summaryrefslogtreecommitdiffstats
path: root/dom/filesystem/FileSystemSecurity.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'dom/filesystem/FileSystemSecurity.cpp')
-rw-r--r--dom/filesystem/FileSystemSecurity.cpp106
1 files changed, 106 insertions, 0 deletions
diff --git a/dom/filesystem/FileSystemSecurity.cpp b/dom/filesystem/FileSystemSecurity.cpp
new file mode 100644
index 0000000000..b9468270d4
--- /dev/null
+++ b/dom/filesystem/FileSystemSecurity.cpp
@@ -0,0 +1,106 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+#include "FileSystemSecurity.h"
+#include "FileSystemUtils.h"
+#include "mozilla/ClearOnShutdown.h"
+#include "mozilla/ipc/BackgroundParent.h"
+#include "mozilla/StaticPtr.h"
+
+namespace mozilla::dom {
+
+namespace {
+
+StaticRefPtr<FileSystemSecurity> gFileSystemSecurity;
+
+} // namespace
+
+/* static */
+already_AddRefed<FileSystemSecurity> FileSystemSecurity::Get() {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+
+ RefPtr<FileSystemSecurity> service = gFileSystemSecurity.get();
+ return service.forget();
+}
+
+/* static */
+already_AddRefed<FileSystemSecurity> FileSystemSecurity::GetOrCreate() {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+
+ if (!gFileSystemSecurity) {
+ gFileSystemSecurity = new FileSystemSecurity();
+ ClearOnShutdown(&gFileSystemSecurity);
+ }
+
+ RefPtr<FileSystemSecurity> service = gFileSystemSecurity.get();
+ return service.forget();
+}
+
+FileSystemSecurity::FileSystemSecurity() {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+}
+
+FileSystemSecurity::~FileSystemSecurity() {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+}
+
+void FileSystemSecurity::GrantAccessToContentProcess(
+ ContentParentId aId, const nsAString& aDirectoryPath) {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+
+ mPaths.WithEntryHandle(aId, [&](auto&& entry) {
+ if (entry && entry.Data()->Contains(aDirectoryPath)) {
+ return;
+ }
+
+ entry.OrInsertWith([] { return MakeUnique<nsTArray<nsString>>(); })
+ ->AppendElement(aDirectoryPath);
+ });
+}
+
+void FileSystemSecurity::Forget(ContentParentId aId) {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+
+ mPaths.Remove(aId);
+}
+
+bool FileSystemSecurity::ContentProcessHasAccessTo(ContentParentId aId,
+ const nsAString& aPath) {
+ MOZ_ASSERT(NS_IsMainThread());
+ mozilla::ipc::AssertIsInMainProcess();
+
+#if defined(XP_WIN)
+ if (StringBeginsWith(aPath, u"..\\"_ns) ||
+ FindInReadable(u"\\..\\"_ns, aPath)) {
+ return false;
+ }
+#elif defined(XP_UNIX)
+ if (StringBeginsWith(aPath, u"../"_ns) || FindInReadable(u"/../"_ns, aPath)) {
+ return false;
+ }
+#endif
+
+ nsTArray<nsString>* paths;
+ if (!mPaths.Get(aId, &paths)) {
+ return false;
+ }
+
+ for (uint32_t i = 0, len = paths->Length(); i < len; ++i) {
+ if (FileSystemUtils::IsDescendantPath(paths->ElementAt(i), aPath)) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+} // namespace mozilla::dom