS_OK; -} - -/** - * Returns the certificate issuer's data (OU etc parameters of certificate) - * - * @param result - the details about the issuer - */ -NS_METHOD -nsCCertPrincipal::GetCertificateAuthority(const char **ppCertAuthority) -{ - if(m_pNSPrincipal == NULL) - { - *ppCertAuthority = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCertAuthority = m_pNSPrincipal->getSecAuth(); - return NS_OK; -} - -/** - * Returns the serial number of certificate - * - * @param result - Returns the serial number of certificate - */ -NS_METHOD -nsCCertPrincipal::GetSerialNumber(const char **ppSerialNumber) -{ - if(m_pNSPrincipal == NULL) - { - *ppSerialNumber = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppSerialNumber = m_pNSPrincipal->getSerialNo(); - return NS_OK; -} - -/** - * Returns the expiration date of certificate - * - * @param result - Returns the expiration date of certificate - */ -NS_METHOD -nsCCertPrincipal::GetExpirationDate(const char **ppExpDate) -{ - if(m_pNSPrincipal == NULL) - { - *ppExpDate = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppExpDate = m_pNSPrincipal->getExpDate(); - return NS_OK; -} - -/** - * Returns the finger print of certificate - * - * @param result - Returns the finger print of certificate - */ -NS_METHOD -nsCCertPrincipal::GetFingerPrint(const char **ppFingerPrint) -{ - if(m_pNSPrincipal == NULL) - { - *ppFingerPrint = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppFingerPrint = m_pNSPrincipal->getFingerPrint(); - return NS_OK; -} - -//////////////////////////////////////////////////////////////////////////// -// from nsCCertPrincipal: - -nsCCertPrincipal::nsCCertPrincipal(const unsigned char **certChain, - PRUint32 *certChainLengths, - PRUint32 noOfCerts, - nsresult *result) -{ - m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CertChain, certChain, - certChainLengths, noOfCerts); - if(m_pNSPrincipal == NULL) - { - *result = NS_ERROR_OUT_OF_MEMORY; - return; - } - *result = NS_OK; -} - -nsCCertPrincipal::nsCCertPrincipal(nsPrincipal *pNSPrincipal) -{ - m_pNSPrincipal = pNSPrincipal; -} - -nsCCertPrincipal::~nsCCertPrincipal(void) -{ - delete m_pNSPrincipal; -} - -nsPrincipal* -nsCCertPrincipal::GetPeer(void) -{ - return m_pNSPrincipal; -} - - diff --git a/caps/src/nsCCodeSourcePrincipal.cpp b/caps/src/nsCCodeSourcePrincipal.cpp index f1fc33b09bd..7b3c36d8b8a 100644 --- a/caps/src/nsCCodeSourcePrincipal.cpp +++ b/caps/src/nsCCodeSourcePrincipal.cpp @@ -37,7 +37,7 @@ NS_IMPL_QUERY_INTERFACE(nsCCodeSourcePrincipal, kICodeSourcePrincipalIID); // from nsIPrincipal: NS_METHOD -nsCCodeSourcePrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted) +nsCCodeSourcePrincipal::IsTrusted(const char* scope, PRBool *pbIsTrusted) { if(m_pNSICertPrincipal == NULL) { diff --git a/caps/src/nsCCodebasePrincipal.cpp b/caps/src/nsCCodebasePrincipal.cpp index 578967c1112..e69de29bb2d 100644 --- a/caps/src/nsCCodebasePrincipal.cpp +++ b/caps/src/nsCCodebasePrincipal.cpp @@ -1,99 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ - -#include "nsCCodebasePrincipal.h" -#include "nsPrincipal.h" -#include "xp.h" - -NS_DEFINE_IID(kICodebasePrincipalIID, NS_ICODEBASEPRINCIPAL_IID); -//////////////////////////////////////////////////////////////////////////// -// from nsISupports: - -// These macros produce simple version of QueryInterface and AddRef. -// See the nsISupports.h header file for DETAILS. - -NS_IMPL_ADDREF(nsCCodebasePrincipal) -NS_IMPL_RELEASE(nsCCodebasePrincipal) -NS_IMPL_QUERY_INTERFACE(nsCCodebasePrincipal, kICodebasePrincipalIID); - -//////////////////////////////////////////////////////////////////////////// -// from nsIPrincipal: - -NS_METHOD -nsCCodebasePrincipal::IsTrusted(char* scope, PRBool *pbIsTrusted) -{ - if(m_pNSPrincipal == NULL) - { - *pbIsTrusted = PR_FALSE; - return NS_ERROR_ILLEGAL_VALUE; - } - *pbIsTrusted = m_pNSPrincipal->isSecurePrincipal(); - return NS_OK; -} - - - -/** - * Returns the codebase URL of the principal. - * - * @param result - the resulting codebase URL - */ -NS_METHOD -nsCCodebasePrincipal::GetURL(const char **ppCodeBaseURL) -{ - if(m_pNSPrincipal == NULL) - { - *ppCodeBaseURL = NULL; - return NS_ERROR_ILLEGAL_VALUE; - } - *ppCodeBaseURL = m_pNSPrincipal->getKey(); - return NS_OK; -} - -//////////////////////////////////////////////////////////////////////////// -// from nsCCodebasePrincipal: - -nsCCodebasePrincipal::nsCCodebasePrincipal(const char *codebaseURL, - nsresult *result) -{ - m_pNSPrincipal = new nsPrincipal(nsPrincipalType_CodebaseExact, - (void *)codebaseURL, - XP_STRLEN(codebaseURL)); - if(m_pNSPrincipal == NULL) - { - *result = NS_ERROR_OUT_OF_MEMORY; - return; - } - *result = NS_OK; -} - -nsCCodebasePrincipal::nsCCodebasePrincipal(nsPrincipal *pNSPrincipal) -{ - m_pNSPrincipal = pNSPrincipal; -} - -nsCCodebasePrincipal::~nsCCodebasePrincipal(void) -{ - delete m_pNSPrincipal; -} - -nsPrincipal* -nsCCodebasePrincipal::GetPeer(void) -{ - return m_pNSPrincipal; -} diff --git a/caps/src/nsXPCSecurityManager.cpp b/caps/src/nsXPCSecurityManager.cpp deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/dom/public/Makefile.in b/dom/public/Makefile.in index 0696a04aaff..ec29bf80f56 100644 --- a/dom/public/Makefile.in +++ b/dom/public/Makefile.in @@ -39,7 +39,6 @@ EXPORTS = \ nsIDOMScriptObjectFactory.h \ nsIDOMNativeObjectRegistry.h \ nsDOMCID.h \ - nsIScriptSecurityManager.h \ nsIScriptGlobalObjectData.h \ nsIScriptNameSetRegistry.h \ nsIScriptExternalNameSet.h \ diff --git a/dom/public/makefile.win b/dom/public/makefile.win index c5b9247b4fe..c1197865f2b 100644 --- a/dom/public/makefile.win +++ b/dom/public/makefile.win @@ -33,7 +33,6 @@ EXPORTS=nsIScriptContext.h \ nsIDOMScriptObjectFactory.h \ nsIDOMNativeObjectRegistry.h \ nsDOMCID.h \ - nsIScriptSecurityManager.h \ nsIScriptNameSetRegistry.h \ nsIScriptExternalNameSet.h \ nsIScriptNameSpaceManager.h \ diff --git a/dom/public/nsIScriptSecurityManager.h b/dom/public/nsIScriptSecurityManager.h deleted file mode 100644 index e69de29bb2d..00000000000 diff --git a/dom/src/base/nsJSEnvironment.cpp b/dom/src/base/nsJSEnvironment.cpp index fb110b90b86..4cc251a457c 100644 --- a/dom/src/base/nsJSEnvironment.cpp +++ b/dom/src/base/nsJSEnvironment.cpp @@ -1,20 +1,20 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ +* +* The contents of this file are subject to the Netscape Public License +* Version 1.0 (the "NPL"); you may not use this file except in +* compliance with the NPL. You may obtain a copy of the NPL at +* http://www.mozilla.org/NPL/ +* +* Software distributed under the NPL is distributed on an "AS IS" basis, +* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL +* for the specific language governing rights and limitations under the +* NPL. +* +* The Initial Developer of this code under the NPL is Netscape +* Communications Corporation. Portions created by Netscape are +* Copyright (C) 1998 Netscape Communications