roytam1/palemoon27
1
0
Fork 0
mirror of https://github.com/roytam1/palemoon27.git synced 2026-05-26 14:18:48 +00:00
Code Issues Projects Releases Wiki Activity
Files
ef3af9173bd2395bb51b6286c61fce72afdb448d
palemoon27/dom/base/nsIMessageManager.idl
T
roytam1 b3dd358267 import changes from `dev' branch of rmottola/Arctic-Fox: 
- Bug 1247362 - move mAnonymousGlobalScope tracing into nsMessageManagerScriptExecutor; r=mccr8 (9b33b54bc9)
- Bug 1195881 - Contextual Identity working under e10s. r=tanvi r=sicking r=baku (b3fd69bd92)
- Bug 1174624 - Add the Transferable parameter into SendAsyncMessage of nsFrameMessageManager. r=baku (33911dc6f7)
- Bug 1174624 - Add PortIdentifier copy code in order to communicate with same process. r=baku (d597f24e20)
- Bug 1234176 - Do not send memory pressure events to applications sent into the background. r=dhylands (687f154573)
- Bug 1201394 - Remove unused mLRUPoolSize member variable. r=gsvelto (a109934b8d)
- Bug 1144132 follow up to fix static check build bustage on a CLOSED TREE with r=me (050f49060e)
- Bug 1153394 - make HangMonitorChild::sInstance an atomic variable; r=billm (89e6905f3f)
- Bug 1202952 - Fix directory picking for e10s on Windows by making FilePickerParent use the correct nsIFilePicker API for directory picking. r=roc (a7e964d4fa)
- Bug 1227312 - Avoid calling FinalizeChildData twice in GenerateCompleteMinidump. r=ted (c29e6786ae)
- Bug 1222109 - Initialize mHasGamepadListener in InitializeMembers(); r=cleu (8057137e5d)
- Bug 1231498 - ContentParent::RecvCreateWindow() should fail in opt builds if passed bad chromeflags. r=billm (639fb93101)
- minor indentation (f5dbd8996c)
- fix misspatch (3b306e0084)
- Bug 1101264: Truncate long sourceName messages since they can be massive data: URLs. r=bent (c528048e58)
- Bug 1233497 - Update test_bug1086684.html to not access CPOWs unsafely inside SpecialPowers. r=mrbkap (d5d161eac2)
- align tests (24d98036dc)
- Bug 1232931 Return null instead of throwing if swm.getWorkerByID() cannot find the worker. r=ochameau IGNORE IDL for comment only change (17f293f323)
- Bug 1186812 (part 3) - Replace nsBaseHashtable::EnumerateRead() calls in dom/{ipc,plugins}/. r=jimm. (a944fa4480)
- Bug 1234656 - Add TouchEvent ctor, r=mbrubeck (842245df14)
- Bug 1246854 - Remove unnecessary warning. r=botond (7d0532e516)
- Bug 1245393 - Measure s{,Default}RootBranch in the Preferences memory reporter. r=froydnj. (be200f9ebe)
- Bug 1089232 - Updates nsContentPrefService to take an extra isPrivate argument. r=adw (9ea4fe075d)
- Bug 1229519: Fix toolkit/components/contentprefs to pass eslint checks. r=mconley (e48b64448b)
- Bug 663570 - MetaCSP Part 6: CSP preload changes (r=sicking) (65700820c1)
- Bug 1030936 - [CSP] remove fast-path for certified apps once the C++ backend is activated. r=ckerschb (e9527e9cfc)
- Bug 1228497 - initialize 3 members in class. r=christophkerschbaumer (44414e8429)
- Bug 1208946 - Strip URIs in CSP reports (r=dveditz) (dd6c18a8ff)
- Bug 1247464 - Run CSP report URIs through the URL classifier. r=ckerschb (ebb3570172)
- Bug 1242909, r=ckerschb (569de89b26)
- Bug 1119565: Ensure that a plugin listener's stream type is always set, even when it is STREAM_TYPE_UNKNOWN; r=jimm (43fb9ebdb9)
- Bug 1228116 - Relax Security checks for DTD loads. r=sicking (b77e2c4531)
- Bug 1195173 - Use channel->ascynOpen2 layout/style/Loader.cpp (r=bz) (97de97b864)
- let-var (fb35f8f50c)
- Bug 1226324 - Do not use NS_ENSURCE_SUCCESS(rv, NS_OK) within nsContentSecurityManager. r=tanvi (745ecaf562)
- Bug 1221365 - Tests for "Is origin potentially trustworthy?" logic. r=ckerschb,bkelly (1d520ebcc5)
- Bug 1132211 - Dispatch an event when <input type=password> is added to a document (including outside of a form). r=smaug (3e9acb8bf3)
- Bug 1217766 - All PDFs trigger the insecure password warning. r=MattN,bz (0ea7e35b96)
- Bug 1155471 - Mark some members of nsNodeInfoManager as MOZ_NON_OWNING_REF; r=baku (bd47bcea10)
- Tests for bug 1200856; r=sicking (454ff8048a)
