1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
|
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2; -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef mozilla_extensions_WebExtensionPolicy_h
#define mozilla_extensions_WebExtensionPolicy_h
#include "MainThreadUtils.h"
#include "mozilla/RWLock.h"
#include "mozilla/dom/BindingDeclarations.h"
#include "mozilla/dom/BrowsingContextGroup.h"
#include "mozilla/dom/Nullable.h"
#include "mozilla/dom/WebExtensionPolicyBinding.h"
#include "mozilla/dom/WindowProxyHolder.h"
#include "mozilla/extensions/MatchPattern.h"
#include "jspubtd.h"
#include "mozilla/Result.h"
#include "mozilla/WeakPtr.h"
#include "nsCOMPtr.h"
#include "nsCycleCollectionParticipant.h"
#include "nsGkAtoms.h"
#include "nsISupports.h"
#include "nsWrapperCache.h"
namespace mozilla {
namespace dom {
class Promise;
} // namespace dom
namespace extensions {
using dom::WebAccessibleResourceInit;
using dom::WebExtensionInit;
using dom::WebExtensionLocalizeCallback;
class DocInfo;
class WebExtensionContentScript;
class WebAccessibleResource final {
public:
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(WebAccessibleResource)
WebAccessibleResource(dom::GlobalObject& aGlobal,
const WebAccessibleResourceInit& aInit,
ErrorResult& aRv);
bool IsWebAccessiblePath(const nsACString& aPath) const {
return mWebAccessiblePaths.Matches(aPath);
}
bool SourceMayAccessPath(const URLInfo& aURI, const nsACString& aPath) {
return mWebAccessiblePaths.Matches(aPath) &&
(IsHostMatch(aURI) || IsExtensionMatch(aURI));
}
bool IsHostMatch(const URLInfo& aURI) {
return mMatches && mMatches->Matches(aURI);
}
bool IsExtensionMatch(const URLInfo& aURI);
private:
~WebAccessibleResource() = default;
MatchGlobSet mWebAccessiblePaths;
RefPtr<MatchPatternSetCore> mMatches;
RefPtr<AtomSet> mExtensionIDs;
};
/// The thread-safe component of the WebExtensionPolicy.
///
/// Acts as a weak reference to the base WebExtensionPolicy.
class WebExtensionPolicyCore final {
public:
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(WebExtensionPolicyCore)
nsAtom* Id() const { return mId; }
const nsCString& MozExtensionHostname() const { return mHostname; }
nsIURI* BaseURI() const { return mBaseURI; }
bool IsPrivileged() { return mIsPrivileged; }
bool TemporarilyInstalled() { return mTemporarilyInstalled; }
const nsString& Name() const { return mName; }
nsAtom* Type() const { return mType; }
uint32_t ManifestVersion() const { return mManifestVersion; }
const nsString& ExtensionPageCSP() const { return mExtensionPageCSP; }
const nsString& BaseCSP() const { return mBaseCSP; }
const nsString& BackgroundWorkerScript() const {
return mBackgroundWorkerScript;
}
bool IsWebAccessiblePath(const nsACString& aPath) const {
for (const auto& resource : mWebAccessibleResources) {
if (resource->IsWebAccessiblePath(aPath)) {
return true;
}
}
return false;
}
bool SourceMayAccessPath(const URLInfo& aURI, const nsACString& aPath) const;
bool HasPermission(const nsAtom* aPermission) const {
AutoReadLock lock(mLock);
return mPermissions->Contains(aPermission);
}
void GetPermissions(nsTArray<nsString>& aResult) const MOZ_EXCLUDES(mLock) {
AutoReadLock lock(mLock);
return mPermissions->Get(aResult);
}
void SetPermissions(const nsTArray<nsString>& aPermissions)
MOZ_EXCLUDES(mLock) {
RefPtr<AtomSet> newPermissions = new AtomSet(aPermissions);
AutoWriteLock lock(mLock);
mPermissions = std::move(newPermissions);
}
bool CanAccessURI(const URLInfo& aURI, bool aExplicit = false,
bool aCheckRestricted = true,
bool aAllowFilePermission = false) const;
bool IgnoreQuarantine() const MOZ_EXCLUDES(mLock) {
AutoReadLock lock(mLock);
return mIgnoreQuarantine;
}
void SetIgnoreQuarantine(bool aIgnore) MOZ_EXCLUDES(mLock) {
AutoWriteLock lock(mLock);
mIgnoreQuarantine = aIgnore;
}
bool QuarantinedFromDoc(const DocInfo& aDoc) const;
bool QuarantinedFromURI(const URLInfo& aURI) const MOZ_EXCLUDES(mLock);
// Try to get a reference to the cycle-collected main-thread-only
// WebExtensionPolicy instance.
//
// Will return nullptr if the policy has already been unlinked or destroyed.