Corporation. All Rights +* Reserved. +*/ #include "nsJSEnvironment.h" #include "nsIScriptObjectOwner.h" @@ -30,12 +30,14 @@ #include "nsIDOMNodeList.h" #include "nsIDOMHTMLImageElement.h" #include "nsIDOMHTMLOptionElement.h" +#include "nsJSSecurityManager.h" #include "nsIScriptSecurityManager.h" #include "nsIScriptNameSetRegistry.h" #include "nsIScriptNameSpaceManager.h" #include "nsDOMCID.h" #include "nsIServiceManager.h" #include "nsIXPConnect.h" +#include "nsIXPCSecurityManager.h" #if defined(OJI) #include "nsIJVMManager.h" @@ -57,32 +59,32 @@ void PR_CALLBACK NS_ScriptErrorReporter(JSContext *cx, const char *message, JSErrorReport *report) { if (nsnull != report) { - printf("JavaScript error: "); - + printf("JavaScript error: "); + if(message) { printf("%s\n", message); } - + if(report->filename) { printf("URL: %s ", report->filename); } - + if(report->lineno) { printf("LineNo: %u", report->lineno); } - + printf("\n"); - + if(report->linebuf) { printf("Line text: '%s', ", report->linebuf); } - + if(report->tokenptr) { printf("Error text: '%s'", report->tokenptr); } - + printf("\n"); - + } else if(message) { printf("JavaScript error: %s\n", message); } else { @@ -92,31 +94,31 @@ NS_ScriptErrorReporter(JSContext *cx, const char *message, JSErrorReport *report nsJSContext::nsJSContext(JSRuntime *aRuntime) { - mRefCnt = 0; - mContext = JS_NewContext(aRuntime, gStackSize); - JS_SetContextPrivate(mContext, (void *)this); - mNameSpaceManager = nsnull; - mIsInitialized = PR_FALSE; - mNumEvaluations = 0; - mSecManager = nsnull; + mRefCnt = 0; + mContext = JS_NewContext(aRuntime, gStackSize); + JS_SetContextPrivate(mContext, (void *)this); + mNameSpaceManager = nsnull; + mIsInitialized = PR_FALSE; + mNumEvaluations = 0; + mSecManager = nsnull; } nsJSContext::~nsJSContext() { - // Tell xpconnect that we're about to destroy the JSContext so it can cleanup - nsIXPConnect* xpc; - nsresult res; - res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), - (nsISupports**) &xpc); - //NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect"); - if (NS_SUCCEEDED(res)) { - xpc->AbandonJSContext(mContext); - nsServiceManager::ReleaseService(kXPConnectCID, xpc); - } - - NS_IF_RELEASE(mNameSpaceManager); - JS_DestroyContext(mContext); - NS_IF_RELEASE(mSecManager); + // Tell xpconnect that we're about to destroy the JSContext so it can cleanup + nsIXPConnect* xpc; + nsresult res; + res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), + (nsISupports**) &xpc); + //NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect"); + if (NS_SUCCEEDED(res)) { + xpc->AbandonJSContext(mContext); + nsServiceManager::ReleaseService(kXPConnectCID, xpc); + } + + NS_IF_RELEASE(mNameSpaceManager); + JS_DestroyContext(mContext); + NS_IF_RELEASE(mSecManager); } NS_IMPL_ISUPPORTS(nsJSContext, kIScriptContextIID); @@ -128,119 +130,119 @@ nsJSContext::EvaluateString(const nsString& aScript, nsString& aRetValue, PRBool* aIsUndefined) { - jsval val; - nsIScriptGlobalObject *global = GetGlobalObject(); - nsIScriptGlobalObjectData *globalData; - JSPrincipals* principals = nsnull; - - if (global && NS_SUCCEEDED(global->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData))) { - if (NS_FAILED(globalData->GetPrincipals((void**)&principals))) { - NS_RELEASE(global); - NS_RELEASE(globalData); - return NS_ERROR_FAILURE; - } - NS_RELEASE(globalData); - } - NS_IF_RELEASE(global); - - PRBool ret = ::JS_EvaluateUCScriptForPrincipals(mContext, - JS_GetGlobalObject(mContext), - principals, - (jschar*)aScript.GetUnicode(), - aScript.Length(), - aURL, - aLineNo, - &val); - - if (ret) { - *aIsUndefined = JSVAL_IS_VOID(val); - JSString* jsstring = JS_ValueToString(mContext, val); - aRetValue.SetString(JS_GetStringChars(jsstring)); - } - else { - aRetValue.Truncate(); - } - - ScriptEvaluated(); - - return ret; + jsval val; + nsIScriptGlobalObject *global = GetGlobalObject(); + nsIScriptGlobalObjectData *globalData; + JSPrincipals* principals = nsnull; + + if (global && NS_SUCCEEDED(global->QueryInterface(kIScriptGlobalObjectDataIID, (void**)&globalData))) { + if (NS_FAILED(globalData->GetPrincipals((void**)&principals))) { + NS_RELEASE(global); + NS_RELEASE(globalData); + return NS_ERROR_FAILURE; + } + NS_RELEASE(globalData); + } + NS_IF_RELEASE(global); + + PRBool ret = ::JS_EvaluateUCScriptForPrincipals(mContext, + JS_GetGlobalObject(mContext), + principals, + (jschar*)aScript.GetUnicode(), + aScript.Length(), + aURL, + aLineNo, + &val); + + if (ret) { + *aIsUndefined = JSVAL_IS_VOID(val); + JSString* jsstring = JS_ValueToString(mContext, val); + aRetValue.SetString(JS_GetStringChars(jsstring)); + } + else { + aRetValue.Truncate(); + } + + ScriptEvaluated(); + + return ret; } NS_IMETHODIMP_(nsIScriptGlobalObject*) nsJSContext::GetGlobalObject() { - JSObject *global = JS_GetGlobalObject(mContext); - nsIScriptGlobalObject *script_global = nsnull; - - if (nsnull != global) { - nsISupports* sup = (nsISupports *)JS_GetPrivate(mContext, global); - if (nsnull != sup) { - sup->QueryInterface(kIScriptGlobalObjectIID, (void**) &script_global); - } - return script_global; - } - else { - return nsnull; - } + JSObject *global = JS_GetGlobalObject(mContext); + nsIScriptGlobalObject *script_global = nsnull; + + if (nsnull != global) { + nsISupports* sup = (nsISupports *)JS_GetPrivate(mContext, global); + if (nsnull != sup) { + sup->QueryInterface(kIScriptGlobalObjectIID, (void**) &script_global); + } + return script_global; + } + else { + return nsnull; + } } NS_IMETHODIMP_(void*) nsJSContext::GetNativeContext() { - return (void *)mContext; + return (void *)mContext; } NS_IMETHODIMP nsJSContext::InitContext(nsIScriptGlobalObject *aGlobalObject) { - nsIScriptObjectOwner *owner; - JSObject *global; - nsresult res = aGlobalObject->QueryInterface(kIScriptObjectOwnerIID, (void **)&owner); - mIsInitialized = PR_FALSE; - - if (NS_OK == res) { - res = owner->GetScriptObject(this, (void **)&global); - - // init standard classes - if ((NS_OK == res) && ::JS_InitStandardClasses(mContext, global)) { - JS_SetGlobalObject(mContext, global); - res = InitClasses(); // this will complete the global object initialization - } - - NS_RELEASE(owner); - - if (NS_OK == res) { - ::JS_SetErrorReporter(mContext, NS_ScriptErrorReporter); - } - } - - return res; + nsIScriptObjectOwner *owner; + JSObject *global; + nsresult res = aGlobalObject->QueryInterface(kIScriptObjectOwnerIID, (void **)&owner); + mIsInitialized = PR_FALSE; + + if (NS_OK == res) { + res = owner->GetScriptObject(this, (void **)&global); + + // init standard classes + if ((NS_OK == res) && ::JS_InitStandardClasses(mContext, global)) { + JS_SetGlobalObject(mContext, global); + res = InitClasses(); // this will complete the global object initialization + } + + NS_RELEASE(owner); + + if (NS_OK == res) { + ::JS_SetErrorReporter(mContext, NS_ScriptErrorReporter); + } + } + + return res; } nsresult