summaryrefslogtreecommitdiffstats
path: root/image/ImageBlocker.cpp
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-19 00:47:55 +0000
commit26a029d407be480d791972afb5975cf62c9360a6 (patch)
treef435a8308119effd964b339f76abb83a57c29483 /image/ImageBlocker.cpp
parentInitial commit. (diff)
downloadfirefox-upstream/124.0.1.tar.xz
firefox-upstream/124.0.1.zip
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--image/ImageBlocker.cpp63
1 files changed, 63 insertions, 0 deletions
diff --git a/image/ImageBlocker.cpp b/image/ImageBlocker.cpp
new file mode 100644
index 0000000000..c8ff1baaaf
--- /dev/null
+++ b/image/ImageBlocker.cpp
@@ -0,0 +1,63 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "ImageBlocker.h"
+#include "nsIPermissionManager.h"
+#include "nsContentUtils.h"
+#include "mozilla/StaticPrefs_permissions.h"
+#include "nsNetUtil.h"
+
+using namespace mozilla;
+using namespace mozilla::image;
+
+NS_IMPL_ISUPPORTS(ImageBlocker, nsIContentPolicy)
+
+NS_IMETHODIMP
+ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
+ int16_t* aShouldLoad) {
+ *aShouldLoad = nsIContentPolicy::ACCEPT;
+
+ if (!aContentLocation) {
+ // Bug 1720280: Ideally we should block the load, but to avoid a potential
+ // null pointer deref, we return early in this case. Please note that
+ // the ImageBlocker only applies about http/https loads anyway.
+ return NS_OK;
+ }
+
+ ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType();
+ if (contentType != ExtContentPolicy::TYPE_IMAGE &&
+ contentType != ExtContentPolicy::TYPE_IMAGESET) {
+ return NS_OK;
+ }
+
+ if (ImageBlocker::ShouldBlock(aContentLocation)) {
+ NS_SetRequestBlockingReason(
+ aLoadInfo, nsILoadInfo::BLOCKING_REASON_CONTENT_POLICY_CONTENT_BLOCKED);
+ *aShouldLoad = nsIContentPolicy::REJECT_TYPE;
+ }
+
+ return NS_OK;
+}
+
+NS_IMETHODIMP
+ImageBlocker::ShouldProcess(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo,
+ int16_t* aShouldProcess) {
+ // We block images at load level already, so those should not end up here.
+ *aShouldProcess = nsIContentPolicy::ACCEPT;
+ return NS_OK;
+}
+
+/* static */
+bool ImageBlocker::ShouldBlock(nsIURI* aContentLocation) {
+ // Block loading images depending on the permissions.default.image pref.
+ if (StaticPrefs::permissions_default_image() !=
+ nsIPermissionManager::DENY_ACTION) {
+ return false;
+ }
+
+ // we only want to check http, https
+ // for chrome:// and resources and others, no need to check.
+ return aContentLocation->SchemeIs("http") ||
+ aContentLocation->SchemeIs("https");
+}