diff options
Diffstat (limited to '')
-rw-r--r-- | netwerk/base/mozIThirdPartyUtil.idl | 231 |
1 files changed, 231 insertions, 0 deletions
diff --git a/netwerk/base/mozIThirdPartyUtil.idl b/netwerk/base/mozIThirdPartyUtil.idl new file mode 100644 index 0000000000..0c029942d8 --- /dev/null +++ b/netwerk/base/mozIThirdPartyUtil.idl @@ -0,0 +1,231 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "nsISupports.idl" + +interface nsIURI; +interface mozIDOMWindowProxy; +interface nsIChannel; +interface nsIPrincipal; +interface nsILoadInfo; + +%{C++ + +#include "mozilla/EnumSet.h" + +enum class ThirdPartyAnalysis { + IsForeign, + IsThirdPartyTrackingResource, + IsThirdPartySocialTrackingResource, + IsStorageAccessPermissionGranted, +}; + +using ThirdPartyAnalysisResult = mozilla::EnumSet<ThirdPartyAnalysis>; + +typedef bool (*RequireThirdPartyCheck)(nsILoadInfo*); + +%} + +native ThirdPartyAnalysisResult(ThirdPartyAnalysisResult); +native RequireThirdPartyCheck(RequireThirdPartyCheck); + +/** + * Utility functions for determining whether a given URI, channel, or window + * hierarchy is third party with respect to a known URI. + */ +[scriptable, builtinclass, uuid(fd82700e-ffb4-4932-b7d6-08f0b5697dda)] +interface mozIThirdPartyUtil : nsISupports +{ + /** + * isThirdPartyURI + * + * Determine whether two URIs are third party with respect to each other. + * This is determined by computing the base domain for both URIs. If they can + * be determined, and the base domains match, the request is defined as first + * party. If it cannot be determined because one or both URIs do not have a + * base domain (for instance, in the case of IP addresses, host aliases such + * as 'localhost', or a file:// URI), an exact string comparison on host is + * performed. + * + * For example, the URI "http://mail.google.com/" is not third party with + * respect to "http://images.google.com/", but "http://mail.yahoo.com/" and + * "http://192.168.1.1/" are. + * + * @return true if aFirstURI is third party with respect to aSecondURI. + * + * @throws if either URI is null, has a malformed host, or has an empty host + * and is not a file:// URI. + */ + boolean isThirdPartyURI(in nsIURI aFirstURI, in nsIURI aSecondURI); + + /** + * isThirdPartyWindow + * + * Determine whether the given window hierarchy is third party. This is done + * as follows: + * + * 1) Obtain the URI of the principal associated with 'aWindow'. Call this the + * 'bottom URI'. + * 2) If 'aURI' is provided, determine if it is third party with respect to + * the bottom URI. If so, return. + * 3) Find the same-type parent window, if there is one, and its URI. + * Determine whether it is third party with respect to the bottom URI. If + * so, return. + * + * Therefore, each level in the window hierarchy is tested. (This means that + * nested iframes with different base domains, even though the bottommost and + * topmost URIs might be equal, will be considered third party.) + * + * @param aWindow + * The bottommost window in the hierarchy. + * @param aURI + * A URI to test against. If null, the URI of the principal + * associated with 'aWindow' will be used. + * + * For example, if 'aURI' is "http://mail.google.com/", 'aWindow' has a URI + * of "http://google.com/", and its parent is the topmost content window with + * a URI of "http://mozilla.com", the result will be true. + * + * @return true if 'aURI' is third party with respect to any of the URIs + * associated with aWindow and its same-type parents. + * + * @throws if aWindow is null; the same-type parent of any window in the + * hierarchy cannot be determined; or the URI associated with any + * window in the hierarchy is null, has a malformed host, or has an + * empty host and is not a file:// URI. + * + * @see isThirdPartyURI + */ + boolean isThirdPartyWindow(in mozIDOMWindowProxy aWindow, [optional] in nsIURI aURI); + + /** + * isThirdPartyChannel + * + * Determine whether the given channel and its content window hierarchy is + * third party. This is done as follows: + * + * 1) If 'aChannel' is an nsIHttpChannel and has the + * 'forceAllowThirdPartyCookie' property set, then: + * a) If 'aURI' is null, return false. + * b) Otherwise, find the URI of the channel, determine whether it is + * foreign with