nsJSContext::InitializeExternalClasses() { - nsresult result = NS_OK; - - nsIScriptNameSetRegistry* registry; - result = nsServiceManager::GetService(kCScriptNameSetRegistryCID, - kIScriptNameSetRegistryIID, - (nsISupports **)®istry); - if (NS_OK == result) { - result = registry->InitializeClasses(this); - nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID, - registry); - } - - return result; + nsresult result = NS_OK; + + nsIScriptNameSetRegistry* registry; + result = nsServiceManager::GetService(kCScriptNameSetRegistryCID, + kIScriptNameSetRegistryIID, + (nsISupports **)®istry); + if (NS_OK == result) { + result = registry->InitializeClasses(this); + nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID, + registry); + } + + return result; } nsresult nsJSContext::InitializeLiveConnectClasses() { nsresult rv = NS_OK; - + #if defined(OJI) NS_WITH_SERVICE(nsIJVMManager, jvmManager, nsIJVMManager::GetCID(), &rv); if (rv == NS_OK && jvmManager != nsnull) { @@ -248,14 +250,14 @@ nsJSContext::InitializeLiveConnectClasses() if (NS_OK == jvmManager->IsJavaEnabled(&javaEnabled) && javaEnabled) { nsILiveConnectManager* liveConnectManager = nsnull; if (NS_OK == jvmManager->QueryInterface(nsILiveConnectManager::GetIID(), - (void**)&liveConnectManager)) { + (void**)&liveConnectManager)) { rv = liveConnectManager->InitLiveConnectClasses(mContext, JS_GetGlobalObject(mContext)); NS_RELEASE(liveConnectManager); } } } #endif - + // return all is well until things are stable. return NS_OK; } @@ -263,56 +265,56 @@ nsJSContext::InitializeLiveConnectClasses() NS_IMETHODIMP nsJSContext::InitClasses() { - nsresult res = NS_ERROR_FAILURE; - nsIScriptGlobalObject *global = GetGlobalObject(); - - if (NS_OK == NS_InitWindowClass(this, global) && - NS_OK == NS_InitNodeClass(this, nsnull) && - NS_OK == NS_InitElementClass(this, nsnull) && - NS_OK == NS_InitDocumentClass(this, nsnull) && - NS_OK == NS_InitTextClass(this, nsnull) && - NS_OK == NS_InitAttrClass(this, nsnull) && - NS_OK == NS_InitNamedNodeMapClass(this, nsnull) && - NS_OK == NS_InitNodeListClass(this, nsnull) && - NS_OK == InitializeExternalClasses() && - NS_OK == InitializeLiveConnectClasses() && - // XXX Temporarily here. These shouldn't be hardcoded. - NS_OK == NS_InitHTMLImageElementClass(this, nsnull) && - NS_OK == NS_InitHTMLOptionElementClass(this, nsnull)) { - res = NS_OK; - } - - // Hook up XPConnect - { - nsIXPConnect* xpc; - res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc); - //NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect"); - if (NS_SUCCEEDED(res)) { - res = xpc->AddNewComponentsObject(mContext, JS_GetGlobalObject(mContext)); - NS_ASSERTION(NS_SUCCEEDED(res), "unable to add Components object"); - nsServiceManager::ReleaseService(kXPConnectCID, xpc); - } - else { - // silently fail for now - res = NS_OK; - } - } - - mIsInitialized = PR_TRUE; - - NS_RELEASE(global); - return res; + nsresult res = NS_ERROR_FAILURE; + nsIScriptGlobalObject *global = GetGlobalObject(); + + if (NS_OK == NS_InitWindowClass(this, global) && + NS_OK == NS_InitNodeClass(this, nsnull) && + NS_OK == NS_InitElementClass(this, nsnull) && + NS_OK == NS_InitDocumentClass(this, nsnull) && + NS_OK == NS_InitTextClass(this, nsnull) && + NS_OK == NS_InitAttrClass(this, nsnull) && + NS_OK == NS_InitNamedNodeMapClass(this, nsnull) && + NS_OK == NS_InitNodeListClass(this, nsnull) && + NS_OK == InitializeExternalClasses() && + NS_OK == InitializeLiveConnectClasses() && + // XXX Temporarily here. These shouldn't be hardcoded. + NS_OK == NS_InitHTMLImageElementClass(this, nsnull) && + NS_OK == NS_InitHTMLOptionElementClass(this, nsnull)) { + res = NS_OK; + } + + // Hook up XPConnect + { + nsIXPConnect* xpc; + res = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc); + //NS_ASSERTION(NS_SUCCEEDED(res), "unable to get xpconnect"); + if (NS_SUCCEEDED(res)) { + res = xpc->AddNewComponentsObject(mContext, JS_GetGlobalObject(mContext)); + NS_ASSERTION(NS_SUCCEEDED(res), "unable to add Components object"); + nsServiceManager::ReleaseService(kXPConnectCID, xpc); + } + else { + // silently fail for now + res = NS_OK; + } + } + + mIsInitialized = PR_TRUE; + + NS_RELEASE(global); + return res; } NS_IMETHODIMP nsJSContext::IsContextInitialized() { - if (mIsInitialized) { - return NS_OK; - } - else { - return NS_COMFALSE; - } + if (mIsInitialized) { + return NS_OK; + } + else { + return NS_COMFALSE; + } } NS_IMETHODIMP @@ -320,87 +322,87 @@ nsJSContext::AddNamedReference(void *aSlot, void *aScriptObject, const char *aName) { - if (::JS_AddNamedRoot(mContext, aSlot, aName)) { - return NS_OK; - } - else { - return NS_ERROR_FAILURE; - } + if (::JS_AddNamedRoot(mContext, aSlot, aName)) { + return NS_OK; + } + else { + return NS_ERROR_FAILURE; + } } NS_IMETHODIMP nsJSContext::RemoveReference(void *aSlot, void *aScriptObject) { - JSObject *obj = (JSObject *)aScriptObject; - - if (::JS_RemoveRoot(mContext, aSlot)) { - return NS_OK; - } - else { - return NS_ERROR_FAILURE; - } + JSObject *obj = (JSObject *)aScriptObject; + + if (::JS_RemoveRoot(mContext, aSlot)) { + return NS_OK; + } + else { + return NS_ERROR_FAILURE; + } } NS_IMETHODIMP nsJSContext::GC() { - JS_GC(mContext); - return NS_OK; + JS_GC(mContext); + return NS_OK; } NS_IMETHODIMP nsJSContext::ScriptEvaluated(void) { - mNumEvaluations++; - - if (mNumEvaluations > 20) { - mNumEvaluations = 0; - GC(); - } - - return NS_OK; + mNumEvaluations++; + + if (mNumEvaluations > 20) { + mNumEvaluations = 0; + GC(); + } + + return NS_OK; } NS_IMETHODIMP nsJSContext::GetNameSpaceManager(nsIScriptNameSpaceManager** aInstancePtr) { - nsresult result = NS_OK; - - if (nsnull == mNameSpaceManager) { - result = NS_NewScriptNameSpaceManager(&mNameSpaceManager); - if (NS_OK == result) { - nsIScriptNameSetRegistry* registry; - result = nsServiceManager::GetService(kCScriptNameSetRegistryCID, - kIScriptNameSetRegistryIID, - (nsISupports **)®istry); - if (NS_OK == result) { - result = registry->PopulateNameSpace(this); - nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID, - registry); - } - } - } - - *aInstancePtr = mNameSpaceManager; - NS_ADDREF(mNameSpaceManager); - - return result; + nsresult result = NS_OK; + + if (nsnull == mNameSpaceManager) { + result = NS_NewScriptNameSpaceManager(&mNameSpaceManager); + if (NS_OK == result) { + nsIScriptNameSetRegistry* registry; + result = nsServiceManager::GetService(kCScriptNameSetRegistryCID, + kIScriptNameSetRegistryIID, + (nsISupports **)®istry); + if (NS_OK == result) { + result = registry->PopulateNameSpace(this); + nsServiceManager::ReleaseService(kCScriptNameSetRegistryCID, + registry); + } + } + } + + *aInstancePtr = mNameSpaceManager; + NS_ADDREF(mNameSpaceManager); + + return result; } NS_IMETHODIMP nsJSContext::GetSecurityManager(nsIScriptSecurityManager** aInstancePtr) { - if (mSecManager) { - *aInstancePtr = mSecManager; - NS_ADDREF(*aInstancePtr); - return