diff options
Diffstat (limited to 'dom/filesystem/FileSystemSecurity.cpp')
-rw-r--r-- | dom/filesystem/FileSystemSecurity.cpp | 106 |
1 files changed, 106 insertions, 0 deletions
diff --git a/dom/filesystem/FileSystemSecurity.cpp b/dom/filesystem/FileSystemSecurity.cpp new file mode 100644 index 0000000000..b9468270d4 --- /dev/null +++ b/dom/filesystem/FileSystemSecurity.cpp @@ -0,0 +1,106 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "FileSystemSecurity.h" +#include "FileSystemUtils.h" +#include "mozilla/ClearOnShutdown.h" +#include "mozilla/ipc/BackgroundParent.h" +#include "mozilla/StaticPtr.h" + +namespace mozilla::dom { + +namespace { + +StaticRefPtr<FileSystemSecurity> gFileSystemSecurity; + +} // namespace + +/* static */ +already_AddRefed<FileSystemSecurity> FileSystemSecurity::Get() { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); + + RefPtr<FileSystemSecurity> service = gFileSystemSecurity.get(); + return service.forget(); +} + +/* static */ +already_AddRefed<FileSystemSecurity> FileSystemSecurity::GetOrCreate() { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); + + if (!gFileSystemSecurity) { + gFileSystemSecurity = new FileSystemSecurity(); + ClearOnShutdown(&gFileSystemSecurity); + } + + RefPtr<FileSystemSecurity> service = gFileSystemSecurity.get(); + return service.forget(); +} + +FileSystemSecurity::FileSystemSecurity() { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); +} + +FileSystemSecurity::~FileSystemSecurity() { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); +} + +void FileSystemSecurity::GrantAccessToContentProcess( + ContentParentId aId, const nsAString& aDirectoryPath) { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); + + mPaths.WithEntryHandle(aId, [&](auto&& entry) { + if (entry && entry.Data()->Contains(aDirectoryPath)) { + return; + } + + entry.OrInsertWith([] { return MakeUnique<nsTArray<nsString>>(); }) + ->AppendElement(aDirectoryPath); + }); +} + +void FileSystemSecurity::Forget(ContentParentId aId) { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); + + mPaths.Remove(aId); +} + +bool FileSystemSecurity::ContentProcessHasAccessTo(ContentParentId aId, + const nsAString& aPath) { + MOZ_ASSERT(NS_IsMainThread()); + mozilla::ipc::AssertIsInMainProcess(); + +#if defined(XP_WIN) + if (StringBeginsWith(aPath, u"..\\"_ns) || + FindInReadable(u"\\..\\"_ns, aPath)) { + return false; + } +#elif defined(XP_UNIX) + if (StringBeginsWith(aPath, u"../"_ns) || FindInReadable(u"/../"_ns, aPath)) { + return false; + } +#endif + + nsTArray<nsString>* paths; + if (!mPaths.Get(aId, &paths)) { + return false; + } + + for (uint32_t i = 0, len = paths->Length(); i < len; ++i) { + if (FileSystemUtils::IsDescendantPath(paths->ElementAt(i), aPath)) { + return true; + } + } + + return false; +} + +} // namespace mozilla::dom |