summaryrefslogtreecommitdiffstats
path: root/caps/nsScriptSecurityManager.h
diff options
context:
space:
mode:
Diffstat (limited to 'caps/nsScriptSecurityManager.h')
-rw-r--r--caps/nsScriptSecurityManager.h142
1 files changed, 142 insertions, 0 deletions
diff --git a/caps/nsScriptSecurityManager.h b/caps/nsScriptSecurityManager.h
new file mode 100644
index 0000000000..bc55a70ad6
--- /dev/null
+++ b/caps/nsScriptSecurityManager.h
@@ -0,0 +1,142 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=4 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#ifndef nsScriptSecurityManager_h__
+#define nsScriptSecurityManager_h__
+
+#include "nsIScriptSecurityManager.h"
+
+#include "mozilla/Maybe.h"
+#include "nsIPrincipal.h"
+#include "nsCOMPtr.h"
+#include "nsServiceManagerUtils.h"
+#include "nsStringFwd.h"
+#include "js/TypeDecls.h"
+
+#include <stdint.h>
+
+class nsIIOService;
+class nsIStringBundle;
+
+namespace mozilla {
+class OriginAttributes;
+class SystemPrincipal;
+} // namespace mozilla
+
+namespace JS {
+enum class RuntimeCode;
+} // namespace JS
+
+/////////////////////////////
+// nsScriptSecurityManager //
+/////////////////////////////
+#define NS_SCRIPTSECURITYMANAGER_CID \
+ { \
+ 0x7ee2a4c0, 0x4b93, 0x17d3, { \
+ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 \
+ } \
+ }
+
+class nsScriptSecurityManager final : public nsIScriptSecurityManager {
+ public:
+ static void Shutdown();
+
+ NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
+
+ NS_DECL_ISUPPORTS
+ NS_DECL_NSISCRIPTSECURITYMANAGER
+
+ static nsScriptSecurityManager* GetScriptSecurityManager();
+
+ // Invoked exactly once, by XPConnect.
+ static void InitStatics();
+
+ void InitJSCallbacks(JSContext* aCx);
+
+ // This has to be static because it is called after gScriptSecMan is cleared.
+ static void ClearJSCallbacks(JSContext* aCx);
+
+ static already_AddRefed<mozilla::SystemPrincipal>
+ SystemPrincipalSingletonConstructor();
+
+ /**
+ * Utility method for comparing two URIs. For security purposes, two URIs
+ * are equivalent if their schemes, hosts, and ports (if any) match. This
+ * method returns true if aSubjectURI and aObjectURI have the same origin,
+ * false otherwise.
+ */
+ static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
+ static uint32_t SecurityHashURI(nsIURI* aURI);
+
+ static nsresult ReportError(const char* aMessageTag, nsIURI* aSource,
+ nsIURI* aTarget, bool aFromPrivateWindow,
+ uint64_t aInnerWindowID = 0);
+ static nsresult ReportError(const char* aMessageTag,
+ const nsACString& sourceSpec,
+ const nsACString& targetSpec,
+ bool aFromPrivateWindow,
+ uint64_t aInnerWindowID = 0);
+
+ static uint32_t HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
+
+ static bool GetStrictFileOriginPolicy() { return sStrictFileOriginPolicy; }
+
+ void DeactivateDomainPolicy();
+
+ private:
+ // GetScriptSecurityManager is the only call that can make one
+ nsScriptSecurityManager();
+ virtual ~nsScriptSecurityManager();
+
+ // Decides, based on CSP, whether or not eval() and stuff can be executed.
+ static bool ContentSecurityPolicyPermitsJSAction(JSContext* cx,
+ JS::RuntimeCode kind,
+ JS::Handle<JSString*> aCode);
+
+ static bool JSPrincipalsSubsume(JSPrincipals* first, JSPrincipals* second);
+
+ nsresult Init();
+
+ nsresult InitPrefs();
+
+ static void ScriptSecurityPrefChanged(const char* aPref, void* aSelf);
+ void ScriptSecurityPrefChanged(const char* aPref = nullptr);
+
+ inline void AddSitesToFileURIAllowlist(const nsCString& aSiteList);
+
+ nsresult GetChannelResultPrincipal(nsIChannel* aChannel,
+ nsIPrincipal** aPrincipal,
+ bool aIgnoreSandboxing);
+
+ nsresult CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI,
+ nsIURI* aSourceBaseURI, nsIURI* aTargetBaseURI,
+ uint32_t aFlags, bool aFromPrivateWindow,
+ uint64_t aInnerWindowID);
+
+ // Returns the file URI allowlist, initializing it if it has not been
+ // initialized.
+ const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIAllowlist();
+
+ nsCOMPtr<nsIPrincipal> mSystemPrincipal;
+ bool mPrefInitialized;
+ bool mIsJavaScriptEnabled;
+
+ // List of URIs whose domains and sub-domains are allowlisted to allow
+ // access to file: URIs. Lazily initialized; isNothing() when not yet
+ // initialized.
+ mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIAllowlist;
+
+ // This machinery controls new-style domain policies. The old-style
+ // policy machinery will be removed soon.
+ nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
+
+ static std::atomic<bool> sStrictFileOriginPolicy;
+
+ static mozilla::StaticRefPtr<nsIIOService> sIOService;
+ static nsIStringBundle* sStrBundle;
+};
+
+#endif // nsScriptSecurityManager_h__