NS_OK; - } - nsresult ret = NS_NewScriptSecurityManager(&mSecManager); - if (NS_OK == ret) { - *aInstancePtr = mSecManager; - NS_ADDREF(*aInstancePtr); - } - return ret; + if (mSecManager) { + *aInstancePtr = mSecManager; + NS_ADDREF(*aInstancePtr); + return NS_OK; + } + nsresult ret = NS_NewScriptSecurityManager(&mSecManager); + if (NS_OK == ret) { + *aInstancePtr = mSecManager; + NS_ADDREF(*aInstancePtr); + } + return ret; } nsJSEnvironment *nsJSEnvironment::sTheEnvironment = nsnull; @@ -408,15 +410,15 @@ nsJSEnvironment *nsJSEnvironment::sTheEnvironment = nsnull; // Class to manage destruction of the singleton // JSEnvironment struct JSEnvironmentInit { - JSEnvironmentInit() { - } - - ~JSEnvironmentInit() { - if (nsJSEnvironment::sTheEnvironment) { - delete nsJSEnvironment::sTheEnvironment; - nsJSEnvironment::sTheEnvironment = nsnull; - } - } + JSEnvironmentInit() { + } + + ~JSEnvironmentInit() { + if (nsJSEnvironment::sTheEnvironment) { + delete nsJSEnvironment::sTheEnvironment; + nsJSEnvironment::sTheEnvironment = nsnull; + } + } }; #ifndef XP_MAC @@ -426,85 +428,91 @@ static JSEnvironmentInit initJSEnvironment; nsJSEnvironment * nsJSEnvironment::GetScriptingEnvironment() { - if (nsnull == sTheEnvironment) { - sTheEnvironment = new nsJSEnvironment(); - } - return sTheEnvironment; + if (nsnull == sTheEnvironment) { + sTheEnvironment = new nsJSEnvironment(); + } + return sTheEnvironment; } nsJSEnvironment::nsJSEnvironment() { - mRuntime = JS_Init(gGCSize); - + mRuntime = JS_Init(gGCSize); + #if defined(OJI) - // Initialize LiveConnect. - nsILiveConnectManager* manager = NULL; - nsresult result = nsServiceManager::GetService(nsIJVMManager::GetCID(), - nsILiveConnectManager::GetIID(), - (nsISupports **)&manager); - - // Should the JVM manager perhaps define methods for starting up LiveConnect? - if (result == NS_OK && manager != NULL) { - PRBool started = PR_FALSE; - result = manager->StartupLiveConnect(mRuntime, started); - result = nsServiceManager::ReleaseService(nsIJVMManager::GetCID(), manager); - } + // Initialize LiveConnect. + nsILiveConnectManager* manager = NULL; + nsresult result = nsServiceManager::GetService(nsIJVMManager::GetCID(), + nsILiveConnectManager::GetIID(), + (nsISupports **)&manager); + + // Should the JVM manager perhaps define methods for starting up LiveConnect? + if (result == NS_OK && manager != NULL) { + PRBool started = PR_FALSE; + result = manager->StartupLiveConnect(mRuntime, started); + result = nsServiceManager::ReleaseService(nsIJVMManager::GetCID(), manager); + } #endif } nsJSEnvironment::~nsJSEnvironment() { - JS_Finish(mRuntime); + JS_Finish(mRuntime); } nsIScriptContext* nsJSEnvironment::GetNewContext() { - nsIScriptContext *context; - context = new nsJSContext(mRuntime); - NS_ADDREF(context); - return context; + nsIScriptContext *context; + context = new nsJSContext(mRuntime); + NS_ADDREF(context); + return context; } extern "C" NS_DOM nsresult NS_CreateContext(nsIScriptGlobalObject *aGlobal, nsIScriptContext **aContext) { - nsresult rv = NS_OK; + nsresult rv = NS_OK; + nsJSEnvironment *environment = nsJSEnvironment::GetScriptingEnvironment(); + *aContext = environment->GetNewContext(); + if (! *aContext) + return NS_ERROR_OUT_OF_MEMORY; // XXX + // Hook up XPConnect + nsIXPConnect* xpc; + rv = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc); + //NS_ASSERTION(NS_SUCCEEDED(rv), "unable to get xpconnect"); + if (NS_SUCCEEDED(rv)) { + nsIScriptObjectOwner* owner; + rv = aGlobal->QueryInterface(nsIScriptObjectOwner::GetIID(), (void**) &owner); + if (NS_SUCCEEDED(rv)) { + JSObject* global; + rv = owner->GetScriptObject(*aContext, (void**) &global); + if (NS_SUCCEEDED(rv)) { + JSContext *cx = (JSContext*) (*aContext)->GetNativeContext(); + rv = xpc->InitJSContext(cx, global, JS_FALSE); + //NS_ASSERTION(NS_SUCCEEDED(rv), "xpconnect unable to init jscontext"); + nsIScriptSecurityManager *mgr=NULL; + nsIXPCSecurityManager *xpcSecurityManager=NULL; + if (NS_SUCCEEDED(rv)) + rv=(*aContext)->GetSecurityManager(&mgr); + if (NS_SUCCEEDED(rv)) + rv = mgr->QueryInterface(nsIXPCSecurityManager::GetIID(), (void**)&xpcSecurityManager); - nsJSEnvironment *environment = nsJSEnvironment::GetScriptingEnvironment(); - *aContext = environment->GetNewContext(); - if (! *aContext) - return NS_ERROR_OUT_OF_MEMORY; // XXX + // Bind the script context and the global object + (*aContext)->InitContext(aGlobal); + aGlobal->SetContext(*aContext); - // Hook up XPConnect - { - nsIXPConnect* xpc; - rv = nsServiceManager::GetService(kXPConnectCID, nsIXPConnect::GetIID(), (nsISupports**) &xpc); - //NS_ASSERTION(NS_SUCCEEDED(rv), "unable to get xpconnect"); - if (NS_SUCCEEDED(rv)) { - nsIScriptObjectOwner* owner; - rv = aGlobal->QueryInterface(nsIScriptObjectOwner::GetIID(), (void**) &owner); - if (NS_SUCCEEDED(rv)) { - JSObject* global; - rv = owner->GetScriptObject(*aContext, (void**) &global); - if (NS_SUCCEEDED(rv)) { - rv = xpc->InitJSContext((JSContext*) (*aContext)->GetNativeContext(), global, JS_FALSE); -// NS_ASSERTION(NS_SUCCEEDED(rv), "xpconnect unable to init jscontext"); - } - NS_RELEASE(owner); - } - nsServiceManager::ReleaseService(kXPConnectCID, xpc); - } - else { - // silently fail for now - rv = NS_OK; - } - } - - // Bind the script context and the global object - (*aContext)->InitContext(aGlobal); - aGlobal->SetContext(*aContext); - -// XXX silently fail for now -// return rv; - return NS_OK; + if (NS_SUCCEEDED(rv)) + xpc->SetSecurityManagerForJSContext(cx, xpcSecurityManager, nsIXPCSecurityManager::HOOK_ALL); + } + NS_RELEASE(owner); + } + nsServiceManager::ReleaseService(kXPConnectCID, xpc); + } + else { + (*aContext)->InitContext(aGlobal); + aGlobal->SetContext(*aContext); + rv = NS_OK; + } + // XXX silently fail for now + // return rv; + return NS_OK; } diff --git a/dom/src/base/nsJSSecurityManager.cpp b/dom/src/base/nsJSSecurityManager.cpp index 1a24fe5a044..4293242e7a2 100644 --- a/dom/src/base/nsJSSecurityManager.cpp +++ b/dom/src/base/nsJSSecurityManager.cpp @@ -12,7 +12,7 @@ * * The Initial Developer of this code under the NPL is Netscape * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights + * Copyright (C) 1998-1999 Netscape Communications Corporation. All Rights * Reserved. */ @@ -30,6 +30,7 @@ #include "nsIPref.h" #include "nsIURL.h" +static NS_DEFINE_IID(kIXPCSecurityManagerIID, NS_IXPCSECURITYMANAGER_IID); static NS_DEFINE_IID(kIScriptSecurityManagerIID, NS_ISCRIPTSECURITYMANAGER_IID); static NS_DEFINE_IID(kICapsSecurityCallbacksIID, NS_ICAPSSECURITYCALLBACKS_IID); static NS_DEFINE_IID(kICapsManagerIID, NS_ICAPSMANAGER_IID); @@ -44,7 +45,7 @@ nsJSSecurityManager::nsJSSecurityManager() NS_INIT_REFCNT(); mCapsManager = nsnull; mPrefs = nsnull; -} + } nsJSSecurityManager::~nsJSSecurityManager() { @@ -52,7 +53,8 @@ nsJSSecurityManager::~nsJSSecurityManager() NS_IF_RELEASE(mCapsManager); } -nsresult nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr) +NS_IMETHODIMP +nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr) { if (nsnull == aInstancePtr) { return NS_ERROR_NULL_POINTER; @@ -67,6 +69,11 @@ nsresult nsJSSecurityManager::QueryInterface(REFNSIID aIID, void** aInstancePtr) NS_ADDREF_THIS(); return NS_OK; } + if (aIID.Equals(kIXPCSecurityManagerIID)) { + *aInstancePtr = (void*)(nsIXPCSecurityManager*)this; + NS_ADDREF_THIS(); + return NS_OK; + } return NS_NOINTERFACE; } @@ -80,26 +87,29 @@ nsJSSecurityManager::Init() } NS_IMETHODIMP -nsJSSecurityManager::CheckScriptAccess(nsIScriptContext* aContext, - void* aObj, - const char* aProp, - PRBool* aResult) +nsJSSecurityManager::CheckScriptAccess(nsIScriptContext* aContext, void* aObj, + const char* aProp, PRBool* aResult) { - /* temporarily disable security checks */ - *aResult = PR_TRUE; - return NS_OK; -#if 0 +#ifdef SECURITY_ENABLED *aResult = PR_FALSE; JSContext* cx = (JSContext*)aContext->GetNativeContext(); PRInt32 secLevel = CheckForPrivilege(cx, (char*)aProp, nsnull); - if (SCRIPT_SECURITY_ALL_ACCESS == secLevel) { - *aResult = PR_TRUE; + switch (secLevel) { + case SCRIPT_SECURITY_ALL_ACCESS: + *aResult = PR_TRUE; + return NS_OK; + + case SCRIPT_SECURITY_SAME_DOMAIN_ACCESS: + return CheckPermissions(cx, (JSObject*)aObj, eJSTarget_Max, aResult); + + default: + // Default is no access + *aResult = PR_FALSE; + return NS_OK; } - else if (SCRIPT_SECURITY_SAME_DOMAIN_ACCESS == secLevel) { - return CheckPermissions(cx, (JSObject*)aObj, eJSTarget_Max, aResult); - } - //Default is no access +#else + *aResult = PR_TRUE; return NS_OK; #endif } @@ -113,7 +123,6 @@ nsJSSecurityManager::InitCaps(void) nsresult res = nsServiceManager::GetService(kCCapsManagerCID, kICapsManagerIID, (nsISupports**)&mCapsManager); - if ((NS_OK == res) && (nsnull != mCapsManager)) { mCapsManager->InitializeFrameWalker(this); } @@ -123,7 +132,7 @@ static nsString gUnknownOriginStr("[unknown origin]"); static nsString gFileDoubleSlashUrlPrefix("file://"); static nsString gFileUrlPrefix("file:"); -/* This array must be kept in sync with the eJSTarget enum in nsIScripSecurityManager.h */ +/* This array must be kept in sync with nsIScriptSecurityManager.idl */ static char * targetStrings[] = { "UniversalBrowserRead", "UniversalBrowserWrite", @@ -290,7 +299,7 @@ lm_InitSecurity(MochaDecoder *decoder) */ NS_IMETHODIMP -nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin) +nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString **aOrigin) { /* * Get origin from script of innermost interpreted frame. @@ -321,16 +330,17 @@ nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin) script = JS_GetFrameScript(aCx, fp); if (script) { principals = JS_GetScriptPrincipals(aCx, script); - aOrigin = new nsString(principals ? principals->codebase : JS_GetScriptFilename(aCx, script)); - return NS_OK; + *aOrigin = new nsString(principals ? principals->codebase + : JS_GetScriptFilename(aCx, script)); + return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY; } fp = JS_FrameIterator(aCx, &fp); } #ifdef OJI principals = JVM_GetJavaPrincipalsFromStack(pFrameToStartLooking); - if (nsnull == principals) { - aOrigin = new nsString(principals->codebase); - return NS_OK; + if (principals) { + *aOrigin = new nsString(principals->codebase); + return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY; } #endif @@ -342,12 +352,12 @@ nsJSSecurityManager::GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin) } NS_IMETHODIMP -nsJSSecurityManager::GetObjectOriginURL(JSContext *aCx, JSObject *aObj, nsString* aOrigin) +nsJSSecurityManager::GetObjectOriginURL(JSContext *aCx, JSObject *aObj, nsString** aOrigin) { JSPrincipals *principals; GetContainerPrincipals(aCx, aObj, &principals); - aOrigin = new nsString(principals ? principals->codebase : nsnull); - return NS_OK; + *aOrigin = new nsString(principals ? principals->codebase : nsnull); + return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY; } //+++ @@ -450,7 +460,7 @@ nsJSSecurityManager::GetCompilationPrincipals(nsIScriptContext *aContext, } NS_IMETHODIMP -nsJSSecurityManager::CanAccessTarget(JSContext *aCx, eJSTarget aTarget, PRBool* aReturn) +nsJSSecurityManager::CanAccessTarget(JSContext *aCx, PRInt16 aTarget, PRBool* aReturn) { JSPrincipals *principals; *aReturn = PR_TRUE; @@ -480,7 +490,7 @@ nsJSSecurityManager::CanAccessTarget(JSContext *aCx, eJSTarget aTarget, PRBool* * to the given target. */ PRBool -nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, eJSTarget aTarget) +nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, PRInt16 aTarget) { struct nsPrivilegeTable *annotation; JSStackFrame *fp; @@ -580,17 +590,20 @@ nsJSSecurityManager::PrincipalsCanAccessTarget(JSContext *aCx, eJSTarget aTarget } NS_IMETHODIMP -nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget aTarget, PRBool* aReturn) +nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, PRInt16 aTarget, PRBool* aReturn) { nsString* subjectOrigin = nsnull; nsString* objectOrigin = nsnull; nsISupports* running; nsIScriptGlobalObjectData *globalData; JSPrincipals *principals; - + nsresult rv=NS_OK; + /* May be in a layer loaded from a different origin.*/ - GetSubjectOriginURL(aCx, subjectOrigin); - + rv = GetSubjectOriginURL(aCx, &subjectOrigin); + if(rv != NS_OK) + return rv; + /* * Hold onto reference to the running decoder's principals * in case a call to GetObjectOriginURL ends up @@ -608,9 +621,9 @@ nsJSSecurityManager::CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget JSPRINCIPALS_HOLD(aCx, principals); } - GetObjectOriginURL(aCx, aObj, objectOrigin); + rv = GetObjectOriginURL(aCx, aObj, &objectOrigin); - if (!subjectOrigin || !objectOrigin) { + if (rv != NS_OK || !subjectOrigin || !objectOrigin) { *aReturn = PR_FALSE; goto out; } @@ -655,7 +668,7 @@ out: NS_IMETHODIMP nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj, - eJSTarget aTarget, PRBool* aReturn) + PRInt16 aTarget, PRBool* aReturn) { JSPrincipals *principals; nsJSPrincipalsData *data; @@ -748,7 +761,7 @@ nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj, *aReturn = PR_TRUE; return NS_OK; } - GetSubjectOriginURL(aCx, fn); + GetSubjectOriginURL(aCx, &fn); if (!fn) { *aReturn = PR_FALSE; return NS_OK; @@ -776,14 +789,10 @@ nsJSSecurityManager::CheckContainerAccess(JSContext *aCx, JSObject *aObj, NS_IMETHODIMP nsJSSecurityManager::GetContainerPrincipals(JSContext *aCx, JSObject *container, JSPrincipals** aPrincipals) { - //Start from topmost item. - while (nsnull != (container = JS_GetParent(aCx, container))); - *aPrincipals = nsnull; // Need to check that the origin hasn't changed underneath us char* originUrl = FindOriginURL(aCx, container); - if (!originUrl) { return NS_ERROR_FAILURE; } @@ -863,7 +872,7 @@ nsJSSecurityManager::CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject *aReturn = PR_FALSE; return