mirror of
https://github.com/roytam1/UXP.git
synced 2026-05-26 05:38:39 +00:00
Moonchild
9847e9f759
Per the CSP specification, content injected by extensions is meant to be exempt from page CSP. This patch takes care of the most common case of content injected by extension content scripts, which always have expanded principals which inherit from the page principal. To make this easier, de-virtualize BasePrincipal::Kind(), using CTOR initializers instead.
79 lines
2.6 KiB
C++
79 lines
2.6 KiB
C++
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/**
|
|
* This is the principal that has no rights and can't be accessed by
|
|
* anything other than itself and chrome; null principals are not
|
|
* same-origin with anything but themselves.
|
|
*/
|
|
|
|
#ifndef nsNullPrincipal_h__
|
|
#define nsNullPrincipal_h__
|
|
|
|
#include "nsIPrincipal.h"
|
|
#include "nsJSPrincipals.h"
|
|
#include "nsIScriptSecurityManager.h"
|
|
#include "nsCOMPtr.h"
|
|
#include "nsIContentSecurityPolicy.h"
|
|
|
|
#include "mozilla/BasePrincipal.h"
|
|
|
|
class nsIDocShell;
|
|
class nsIURI;
|
|
|
|
#define NS_NULLPRINCIPAL_CID \
|
|
{ 0xbd066e5f, 0x146f, 0x4472, \
|
|
{ 0x83, 0x31, 0x7b, 0xfd, 0x05, 0xb1, 0xed, 0x90 } }
|
|
#define NS_NULLPRINCIPAL_CONTRACTID "@mozilla.org/nullprincipal;1"
|
|
|
|
#define NS_NULLPRINCIPAL_SCHEME "moz-nullprincipal"
|
|
|
|
class nsNullPrincipal final : public mozilla::BasePrincipal
|
|
{
|
|
public:
|
|
// This should only be used by deserialization, and the factory constructor.
|
|
// Other consumers should use the Create and CreateWithInheritedAttributes
|
|
// methods.
|
|
nsNullPrincipal()
|
|
: BasePrincipal(eNullPrincipal)
|
|
{}
|
|
|
|
NS_DECL_NSISERIALIZABLE
|
|
|
|
NS_IMETHOD QueryInterface(REFNSIID aIID, void** aInstancePtr) override;
|
|
NS_IMETHOD GetHashValue(uint32_t* aHashValue) override;
|
|
NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
|
|
NS_IMETHOD GetURI(nsIURI** aURI) override;
|
|
NS_IMETHOD GetDomain(nsIURI** aDomain) override;
|
|
NS_IMETHOD SetDomain(nsIURI* aDomain) override;
|
|
NS_IMETHOD GetBaseDomain(nsACString& aBaseDomain) override;
|
|
nsresult GetOriginInternal(nsACString& aOrigin) override;
|
|
|
|
static already_AddRefed<nsNullPrincipal> CreateWithInheritedAttributes(nsIPrincipal* aInheritFrom);
|
|
|
|
static already_AddRefed<nsNullPrincipal> CreateWithInheritedAttributes(nsIDocShell* aDocShell);
|
|
|
|
static already_AddRefed<nsNullPrincipal>
|
|
Create(const mozilla::PrincipalOriginAttributes& aOriginAttributes = mozilla::PrincipalOriginAttributes());
|
|
|
|
nsresult Init(const mozilla::PrincipalOriginAttributes& aOriginAttributes = mozilla::PrincipalOriginAttributes());
|
|
|
|
virtual nsresult GetScriptLocation(nsACString &aStr) override;
|
|
|
|
protected:
|
|
virtual ~nsNullPrincipal() {}
|
|
|
|
bool SubsumesInternal(nsIPrincipal* aOther, DocumentDomainConsideration aConsideration) override
|
|
{
|
|
return aOther == this;
|
|
}
|
|
|
|
bool MayLoadInternal(nsIURI* aURI) override;
|
|
|
|
nsCOMPtr<nsIURI> mURI;
|
|
};
|
|
|
|
#endif // nsNullPrincipal_h__
|