WebExtensionPolicy* GetMainThreadPolicy() const
MOZ_REQUIRES(sMainThreadCapability) {
return mPolicy;
}
private:
friend class WebExtensionPolicy;
WebExtensionPolicyCore(dom::GlobalObject& aGlobal,
WebExtensionPolicy* aPolicy,
const WebExtensionInit& aInit, ErrorResult& aRv);
~WebExtensionPolicyCore() = default;
void ClearPolicyWeakRef() MOZ_REQUIRES(sMainThreadCapability) {
mPolicy = nullptr;
}
// Unless otherwise guarded by a capability, all members on
// WebExtensionPolicyCore should be immutable and threadsafe.
WebExtensionPolicy* MOZ_NON_OWNING_REF mPolicy
MOZ_GUARDED_BY(sMainThreadCapability);
const RefPtr<nsAtom> mId;
/* const */ nsCString mHostname;
/* const */ nsCOMPtr<nsIURI> mBaseURI;
const nsString mName;
const RefPtr<nsAtom> mType;
const uint32_t mManifestVersion;
/* const */ nsString mExtensionPageCSP;
/* const */ nsString mBaseCSP;
const bool mIsPrivileged;
const bool mTemporarilyInstalled;
const nsString mBackgroundWorkerScript;
/* const */ nsTArray<RefPtr<WebAccessibleResource>> mWebAccessibleResources;
mutable RWLock mLock{"WebExtensionPolicyCore"};
bool mIgnoreQuarantine MOZ_GUARDED_BY(mLock);
RefPtr<AtomSet> mPermissions MOZ_GUARDED_BY(mLock);
RefPtr<MatchPatternSetCore> mHostPermissions MOZ_GUARDED_BY(mLock);
};
class WebExtensionPolicy final : public nsISupports, public nsWrapperCache {
public:
NS_DECL_CYCLE_COLLECTING_ISUPPORTS
NS_DECL_CYCLE_COLLECTION_WRAPPERCACHE_CLASS(WebExtensionPolicy)
using ScriptArray = nsTArray<RefPtr<WebExtensionContentScript>>;
static already_AddRefed<WebExtensionPolicy> Constructor(
dom::GlobalObject& aGlobal, const WebExtensionInit& aInit,
ErrorResult& aRv);
WebExtensionPolicyCore* Core() const { return mCore; }
nsAtom* Id() const { return mCore->Id(); }
void GetId(nsAString& aId) const { aId = nsDependentAtomString(Id()); };
const nsCString& MozExtensionHostname() const {
return mCore->MozExtensionHostname();
}
void GetMozExtensionHostname(nsACString& aHostname) const {
aHostname = MozExtensionHostname();
}
nsIURI* BaseURI() const { return mCore->BaseURI(); }
void GetBaseURL(nsACString& aBaseURL) const {
MOZ_ALWAYS_SUCCEEDS(mCore->BaseURI()->GetSpec(aBaseURL));
}
bool IsPrivileged() { return mCore->IsPrivileged(); }
bool TemporarilyInstalled() { return mCore->TemporarilyInstalled(); }
void GetURL(const nsAString& aPath, nsAString& aURL, ErrorResult& aRv) const;
Result<nsString, nsresult> GetURL(const nsAString& aPath) const;
void RegisterContentScript(WebExtensionContentScript& script,
ErrorResult& aRv);
void UnregisterContentScript(const WebExtensionContentScript& script,
ErrorResult& aRv);
void InjectContentScripts(ErrorResult& aRv);
bool CanAccessURI(const URLInfo& aURI, bool aExplicit = false,
bool aCheckRestricted = true,
bool aAllowFilePermission = false) const {
return mCore->CanAccessURI(aURI, aExplicit, aCheckRestricted,
aAllowFilePermission);
}
bool IsWebAccessiblePath(const nsACString& aPath) const {
return mCore->IsWebAccessiblePath(aPath);
}
bool SourceMayAccessPath(const URLInfo& aURI, const nsACString& aPath) const {
return mCore->SourceMayAccessPath(aURI, aPath);
}
bool HasPermission(const nsAtom* aPermission) const {
return mCore->HasPermission(aPermission);
}
bool HasPermission(const nsAString& aPermission) const {
RefPtr<nsAtom> atom = NS_AtomizeMainThread(aPermission);
return HasPermission(atom);
}
static bool IsRestrictedDoc(const DocInfo& aDoc);
static bool IsRestrictedURI(const URLInfo& aURI);
static bool IsQuarantinedDoc(const DocInfo& aDoc);
static bool IsQuarantinedURI(const URLInfo& aURI);
bool QuarantinedFromDoc(const DocInfo& aDoc) const {
return mCore->QuarantinedFromDoc(aDoc);
}
bool QuarantinedFromURI(const URLInfo& aURI) const {
return mCore->QuarantinedFromURI(aURI);
}
nsCString BackgroundPageHTML() const;
MOZ_CAN_RUN_SCRIPT
void Localize(const nsAString& aInput, nsString& aResult) const;
const nsString& Name() const { return mCore->Name(); }
