roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity
Files
074e62376e0935fff41c7928ee2ed95049b29b30
palemoon27/caps/nsScriptSecurityManager.h
T
roytam1 bb3c92a4bb import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1229623 - Remove compilation/database.py from mach_bootstrap.py. r=mshal (16de324bd5)
- Bug 1228208 - Make sure ICU flags are prepended before system flags. r=glandium (77a099bb4a)
- Bug 1176968 part 2: Add "requirement flags" field to media query features, and logic for ignoring the feature if requirements aren't met. r=heycam (f2fb438cc7)
- Bug 1176968 part 3: Add support for "-webkit-device-pixel-ratio" media query, along with its min/max variants (behind a pref). r=heycam (d9cf15f3f3)
- Bug 1176968 part 4: Add tests for -webkit-device-pixel-ratio, based on existing -moz tests. r=heycam (7a143f1310)
- Bug 1230863 - Remove unused nsPresContext args from many functions. r=roc. (8f3ca74bb8)
- Add APZ support for mousewheel.acceleration prefs. (bug 1214170 part 1, r=kats) (f9ead80db9)
- Add APZ support for mousewheel delta multiplier prefs. (bug 1214170 part 2, r=kats) (111d111124)
- Bug 1143618 - Follow-up to fix static analysis build bustage. r=me on a CLOSED TREE (57c395593f)
- Bug 1021845 - Before compositing, clip the visible region of a layer to the layer's clip rect. r=mattwoodrow (493ad91934)
- Bug 1152046 - move ClosingService::Start/Shutdown to nsIOService. r=mayhemer (4d078b7611)
- Bug 1226909 part 1: Do security checks in a redirect handler rather than when opening the redirected channel. r=ckerschb (30d23ad2ee)
- Bug 1226909 part 2: Let CORS preflight logic grab information from nsILoadInfo rather than duplicate it. r=ckerschb (04ece9d251)
- Bug 1214361 Test final response types after redirect. r=sicking a=abillings (3f288cae02)
- Bug 1210302 - Part 4: Add automated tests; r=sicking (b43a9a02c4)
- Bug 1226909 part 3: Move logic of when to initiate CORS preflight into channels. Allow CORS preflight to happen when doing a same-origin to cross-origin redirect. r=ckerschb (816498fdb5)
- Bug 1216793 - check against tracking protection list in fetch(). r=gcp (1ddeb07832)
- Bug 1228342 - initialize mTainting by all constructors. r=bkelly (60e63d22bd)
- Bug 1226909 part 4: Make AsyncOpen2 set taining information on channels. Use this information in XHR and fetch(). r=bkelly (3b0bc77efc)
- Bug 1214819. Add support for @crossorigin to <link rel=prefetch> so resources can be prefetched via anonymous CORS, for example. r=hurley (de8b0aef94)
- Bug 1216687: Add nsILoadInfo flags for cookie policies. r=ckerschb (f2634fd5b0)
- Bug 1213443 - Parallelism for <link rel=prefetch> r=bz (f5ee458126)
2023-05-12 10:38:28 +08:00

160 lines
4.4 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* vim: set ts=4 et sw=4 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsScriptSecurityManager_h__
#define nsScriptSecurityManager_h__
#include "nsIScriptSecurityManager.h"
#include "nsIAddonPolicyService.h"
#include "mozilla/Maybe.h"
#include "nsIAddonPolicyService.h"
#include "nsIPrincipal.h"
#include "nsCOMPtr.h"
#include "nsIObserver.h"
#include "nsServiceManagerUtils.h"
#include "plstr.h"
#include "js/TypeDecls.h"
#include <stdint.h>
class nsCString;
class nsIIOService;
class nsIStringBundle;
class nsSystemPrincipal;
namespace mozilla {
class OriginAttributes;
} // namespace mozilla
/////////////////////////////
// nsScriptSecurityManager //
/////////////////////////////
#define NS_SCRIPTSECURITYMANAGER_CID \
{ 0x7ee2a4c0, 0x4b93, 0x17d3, \
{ 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
class nsScriptSecurityManager final : public nsIScriptSecurityManager,
public nsIObserver
{
public:
static void Shutdown();
NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
NS_DECL_ISUPPORTS
NS_DECL_NSISCRIPTSECURITYMANAGER
NS_DECL_NSIOBSERVER
static nsScriptSecurityManager*
GetScriptSecurityManager();
// Invoked exactly once, by XPConnect.
static void InitStatics();
static nsSystemPrincipal*
SystemPrincipalSingletonConstructor();
JSContext* GetCurrentJSContext();
JSContext* GetSafeJSContext();
/**
* Utility method for comparing two URIs. For security purposes, two URIs
* are equivalent if their schemes, hosts, and ports (if any) match. This
* method returns true if aSubjectURI and aObjectURI have the same origin,
* false otherwise.
*/
static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
static uint32_t SecurityHashURI(nsIURI* aURI);
static uint16_t AppStatusForPrincipal(nsIPrincipal *aPrin);
static nsresult
ReportError(JSContext* cx, const nsAString& messageTag,
nsIURI* aSource, nsIURI* aTarget);
static uint32_t
HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
static bool
GetStrictFileOriginPolicy()
{
return sStrictFileOriginPolicy;
}
void DeactivateDomainPolicy();
private:
// GetScriptSecurityManager is the only call that can make one
nsScriptSecurityManager();
virtual ~nsScriptSecurityManager();
// Decides, based on CSP, whether or not eval() and stuff can be executed.
static bool
ContentSecurityPolicyPermitsJSAction(JSContext *cx);
static bool
JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second);
// Returns null if a principal cannot be found; generally callers
// should error out at that point.
static nsIPrincipal* doGetObjectPrincipal(JSObject* obj);
nsresult
Init();
nsresult
InitPrefs();
inline void
ScriptSecurityPrefChanged();
inline void
AddSitesToFileURIWhitelist(const nsCString& aSiteList);
// If aURI is a moz-extension:// URI, set mAddonId to the associated addon.
nsresult MaybeSetAddonIdFromURI(mozilla::OriginAttributes& aAttrs, nsIURI* aURI);
nsCOMPtr<nsIPrincipal> mSystemPrincipal;
bool mPrefInitialized;
bool mIsJavaScriptEnabled;
nsTArray<nsCOMPtr<nsIURI>> mFileURIWhitelist;
// This machinery controls new-style domain policies. The old-style
// policy machinery will be removed soon.
nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
// Cached addon policy service. We can't generate this in Init() because
// that's too early to get a service.
mozilla::Maybe<nsCOMPtr<nsIAddonPolicyService>> mAddonPolicyService;
nsIAddonPolicyService* GetAddonPolicyService()
{
if (mAddonPolicyService.isNothing()) {
mAddonPolicyService.emplace(do_GetService("@mozilla.org/addons/policy-service;1"));
}
return mAddonPolicyService.ref();
}
static bool sStrictFileOriginPolicy;
static nsIIOService *sIOService;
static nsIStringBundle *sStrBundle;
static JSRuntime *sRuntime;
};
namespace mozilla {
void
GetJarPrefix(uint32_t aAppid,
bool aInMozBrowser,
nsACString& aJarPrefix);
} // namespace mozilla
#endif // nsScriptSecurityManager_h__
Reference in New Issue View Git Blame Copy Permalink