NS_OK; } - GetObjectOriginURL(aCx, aEventTarget, origin); + GetObjectOriginURL(aCx, aEventTarget, &origin); char* originChar; if (origin) { originChar = origin->ToNewCString(); @@ -914,7 +923,7 @@ nsJSSecurityManager::SetExternalCapture(JSContext *aCx, JSPrincipals *aPrincipal } NS_IMETHODIMP -nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval aId, jsval *aVp, PRBool* aReturn) +nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval *aVp, PRBool* aReturn) { JSObject *newParent; *aReturn = PR_TRUE; @@ -927,11 +936,11 @@ nsJSSecurityManager::CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval aI nsString* oldOrigin = nsnull; nsString* newOrigin = nsnull; - GetObjectOriginURL(aCx, aObj, oldOrigin); + GetObjectOriginURL(aCx, aObj, &oldOrigin); if (!oldOrigin) { return NS_ERROR_FAILURE; } - GetObjectOriginURL(aCx, newParent, newOrigin); + GetObjectOriginURL(aCx, newParent, &newOrigin); if (!newOrigin) { delete oldOrigin; return NS_ERROR_FAILURE; @@ -964,6 +973,7 @@ nsJSSecurityManager::SetDocumentDomain(JSContext *aCx, JSPrincipals *aPrincipals nsString* aNewDomain, PRBool* aReturn) { nsJSPrincipalsData *data; + nsresult result; if (aNewDomain->Equals(aPrincipals->codebase)) { *aReturn = PR_TRUE; @@ -976,7 +986,10 @@ nsJSSecurityManager::SetDocumentDomain(JSContext *aCx, JSPrincipals *aPrincipals else { delete aPrincipals->codebase; } - nsString* codebaseStr = GetOriginFromSourceURL(aNewDomain); + + nsString* codebaseStr; + if ((result = GetOriginFromSourceURL(aNewDomain, &codebaseStr)) != NS_OK) + return result; if (!codebaseStr) { return NS_ERROR_FAILURE; @@ -1115,11 +1128,12 @@ static nsJSPrincipalsData unknownPrincipals = { nsnull }; -nsString* -nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL) +NS_IMETHODIMP +nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL, nsString **result) { if (aSourceURL->Length() == 0 || aSourceURL->EqualsIgnoreCase(gUnknownOriginStr)) { - return &gUnknownOriginStr; + *result = nsnull; + return NS_OK; } #if 0 //need to get url type int urlType; @@ -1127,7 +1141,8 @@ nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL) urlType = NET_URL_Type(sourceURL); if (urlType == MOCHA_TYPE_URL) { NS_ASSERTION(PR_FALSE, "Invalid URL type");/* this shouldn't occur */ - return &gUnknownOriginStr; + *result = nsnull; + return NS_OK; } #endif nsAutoString sourceURL(*aSourceURL); @@ -1139,13 +1154,13 @@ nsJSSecurityManager::GetOriginFromSourceURL(nsString* aSourceURL) char* chS = sourceURL.ToNewCString(); if (!chS) { - return &gUnknownOriginStr; + *result = nsnull; + return NS_ERROR_OUT_OF_MEMORY; } - char *result = ParseURL(chS, GET_PROTOCOL_PART|GET_HOST_PART|GET_PATH_PART); + *result = new nsString(ParseURL(chS, GET_PROTOCOL_PART|GET_HOST_PART|GET_PATH_PART)); delete chS; - - return new nsString(result); + return *result ? NS_OK : NS_ERROR_OUT_OF_MEMORY; } NS_IMETHODIMP @@ -1199,7 +1214,10 @@ nsJSSecurityManager::NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aC return NS_ERROR_FAILURE; } - nsString* codebaseStr = GetOriginFromSourceURL(aCodebase); + nsString* codebaseStr; + nsresult rv; + if ((rv = GetOriginFromSourceURL(aCodebase, &codebaseStr)) != NS_OK) + return rv; if (!codebaseStr) { PR_Free(result); @@ -1559,7 +1577,7 @@ NS_IMETHODIMP nsJSSecurityManager::CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn) { int intTarget = findTarget(target); - eJSTarget eJSTarget; + PRInt16 eJSTarget; if(intTarget < 0) { return PR_FALSE; @@ -2110,16 +2128,16 @@ nsJSSecurityManager::AddSecPolicyPrefix(JSContext *cx, char *pref_str) char *retval = 0; if ((policy_str = GetSitePolicy(subjectOrigin)) == 0) { - /* No site-specific policy. Get global policy name. */ + /* No site-specific policy. Get global policy name. */ - if (NS_OK != mPrefs->CopyCharPref("javascript.security_policy", (char**)&policy_str)) - policy_str = PL_strcpy(policy_str, "default"); + if (NS_OK != mPrefs->CopyCharPref("javascript.security_policy", &policy_str)) + policy_str = PL_strdup("default"); } if (policy_str) { //why can't this be default? && PL_strcasecmp(policy_str, "default") != 0) { retval = PR_sprintf_append(NULL, "js_security.%s.%s", policy_str, pref_str); + PR_Free(policy_str); } - PR_FREEIF(policy_str); return retval; } @@ -2945,3 +2963,58 @@ extern "C" NS_DOM nsresult NS_NewScriptSecurityManager(nsIScriptSecurityManager return ret; } +NS_IMETHODIMP +nsJSSecurityManager::CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID, + nsISupports *aObj) +{ +#if 0 + nsString* aOrigin=nsnull; + nsresult rv=this->GetSubjectOriginURL(aJSContext, &aOrigin); +#endif + return NS_OK; +} + +NS_IMETHODIMP +nsJSSecurityManager::CanCreateInstance(JSContext * aJSContext, const nsCID & aCID) +{ + return NS_OK; +} + +NS_IMETHODIMP +nsJSSecurityManager::CanGetService(JSContext * aJSContext, const nsCID & aCID) +{ + return NS_OK; +} + +NS_IMETHODIMP +nsJSSecurityManager::CanCallMethod(JSContext * aJSContext, + const nsIID & aIID, + nsISupports *aObj, + nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, + const jsid aName) +{ + return NS_OK; +} + +NS_IMETHODIMP +nsJSSecurityManager::CanGetProperty(JSContext * aJSContext, + const nsIID & aIID, + nsISupports *aObj, + nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, + const jsid aName) +{ + return NS_OK; +} + +NS_IMETHODIMP +nsJSSecurityManager::CanSetProperty(JSContext * aJSContext, + const nsIID & aIID, + nsISupports *aObj, + nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, + const jsid aName) +{ + return NS_OK; +} \ No newline at end of file diff --git a/dom/src/base/nsJSSecurityManager.h b/dom/src/base/nsJSSecurityManager.h index 00b368a154a..c6a4dee8166 100644 --- a/dom/src/base/nsJSSecurityManager.h +++ b/dom/src/base/nsJSSecurityManager.h @@ -1,183 +1,197 @@ /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- - * - * The contents of this file are subject to the Netscape Public License - * Version 1.0 (the "NPL"); you may not use this file except in - * compliance with the NPL. You may obtain a copy of the NPL at - * http://www.mozilla.org/NPL/ - * - * Software distributed under the NPL is distributed on an "AS IS" basis, - * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL - * for the specific language governing rights and limitations under the - * NPL. - * - * The Initial Developer of this code under the NPL is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 1998 Netscape Communications Corporation. All Rights - * Reserved. - */ +* +* The contents of this file are subject to the Netscape Public License +* Version 1.0 (the "NPL"); you may not use this file except in +* compliance with the NPL. You may obtain a copy of the NPL at +* http://www.mozilla.org/NPL/ +* +* Software distributed under the NPL is distributed on an "AS IS" basis, +* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the NPL +* for the specific language governing rights and limitations under the +* NPL. +* +* The Initial Developer of this code under the