void GetName(nsAString& aName) const { aName = Name(); }
nsAtom* Type() const { return mCore->Type(); }
void GetType(nsAString& aType) const {
aType = nsDependentAtomString(Type());
};
uint32_t ManifestVersion() const { return mCore->ManifestVersion(); }
const nsString& ExtensionPageCSP() const { return mCore->ExtensionPageCSP(); }
void GetExtensionPageCSP(nsAString& aCSP) const { aCSP = ExtensionPageCSP(); }
const nsString& BaseCSP() const { return mCore->BaseCSP(); }
void GetBaseCSP(nsAString& aCSP) const { aCSP = BaseCSP(); }
already_AddRefed<MatchPatternSet> AllowedOrigins() {
return do_AddRef(mHostPermissions);
}
void SetAllowedOrigins(MatchPatternSet& aAllowedOrigins);
void GetPermissions(nsTArray<nsString>& aResult) const {
mCore->GetPermissions(aResult);
}
void SetPermissions(const nsTArray<nsString>& aPermissions) {
mCore->SetPermissions(aPermissions);
}
bool IgnoreQuarantine() const { return mCore->IgnoreQuarantine(); }
void SetIgnoreQuarantine(bool aIgnore);
void GetContentScripts(ScriptArray& aScripts) const;
const ScriptArray& ContentScripts() const { return mContentScripts; }
bool Active() const { return mActive; }
void SetActive(bool aActive, ErrorResult& aRv);
bool PrivateBrowsingAllowed() const;
bool CanAccessContext(nsILoadContext* aContext) const;
bool CanAccessWindow(const dom::WindowProxyHolder& aWindow) const;
void GetReadyPromise(JSContext* aCx,
JS::MutableHandle<JSObject*> aResult) const;
dom::Promise* ReadyPromise() const { return mReadyPromise; }
const nsString& BackgroundWorkerScript() const {
return mCore->BackgroundWorkerScript();
}
void GetBackgroundWorker(nsString& aScriptURL) const {
aScriptURL.Assign(BackgroundWorkerScript());
}
bool IsManifestBackgroundWorker(const nsAString& aWorkerScriptURL) const {
return BackgroundWorkerScript().Equals(aWorkerScriptURL);
}
uint64_t GetBrowsingContextGroupId() const;
uint64_t GetBrowsingContextGroupId(ErrorResult& aRv);
static void GetActiveExtensions(
dom::GlobalObject& aGlobal,
nsTArray<RefPtr<WebExtensionPolicy>>& aResults);
static already_AddRefed<WebExtensionPolicy> GetByID(
dom::GlobalObject& aGlobal, const nsAString& aID);
static already_AddRefed<WebExtensionPolicy> GetByHostname(
dom::GlobalObject& aGlobal, const nsACString& aHostname);
static already_AddRefed<WebExtensionPolicy> GetByURI(
dom::GlobalObject& aGlobal, nsIURI* aURI);
static bool IsRestrictedURI(dom::GlobalObject& aGlobal, const URLInfo& aURI) {
return IsRestrictedURI(aURI);
}
static bool IsQuarantinedURI(dom::GlobalObject& aGlobal,
const URLInfo& aURI) {
return IsQuarantinedURI(aURI);
}
bool QuarantinedFromURI(dom::GlobalObject& aGlobal,
const URLInfo& aURI) const {
return QuarantinedFromURI(aURI);
}
static bool UseRemoteWebExtensions(dom::GlobalObject& aGlobal);
static bool IsExtensionProcess(dom::GlobalObject& aGlobal);
static bool BackgroundServiceWorkerEnabled(dom::GlobalObject& aGlobal);
static bool QuarantinedDomainsEnabled(dom::GlobalObject& aGlobal);
nsISupports* GetParentObject() const { return mParent; }
virtual JSObject* WrapObject(JSContext* aCx,
JS::Handle<JSObject*> aGivenProto) override;
protected:
~WebExtensionPolicy();
private:
WebExtensionPolicy(dom::GlobalObject& aGlobal, const WebExtensionInit& aInit,
ErrorResult& aRv);
bool Enable();
bool Disable();
nsCOMPtr<nsISupports> mParent;
RefPtr<WebExtensionPolicyCore> mCore;
dom::BrowsingContextGroup::KeepAlivePtr mBrowsingContextGroup;
bool mActive = false;
RefPtr<WebExtensionLocalizeCallback> mLocalizeCallback;
// NOTE: This is a mirror of the object in `mCore`, except with the
// non-threadsafe wrapper.
RefPtr<MatchPatternSet> mHostPermissions;
dom::Nullable<nsTArray<nsString>> mBackgroundScripts;
bool mBackgroundTypeModule = false;
nsTArray<RefPtr<WebExtensionContentScript>> mContentScripts;
RefPtr<dom::Promise> mReadyPromise;
};
} // namespace extensions
} // namespace mozilla
#endif // mozilla_extensions_WebExtensionPolicy_h
|