1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
const PREF_TEST_WHITELIST = "browser.uitour.testingOrigins";
const UITOUR_PERMISSION = "uitour";
export class UITourChild extends JSWindowActorChild {
handleEvent(event) {
if (!Services.prefs.getBoolPref("browser.uitour.enabled")) {
return;
}
if (!this.ensureTrustedOrigin()) {
return;
}
this.sendAsyncMessage("UITour:onPageEvent", {
detail: event.detail,
type: event.type,
pageVisibilityState: this.document.visibilityState,
});
}
isTestingOrigin(aURI) {
if (
Services.prefs.getPrefType(PREF_TEST_WHITELIST) !=
Services.prefs.PREF_STRING
) {
return false;
}
// Add any testing origins (comma-seperated) to the whitelist for the session.
for (let origin of Services.prefs
.getCharPref(PREF_TEST_WHITELIST)
.split(",")) {
try {
let testingURI = Services.io.newURI(origin);
if (aURI.prePath == testingURI.prePath) {
return true;
}
} catch (ex) {
console.error(ex);
}
}
return false;
}
// This function is copied from UITour.sys.mjs.
isSafeScheme(aURI) {
let allowedSchemes = new Set(["https", "about"]);
if (!Services.prefs.getBoolPref("browser.uitour.requireSecure")) {
allowedSchemes.add("http");
}
if (!allowedSchemes.has(aURI.scheme)) {
return false;
}
return true;
}
ensureTrustedOrigin() {
if (this.browsingContext.top != this.browsingContext) {
return false;
}
let uri = this.document.documentURIObject;
if (uri.schemeIs("chrome")) {
return true;
}
if (!this.isSafeScheme(uri)) {
return false;
}
let principal = Services.scriptSecurityManager.principalWithOA(
this.document.nodePrincipal,
{}
);
let permission = Services.perms.testPermissionFromPrincipal(
principal,
UITOUR_PERMISSION
);
if (permission == Services.perms.ALLOW_ACTION) {
return true;
}
// Bug 1557153: To allow Skyline messaging, workaround for UNKNOWN_ACTION
// overriding browser/app/permissions default
// Bug 1837407: Do a similar thing for support.mozilla.org for the same
// underlying issue (bug 1579517).
return (
uri.host == "www.mozilla.org" ||
uri.host == "support.mozilla.org" ||
this.isTestingOrigin(uri)
);
}
receiveMessage(aMessage) {
switch (aMessage.name) {
case "UITour:SendPageCallback":
this.sendPageEvent("Response", aMessage.data);
break;
case "UITour:SendPageNotification":
this.sendPageEvent("Notification", aMessage.data);
break;
}
}
sendPageEvent(type, detail) {
if (!this.ensureTrustedOrigin()) {
return;
}
let win = this.contentWindow;
let eventName = "mozUITour" + type;
let event = new win.CustomEvent(eventName, {
bubbles: true,
detail: Cu.cloneInto(detail, win),
});
win.document.dispatchEvent(event);
}
}
|
