summaryrefslogtreecommitdiffstats
path: root/dom/base/nsContentPolicy.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/base/nsContentPolicy.cpp')
-rw-r--r--dom/base/nsContentPolicy.cpp173
1 files changed, 173 insertions, 0 deletions
diff --git a/dom/base/nsContentPolicy.cpp b/dom/base/nsContentPolicy.cpp
new file mode 100644
index 0000000000..003bffb01b
--- /dev/null
+++ b/dom/base/nsContentPolicy.cpp
@@ -0,0 +1,173 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+// vim: ft=cpp tw=80 sw=2 et ts=8
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/*
+ * Implementation of the "@mozilla.org/layout/content-policy;1" contract.
+ */
+
+#include "mozilla/Logging.h"
+
+#include "nsISupports.h"
+#include "nsXPCOM.h"
+#include "nsContentPolicyUtils.h"
+#include "mozilla/dom/nsCSPService.h"
+#include "nsContentPolicy.h"
+#include "nsIURI.h"
+#include "nsIBrowserChild.h"
+#include "nsIContent.h"
+#include "nsIImageLoadingContent.h"
+#include "nsCOMArray.h"
+#include "nsContentUtils.h"
+#include "mozilla/dom/nsMixedContentBlocker.h"
+#include "nsIContentSecurityPolicy.h"
+#include "mozilla/TaskCategory.h"
+
+class nsIDOMWindow;
+
+using mozilla::LogLevel;
+
+NS_IMPL_ISUPPORTS(nsContentPolicy, nsIContentPolicy)
+
+static mozilla::LazyLogModule gConPolLog("nsContentPolicy");
+
+nsresult NS_NewContentPolicy(nsIContentPolicy** aResult) {
+ *aResult = new nsContentPolicy;
+ NS_ADDREF(*aResult);
+ return NS_OK;
+}
+
+nsContentPolicy::nsContentPolicy() : mPolicies(NS_CONTENTPOLICY_CATEGORY) {}
+
+nsContentPolicy::~nsContentPolicy() = default;
+
+#ifdef DEBUG
+# define WARN_IF_URI_UNINITIALIZED(uri, name) \
+ PR_BEGIN_MACRO \
+ if ((uri)) { \
+ nsAutoCString spec; \
+ (uri)->GetAsciiSpec(spec); \
+ if (spec.IsEmpty()) { \
+ NS_WARNING(name " is uninitialized, fix caller"); \
+ } \
+ } \
+ PR_END_MACRO
+
+#else // ! defined(DEBUG)
+
+# define WARN_IF_URI_UNINITIALIZED(uri, name)
+
+#endif // defined(DEBUG)
+
+inline nsresult nsContentPolicy::CheckPolicy(CPMethod policyMethod,
+ nsIURI* contentLocation,
+ nsILoadInfo* loadInfo,
+ const nsACString& mimeType,
+ int16_t* decision) {
+ nsCOMPtr<nsISupports> requestingContext = loadInfo->GetLoadingContext();
+ // sanity-check passed-through parameters
+ MOZ_ASSERT(decision, "Null out pointer");
+ WARN_IF_URI_UNINITIALIZED(contentLocation, "Request URI");
+
+#ifdef DEBUG
+ {
+ nsCOMPtr<nsINode> node(do_QueryInterface(requestingContext));
+ nsCOMPtr<nsIDOMWindow> window(do_QueryInterface(requestingContext));
+ nsCOMPtr<nsIBrowserChild> browserChild(
+ do_QueryInterface(requestingContext));
+ NS_ASSERTION(!requestingContext || node || window || browserChild,
+ "Context should be a DOM node, DOM window or a browserChild!");
+ }
+#endif
+
+ nsCOMPtr<mozilla::dom::Document> doc;
+ nsCOMPtr<nsIContent> node = do_QueryInterface(requestingContext);
+ if (node) {
+ doc = node->OwnerDoc();
+ }
+ if (!doc) {
+ doc = do_QueryInterface(requestingContext);
+ }
+
+ /*
+ * Enumerate mPolicies and ask each of them, taking the logical AND of
+ * their permissions.
+ */
+ nsresult rv;
+ const nsCOMArray<nsIContentPolicy>& entries = mPolicies.GetCachedEntries();
+
+ nsCOMPtr<nsPIDOMWindowOuter> window;
+ if (nsCOMPtr<nsINode> node = do_QueryInterface(requestingContext)) {
+ window = node->OwnerDoc()->GetWindow();
+ } else {
+ window = do_QueryInterface(requestingContext);
+ }
+
+ if (doc) {
+ nsCOMPtr<nsIContentSecurityPolicy> csp = doc->GetCsp();
+ if (csp && window) {
+ csp->EnsureEventTarget(
+ window->EventTargetFor(mozilla::TaskCategory::Other));
+ }
+ }
+
+ int32_t count = entries.Count();
+ for (int32_t i = 0; i < count; i++) {
+ /* check the appropriate policy */
+ rv = (entries[i]->*policyMethod)(contentLocation, loadInfo, mimeType,
+ decision);
+
+ if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
+ /* policy says no, no point continuing to check */
+ return NS_OK;
+ }
+ }
+
+ // everyone returned failure, or no policies: sanitize result
+ *decision = nsIContentPolicy::ACCEPT;
+ return NS_OK;
+}
+
+// uses the parameters from ShouldXYZ to produce and log a message
+// logType must be a literal string constant
+#define LOG_CHECK(logType) \
+ PR_BEGIN_MACRO \
+ /* skip all this nonsense if the call failed or logging is disabled */ \
+ if (NS_SUCCEEDED(rv) && MOZ_LOG_TEST(gConPolLog, LogLevel::Debug)) { \
+ const char* resultName; \
+ if (decision) { \
+ resultName = NS_CP_ResponseName(*decision); \
+ } else { \
+ resultName = "(null ptr)"; \
+ } \
+ MOZ_LOG( \
+ gConPolLog, LogLevel::Debug, \
+ ("Content Policy: " logType ": <%s> result=%s", \
+ contentLocation ? contentLocation->GetSpecOrDefault().get() : "None", \
+ resultName)); \
+ } \
+ PR_END_MACRO
+
+NS_IMETHODIMP
+nsContentPolicy::ShouldLoad(nsIURI* contentLocation, nsILoadInfo* loadInfo,
+ const nsACString& mimeType, int16_t* decision) {
+ // ShouldProcess does not need a content location, but we do
+ MOZ_ASSERT(contentLocation, "Must provide request location");
+ nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentLocation,
+ loadInfo, mimeType, decision);
+ LOG_CHECK("ShouldLoad");
+
+ return rv;
+}
+
+NS_IMETHODIMP
+nsContentPolicy::ShouldProcess(nsIURI* contentLocation, nsILoadInfo* loadInfo,
+ const nsACString& mimeType, int16_t* decision) {
+ nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentLocation,
+ loadInfo, mimeType, decision);
+ LOG_CHECK("ShouldProcess");
+
+ return rv;
+}