/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- * * The contents of this file are subject to the Netscape Public * License Version 1.1 (the "License"); you may not use this file * except in compliance with the License. You may obtain a copy of * the License at http://www.mozilla.org/NPL/ * * Software distributed under the License is distributed on an "AS * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or * implied. See the License for the specific language governing * rights and limitations under the License. * * The Original Code is mozilla.org code. * * The Initial Developer of the Original Code is Netscape * Communications Corporation. Portions created by Netscape are * Copyright (C) 1999 Netscape Communications Corporation. All * Rights Reserved. * * Contributor(s): */ #include "nsISupports.idl" #include "nsIPrincipal.idl" %{C++ #include "jspubtd.h" %} [ptr] native JSContextPtr(JSContext); interface nsIURI; [uuid(58df5780-8006-11d2-bd91-00805f8ae3f4)] interface nsIScriptSecurityManager : nsISupports { ///////////////// Principals /////////////////////// /** * Return the principal of the innermost frame of the currently * executing script. Will return null if there is no script * currently executing. */ nsIPrincipal GetSubjectPrincipal(); /** * Return the all-powerful system principal. */ nsIPrincipal GetSystemPrincipal(); /** * Return a principal that can be QI'd to nsICodebasePrincipal and * has the same origin as aURI. */ nsIPrincipal GetCodebasePrincipal(in nsIURI aURI); /** * Return a principal that can be QI'd to nsICertificatePrincipal. */ nsIPrincipal GetCertificatePrincipal(in string aIssuer, in string aSerialNumber); ///////////////// Security Checks ////////////////// /** * Checks whether the currently executing script can access the given * property. * * @param cx The current active JavaScript context * @param obj The object that is being accessed * @param prop The ordinal of the property being accessed (see nsDOMPropEnums.h) * @param isWrite True if write access is being attempted */ void CheckScriptAccess(in JSContextPtr cx, in voidStar obj, in long prop, in boolean isWrite); /** * Check that the script with context "cx" can load "uri". * * Will return error code NS_ERROR_DOM_BAD_URI if the load request * should be denied. * * @param cx the JSContext of the script causing the load * @param uri the URI that is being loaded */ void CheckLoadURIFromScript(in JSContextPtr cx, in nsIURI uri); /** * Check that content from "from" can load "uri". * * Will return error code NS_ERROR_DOM_BAD_URI if the load request * should be denied. * * @param from the URI causing the load * @param uri the URI that is being loaded * @param disallowFromMail if true, return NS_ERROR_DOM_BAD_URI if 'from' * is a URI associated with mail or news */ void CheckLoadURI(in nsIURI from, in nsIURI uri, in boolean disallowFromMail); /** * Return true if content from the given principal is allowed to * execute scripts. */ boolean CanExecuteScripts(in nsIPrincipal principal); /** * Return true if the given JavaScript function was compiled with * a principal that is allowed to execute scripts. */ boolean CanExecuteFunction(in voidStar jsFunction); ///////////////// Capabilities ///////////////////// /** * Return true if the currently executing script has 'capability' enabled. */ boolean IsCapabilityEnabled(in string capability); /** * Enable 'capability' in the innermost frame of the currently executing * script. */ void EnableCapability(in string capability); /** * Remove 'capability' from the innermost frame of the currently executing * script. Any setting of 'capability' from enclosing frames thus comes into * effect. */ void RevertCapability(in string capability); /** * Disable 'capability' in the innermost frame of the currently executing * script. */ void DisableCapability(in string capability); }; %{C++ #define NS_SCRIPTSECURITYMANAGER_PROGID "component://netscape/scriptsecuritymanager" #define NS_SCRIPTSECURITYMANAGER_CLASSNAME "scriptsecuritymanager" %}