From 26a029d407be480d791972afb5975cf62c9360a6 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 19 Apr 2024 02:47:55 +0200 Subject: Adding upstream version 124.0.1. Signed-off-by: Daniel Baumann --- image/ImageBlocker.cpp | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 image/ImageBlocker.cpp (limited to 'image/ImageBlocker.cpp') diff --git a/image/ImageBlocker.cpp b/image/ImageBlocker.cpp new file mode 100644 index 0000000000..c8ff1baaaf --- /dev/null +++ b/image/ImageBlocker.cpp @@ -0,0 +1,63 @@ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "ImageBlocker.h" +#include "nsIPermissionManager.h" +#include "nsContentUtils.h" +#include "mozilla/StaticPrefs_permissions.h" +#include "nsNetUtil.h" + +using namespace mozilla; +using namespace mozilla::image; + +NS_IMPL_ISUPPORTS(ImageBlocker, nsIContentPolicy) + +NS_IMETHODIMP +ImageBlocker::ShouldLoad(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo, + int16_t* aShouldLoad) { + *aShouldLoad = nsIContentPolicy::ACCEPT; + + if (!aContentLocation) { + // Bug 1720280: Ideally we should block the load, but to avoid a potential + // null pointer deref, we return early in this case. Please note that + // the ImageBlocker only applies about http/https loads anyway. + return NS_OK; + } + + ExtContentPolicyType contentType = aLoadInfo->GetExternalContentPolicyType(); + if (contentType != ExtContentPolicy::TYPE_IMAGE && + contentType != ExtContentPolicy::TYPE_IMAGESET) { + return NS_OK; + } + + if (ImageBlocker::ShouldBlock(aContentLocation)) { + NS_SetRequestBlockingReason( + aLoadInfo, nsILoadInfo::BLOCKING_REASON_CONTENT_POLICY_CONTENT_BLOCKED); + *aShouldLoad = nsIContentPolicy::REJECT_TYPE; + } + + return NS_OK; +} + +NS_IMETHODIMP +ImageBlocker::ShouldProcess(nsIURI* aContentLocation, nsILoadInfo* aLoadInfo, + int16_t* aShouldProcess) { + // We block images at load level already, so those should not end up here. + *aShouldProcess = nsIContentPolicy::ACCEPT; + return NS_OK; +} + +/* static */ +bool ImageBlocker::ShouldBlock(nsIURI* aContentLocation) { + // Block loading images depending on the permissions.default.image pref. + if (StaticPrefs::permissions_default_image() != + nsIPermissionManager::DENY_ACTION) { + return false; + } + + // we only want to check http, https + // for chrome:// and resources and others, no need to check. + return aContentLocation->SchemeIs("http") || + aContentLocation->SchemeIs("https"); +} -- cgit v1.2.3