NPL is Netscape +* Communications Corporation. Portions created by Netscape are +* Copyright (C) 1998 Netscape Communications Corporation. All Rights +* Reserved. +*/ #ifndef nsJSSecurityManager_h___ #define nsJSSecurityManager_h___ -#include "nsIScriptSecurityManager.h" -#include "nsICapsSecurityCallbacks.h" #include "nsIScriptContext.h" #include "jsapi.h" #include "jsdbgapi.h" +#include "nsIXPCSecurityManager.h" +#include "nsIScriptSecurityManager.h" +#include "nsICapsSecurityCallbacks.h" class nsICapsManager; class nsIPref; typedef struct nsJSFrameIterator { - JSStackFrame *fp; - JSContext *cx; - void *intersect; - PRBool sawEmptyPrincipals; + JSStackFrame *fp; + JSContext *cx; + void *intersect; + PRBool sawEmptyPrincipals; } nsJSFrameIterator; +typedef struct nsFrameWrapper { + void *iterator; +} nsFrameWrapper; + +typedef struct nsJSPrincipalsList { + JSPrincipals *principals; + struct nsJSPrincipalsList *next; +} nsJSPrincipalsList; + enum Signedness { - HAS_NO_SCRIPTS, - HAS_UNSIGNED_SCRIPTS, - HAS_SIGNED_SCRIPTS + HAS_NO_SCRIPTS, + HAS_UNSIGNED_SCRIPTS, + HAS_SIGNED_SCRIPTS }; typedef struct nsJSPrincipalsData { - JSPrincipals principals; - void* principalsArrayRef; - nsIURI *url; - char* name; - void* zip; //ns_zip_t - uint32 externalCapturePrincipalsCount; - nsString* untransformed; - nsString* transformed; - PRBool needUnlock; - char* codebaseBeforeSettingDomain; - enum Signedness signedness; - void* pNSISecurityContext; -// nsJSSecurityManager* secManager; + JSPrincipals principals; + void* principalsArrayRef; + nsIURI *url; + char* name; + void* zip; + uint32 externalCapturePrincipalsCount; + nsString* untransformed; + nsString* transformed; + PRBool needUnlock; + char* codebaseBeforeSettingDomain; + enum Signedness signedness; + void* pNSISecurityContext; } nsJSPrincipalsData; class nsJSSecurityManager : public nsIScriptSecurityManager, - public nsICapsSecurityCallbacks { + public nsICapsSecurityCallbacks, + public nsIXPCSecurityManager { public: - nsJSSecurityManager(); - virtual ~nsJSSecurityManager(); - - NS_DECL_ISUPPORTS - - //nsIScriptSecurityManager interface - NS_IMETHOD Init(); - - NS_IMETHOD CheckScriptAccess(nsIScriptContext* aContext, - void* aObj, - const char* aProp, - PRBool* aResult); - - //XXX From lib/libmocha/lm.h - NS_IMETHOD GetSubjectOriginURL(JSContext *aCx, nsString* aOrigin); - NS_IMETHOD GetObjectOriginURL(JSContext *aCx, JSObject *object, nsString* aOrigin); - NS_IMETHOD GetPrincipalsFromStackFrame(JSContext *aCx, JSPrincipals** aPrincipals); - NS_IMETHOD GetCompilationPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, - JSPrincipals *aLayoutPrincipals, JSPrincipals** aPrincipals); - NS_IMETHOD CanAccessTarget(JSContext *aCx, eJSTarget target, PRBool* aReturn); - NS_IMETHOD CheckPermissions(JSContext *aCx, JSObject *aObj, eJSTarget target, PRBool* aReturn); - NS_IMETHOD CheckContainerAccess(JSContext *aCx, JSObject *aObj, eJSTarget aTarget, PRBool* aReturn); - NS_IMETHOD GetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals** aPrincipals); - NS_IMETHOD SetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals* aPrincipals); - NS_IMETHOD CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject *aEventTarget, PRBool* aReturn); - NS_IMETHOD SetExternalCapture(JSContext *aCx, JSPrincipals* aPrincipals, PRBool aBool); - NS_IMETHOD CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval id, jsval *vp, PRBool* aReturn); - NS_IMETHOD SetDocumentDomain(JSContext *aCx, JSPrincipals *principals, - nsString* newDomain, PRBool* aReturn); - NS_IMETHOD DestroyPrincipalsList(JSContext *aCx, nsJSPrincipalsList *list); - //XXX End from lib/libmocha/lm.h - - //XXX From include/libmocha.h - NS_IMETHOD NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aCodebase, JSPrincipals** aPrincipals); + nsJSSecurityManager(); + virtual ~nsJSSecurityManager(); + + NS_DECL_ISUPPORTS + + //nsIScriptSecurityManager interface + NS_IMETHOD Init(); + + NS_IMETHOD CheckScriptAccess(nsIScriptContext* aContext, + void* aObj, + const char* aProp, + PRBool* aResult); + + //XXX From lib/libmocha/lm.h + NS_IMETHOD GetSubjectOriginURL(JSContext *aCx, nsString** aOrigin); + NS_IMETHOD GetObjectOriginURL(JSContext *aCx, JSObject *object, nsString** aOrigin); + NS_IMETHOD GetPrincipalsFromStackFrame(JSContext *aCx, JSPrincipals** aPrincipals); + NS_IMETHOD GetCompilationPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, + JSPrincipals *aLayoutPrincipals, JSPrincipals** aPrincipals); + NS_IMETHOD CanAccessTarget(JSContext *aCx, PRInt16 target, PRBool* aReturn); + NS_IMETHOD CheckPermissions(JSContext *aCx, JSObject *aObj, short target, PRBool* aReturn); + NS_IMETHOD CheckContainerAccess(JSContext *aCx, JSObject *aObj, PRInt16 aTarget, PRBool* aReturn); + NS_IMETHOD GetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals** aPrincipals); + NS_IMETHOD SetContainerPrincipals(JSContext *aCx, JSObject *aContainer, JSPrincipals* aPrincipals); + NS_IMETHOD CanCaptureEvent(JSContext *aCx, JSFunction *aFun, JSObject *aEventTarget, PRBool* aReturn); + NS_IMETHOD SetExternalCapture(JSContext *aCx, JSPrincipals* aPrincipals, PRBool aBool); + NS_IMETHOD CheckSetParentSlot(JSContext *aCx, JSObject *aObj, jsval *vp, PRBool* aReturn); + NS_IMETHOD SetDocumentDomain(JSContext *aCx, JSPrincipals *principals, + nsString* newDomain, PRBool* aReturn); + NS_IMETHOD DestroyPrincipalsList(JSContext *aCx, nsJSPrincipalsList *list); + //XXX From include/libmocha.h + NS_IMETHOD NewJSPrincipals(nsIURI *aURL, nsString* aName, nsString* aCodebase, JSPrincipals** aPrincipals); #ifdef DO_JAVA_STUFF - NS_IMETHOD ExtractFromPrincipalsArchive(JSPrincipals *aPrincipals, char *aName, - uint *aLength, char** aReturn); - NS_IMETHOD SetUntransformedSource(JSPrincipals *principals, char *original, - char *transformed, PRBool* aReturn); - NS_IMETHOD GetJSPrincipalsFromJavaCaller(JSContext *aCx, void *principalsArray, void *pNSISecurityContext, JSPrincipals** aPrincipals); + NS_IMETHOD ExtractFromPrincipalsArchive(JSPrincipals *aPrincipals, char *aName, + uint *aLength, char** aReturn); + NS_IMETHOD SetUntransformedSource(JSPrincipals *principals, char *original, + char *transformed, PRBool* aReturn); + NS_IMETHOD GetJSPrincipalsFromJavaCaller(JSContext *aCx, void *principalsArray, void *pNSISecurityContext, JSPrincipals** aPrincipals); #endif #if 0 - NS_IMETHOD CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn); + NS_IMETHOD CanAccessTargetStr(JSContext *aCx, const char *target, PRBool* aReturn); #endif - NS_IMETHOD RegisterPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, JSPrincipals *aPrincipals, - nsString* aName, nsString* aSrc, JSPrincipals** aRetPrincipals); - //XXX End from include/libmocha.h - - - //nsICapsSecurityCallbacks interface - NS_IMETHOD NewNSJSJavaFrameWrapper(void *aContext, struct nsFrameWrapper ** aWrapper); - NS_IMETHOD FreeNSJSJavaFrameWrapper(struct