respect to 'aURI', and return. + * 2) Find the URI of the channel and determine whether it is third party with + * respect to the URI of the channel. If so, return. + * 3) Obtain the bottommost nsIDOMWindow, and its same-type parent if it + * exists, from the channel's notification callbacks. Then: + * a) If the parent is the same as the bottommost window, and the channel + * has the LOAD_DOCUMENT_URI flag set, return false. This represents the + * case where a toplevel load is occurring and the window's URI has not + * yet been updated. (We have already checked that 'aURI' is not foreign + * with respect to the channel URI.) + * b) Otherwise, return the result of isThirdPartyWindow with arguments + * of the channel's bottommost window and the channel URI, respectively. + * + * Therefore, both the channel's URI and each level in the window hierarchy + * associated with the channel is tested. + * + * @param aChannel + * The channel associated with the load. + * @param aURI + * A URI to test against. If null, the URI of the channel will be used. + * + * For example, if 'aURI' is "http://mail.google.com/", 'aChannel' has a URI + * of "http://google.com/", and its parent is the topmost content window with + * a URI of "http://mozilla.com", the result will be true. + * + * @return true if aURI is third party with respect to the channel URI or any + * of the URIs associated with the same-type window hierarchy of the + * channel. + * + * @throws if 'aChannel' is null; the channel has no notification callbacks or + * an associated window; or isThirdPartyWindow throws. + * + * @see isThirdPartyWindow + */ + boolean isThirdPartyChannel(in nsIChannel aChannel, [optional] in nsIURI aURI); + + /** + * getBaseDomain + * + * Get the base domain for aHostURI; e.g. for "www.bbc.co.uk", this would be + * "bbc.co.uk". Only properly-formed URI's are tolerated, though a trailing + * dot may be present. If aHostURI is an IP address, an alias such as + * 'localhost', an eTLD such as 'co.uk', or the empty string, aBaseDomain will + * be the exact host. The result of this function should only be used in exact + * string comparisons, since substring comparisons will not be valid for the + * special cases elided above. + * + * @param aHostURI + * The URI to analyze. + * + * @return the base domain. + */ + AUTF8String getBaseDomain(in nsIURI aHostURI); + + /** + * NOTE: Long term, this method won't be needed once bug 922464 is fixed which + * will make it possible to parse all URI's off the main thread. + * + * getBaseDomainFromSchemeHost + * + * Get the base domain for aScheme and aHost. Otherwise identical to + * getBaseDomain(). + * + * @param aScheme + * The scheme to analyze. + * + * @param aAsciiHost + * The host to analyze. + * + * @return the base domain. + */ + AUTF8String getBaseDomainFromSchemeHost(in AUTF8String aScheme, + in AUTF8String aAsciiHost); + + /** + * getURIFromWindow + * + * Returns the URI associated with the script object principal for the + * window. + */ + nsIURI getURIFromWindow(in mozIDOMWindowProxy aWindow); + + /** + * getPrincipalFromWindow + * + * Returns the script object principal for the window. + */ + nsIPrincipal getPrincipalFromWindow(in mozIDOMWindowProxy aWindow); + + /** + * getTopWindowForChannel + * + * Returns the top-level window associated with the given channel. + */ + [noscript] + mozIDOMWindowProxy getTopWindowForChannel(in nsIChannel aChannel, [optional] in nsIURI aURIBeingLoaded); + + /* + * Performs a full analysis of a channel. + * + * aChannel the input channel + * aNotify whether to send content blocking notifications if access control checks fail + * aURI optional URI to check for (the channel URI will be used instead if not provided) + * aRequireThirdPartyCheck a functor used to determine whether the load info requires third-party checks + */ + [noscript, notxpcom] + ThirdPartyAnalysisResult analyzeChannel(in nsIChannel aChannel, + in boolean aNotify, + [optional] in nsIURI aURI, + [optional] in RequireThirdPartyCheck aRequireThirdPartyCheck, + out uint32_t aRejectedReason); +}; + +%{ C++ +/** + * The mozIThirdPartyUtil implementation is an XPCOM service registered + * under the ContractID: + */ +#define THIRDPARTYUTIL_CONTRACTID "@mozilla.org/thirdpartyutil;1" +%} |