nsFrameWrapper *aWrapper); - NS_IMETHOD GetStartFrame(struct nsFrameWrapper *aWrapper); - NS_IMETHOD IsEndOfFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn); - NS_IMETHOD IsValidFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn); - NS_IMETHOD GetNextFrame(struct nsFrameWrapper *aWrapper, int *aDepth, void** aReturn); - NS_IMETHOD OJIGetPrincipalArray(struct nsFrameWrapper *aWrapper, void** aReturn); - NS_IMETHOD OJIGetAnnotation(struct nsFrameWrapper *aWrapper, void** aReturn); - NS_IMETHOD OJISetAnnotation(struct nsFrameWrapper *aWrapper, void *aPrivTable, void** aReturn); - + NS_IMETHOD RegisterPrincipals(nsIScriptContext *aContext, nsIScriptGlobalObject* aGlobal, JSPrincipals *aPrincipals, + nsString* aName, nsString* aSrc, JSPrincipals** aRetPrincipals); + //nsICapsSecurityCallbacks interface + NS_IMETHOD NewNSJSJavaFrameWrapper(void *aContext, struct nsFrameWrapper ** aWrapper); + NS_IMETHOD FreeNSJSJavaFrameWrapper(struct nsFrameWrapper *aWrapper); + NS_IMETHOD GetStartFrame(struct nsFrameWrapper *aWrapper); + NS_IMETHOD IsEndOfFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn); + NS_IMETHOD IsValidFrame(struct nsFrameWrapper *aWrapper, PRBool* aReturn); + NS_IMETHOD GetNextFrame(struct nsFrameWrapper *aWrapper, int *aDepth, void** aReturn); + NS_IMETHOD OJIGetPrincipalArray(struct nsFrameWrapper *aWrapper, void** aReturn); + NS_IMETHOD OJIGetAnnotation(struct nsFrameWrapper *aWrapper, void** aReturn); + NS_IMETHOD OJISetAnnotation(struct nsFrameWrapper *aWrapper, void *aPrivTable, void** aReturn); + //nsIXPCSecurityManager interface + NS_IMETHOD CanCreateWrapper(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj); + NS_IMETHOD CanCreateInstance(JSContext * aJSContext, const nsCID & aCID); + NS_IMETHOD CanGetService(JSContext * aJSContext, const nsCID & aCID); + NS_IMETHOD CanCallMethod(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, const jsid aName); + NS_IMETHOD CanGetProperty(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, const jsid aName); + NS_IMETHOD CanSetProperty(JSContext * aJSContext, const nsIID & aIID, nsISupports *aObj, nsIInterfaceInfo *aInterfaceInfo, + PRUint16 aMethodIndex, const jsid aName); private: - void PrintToConsole(const char *data); - void PrintPrincipalsToConsole(JSContext *cx, JSPrincipals *principals); - - PRUint32 GetPrincipalsCount(JSContext *aCx, JSPrincipals *aPrincipals); - PRBool PrincipalsCanAccessTarget(JSContext *cx, eJSTarget target); - void InvalidateCertPrincipals(JSContext *cx, JSPrincipals *principals); - - //Helper funcs for RegisterPrincipals + void PrintToConsole(const char *data); + void PrintPrincipalsToConsole(JSContext *cx, JSPrincipals *principals); + + PRUint32 GetPrincipalsCount(JSContext *aCx, JSPrincipals *aPrincipals); + PRBool PrincipalsCanAccessTarget(JSContext *cx, short target); + void InvalidateCertPrincipals(JSContext *cx, JSPrincipals *principals); + + //Helper funcs for RegisterPrincipals #ifdef EARLY_ACCESS_STUFF - PRBool CheckEarlyAccess(MochaDecoder *decoder, JSPrincipals *principals); + PRBool CheckEarlyAccess(MochaDecoder *decoder, JSPrincipals *principals); #endif - PRBool IntersectPrincipals(JSContext *aCx, JSPrincipals *principals, - JSPrincipals *newPrincipals); - PRBool PrincipalsEqual(JSContext *aCx, JSPrincipals *aA, JSPrincipals *aB); - - PRBool IsExternalCaptureEnabled(JSContext *cx, JSPrincipals *principals); - PRBool CanExtendTrust(JSContext *cx, void *from, void *to); - char* GetJavaCodebaseFromOrigin(const char *origin); - - nsString* GetOriginFromSourceURL(nsString* sourceURL); - char* FindOriginURL(JSContext *aCx, JSObject *aGlobal); - - PRBool SameOrigins(JSContext *aCx, const char* aOrigin1, const char* aOrigin2); - PRBool SameOriginsStr(JSContext *aCx, nsString* aOrigin1, nsString* aOrigin2); - nsString* GetCanonicalizedOrigin(JSContext *cx, nsString* aUrlString); - - // Glue code for JS stack crawling callbacks - nsJSFrameIterator* NewJSFrameIterator(void *aContext); - PRBool NextJSJavaFrame(struct nsJSFrameIterator *aIterator); - PRBool NextJSFrame(struct nsJSFrameIterator **aIterator); - - void InitCaps(void); - - //Helper funcs - char* AddSecPolicyPrefix(JSContext *cx, char *pref_str); - char* GetSitePolicy(const char *org); - PRInt32 CheckForPrivilege(JSContext *cx, char *prop_name, int priv_code); - JSBool ContinueOnViolation(JSContext *cx, int pref_code); - JSBool CheckForPrivilegeContinue(JSContext *cx, char *prop_name, int priv_code, int pref_code); - - //XXX temporarily - char * ParseURL (const char *url, int parts_requested); - char * SACopy (char *destination, const char *source); - char * SACat (char *destination, const char *source); - - //Local vars - nsIPref* mPrefs; - nsICapsManager* mCapsManager; + PRBool IntersectPrincipals(JSContext *aCx, JSPrincipals *principals, + JSPrincipals *newPrincipals); + PRBool PrincipalsEqual(JSContext *aCx, JSPrincipals *aA, JSPrincipals *aB); + + PRBool IsExternalCaptureEnabled(JSContext *cx, JSPrincipals *principals); + PRBool CanExtendTrust(JSContext *cx, void *from, void *to); + char* GetJavaCodebaseFromOrigin(const char *origin); + + NS_IMETHOD GetOriginFromSourceURL(nsString* sourceURL, nsString* *result); + char* FindOriginURL(JSContext *aCx, JSObject *aGlobal); + + PRBool SameOrigins(JSContext *aCx, const char* aOrigin1, const char* aOrigin2); + PRBool SameOriginsStr(JSContext *aCx, nsString* aOrigin1, nsString* aOrigin2); + nsString* GetCanonicalizedOrigin(JSContext *cx, nsString* aUrlString); + + // Glue code for JS stack crawling callbacks + nsJSFrameIterator* NewJSFrameIterator(void *aContext); + PRBool NextJSJavaFrame(struct nsJSFrameIterator *aIterator); + PRBool NextJSFrame(struct nsJSFrameIterator **aIterator); + + void InitCaps(void); + + //Helper funcs + char* AddSecPolicyPrefix(JSContext *cx, char *pref_str); + char* GetSitePolicy(const char *org); + PRInt32 CheckForPrivilege(JSContext *cx, char *prop_name, int priv_code); + JSBool ContinueOnViolation(JSContext *cx, int pref_code); + JSBool CheckForPrivilegeContinue(JSContext *cx, char *prop_name, int priv_code, int pref_code); + + //XXX temporarily + char * ParseURL (const char *url, int parts_requested); + char * SACopy (char *destination, const char *source); + char * SACat (char *destination, const char *source); + + //Local vars + nsIPref* mPrefs; + nsICapsManager* mCapsManager; }; //XXX temporarily bit flags for determining what we want to parse from the URL -#define GET_ALL_PARTS 127 -#define GET_PASSWORD_PART 64 -#define GET_USERNAME_PART 32 -#define GET_PROTOCOL_PART 16 -#define GET_HOST_PART 8 -#define GET_PATH_PART 4 -#define GET_HASH_PART 2 -#define GET_SEARCH_PART 1 +#define GET_ALL_PARTS 127 +#define GET_PASSWORD_PART 64 +#define GET_USERNAME_PART 32 +#define GET_PROTOCOL_PART 16 +#define GET_HOST_PART 8 +#define GET_PATH_PART 4 +#define GET_HASH_PART 2 +#define GET_SEARCH_PART 1 #endif /* nsJSSecurityManager_h___ */