- Bug 1243453 P1 Make nsCORSListenerProxy call UpdateChannel() for internal redirects. r=sicking (f2a45b1997)
- Bug 1243453 P2 Test XHR with a non-intercepting service worker. r=ehsan (d83b31ab3d)
- Bug 1169233 - Get grey (inactive) text color from menu labels. r=karlt (470155483b)
- Bug 1161056 - Gtk3 - use sMozWindowBackground colors for combobox background. r=karlt (4502f5583a)
- Bug 1169232 - [gtk3] Add background class to tooltip window to get correct background color. r=karlt (9421a23b1c)
- Bug 1219717 - Derive text color/background from GtkTextView. r=karlt (a39cd997ee)
- Bug 1241239 - Fix missing 'using mozilla::LogLevel' in nsIdleServiceGTK.cpp. r=karlt (16bacfc530)
- Bug 1209659 - Disable client-side decorations on broken Gtk3 versions (<3.20). r=karlt (d5cbd4c0fb)
- Bug 540078 - Remove assertion annotations that are no longer needed and add crashtest. (89f33bb00c)
- Bug 1168219 - Make nsIWidget::Configuration::mChild a smart pointer on widget/qt too. r=froydnj (0f2f97a31b)
- Bug 1234385: Add downloadable blocklist support for between comparison types, by recognizing driverVersionMax when parsing. r=benwa (87617d0fa1)
- Bug 1112712 - DOM key mapping for soft1 soft2 and call keys r=schien (3f4360e64b)
- Bug 1237691 - Implement Oculus Head Pose Prediction (3f6b0122e3)
- Bug 1041882 - Remove Froyo-specific OMX plugin support. r=snorp (eb2f6dd36a)
- Bug 1205930 - Tighten up warnings handling in media/omx-plugin/. r=gerald. (86845d720a)
- Bug 1153849 - Use MOZ_JPEG_CFLAGS when build libyuv with system jpeg. r=jesup (a38f53057d)
- Bug 1240635 - Interpret glyph x-offsets on SVG vertical text paths in the correct direction. r=longsonr (ce90452da1)
- Bug 1185266 - Look up painting properties on the SVGTextFrame when painting text frames that are direct children of <text>. r=jwatt (9c89ab71eb)
- Bug 1143096 - Init all WebMBufferedParser members - r=kinetik (7df2e4e0c3)
- Bug 1231855 - Avoid inserting out of (timecode) order entries in WebMBufferedParser. r=jya (f7806faec4)
2023-12-21 11:24:17 +08:00

542 lines
20 KiB
Plaintext
Raw Blame History

/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
interface nsIDOMWindow;
interface nsIDocShell;
interface nsIContent;
interface nsIFrameLoader;
interface nsIPrincipal;
/**
* Message managers provide a way for chrome-privileged JS code to
* communicate with each other, even across process boundaries.
*
* Message managers are separated into "parent side" and "child side".
* These don't always correspond to process boundaries, but can. For
* each child-side message manager, there is always exactly one
* corresponding parent-side message manager that it sends messages
* to. However, for each parent-side message manager, there may be
* either one or many child-side managers it can message.
*
* Message managers that always have exactly one "other side" are of
* type nsIMessageSender. Parent-side message managers that have many
* "other sides" are of type nsIMessageBroadcaster.
*
* Child-side message managers can send synchronous messages to their
* parent side, but not the other way around.
*
* There are two realms of message manager hierarchies. One realm
* approximately corresponds to DOM elements, the other corresponds to
* process boundaries.
*
* Message managers corresponding to DOM elements
* ==============================================
*
* In this realm of message managers, there are
* - "frame message managers" which correspond to frame elements
* - "window message managers" which correspond to top-level chrome
* windows
* - "group message managers" which correspond to named message
* managers with a specific window MM as the parent
* - the "global message manager", on the parent side. See below.
*
* The DOM-realm message managers can communicate in the ways shown by
* the following diagram. The parent side and child side can
* correspond to process boundaries, but don't always.
*
* Parent side Child side
* ------------- ------------
* global MMg
* |
* +-->window MMw1
* | |
* | +-->frame MMp1_1<------------>frame MMc1_1
* | |
* | +-->frame MMp1_2<------------>frame MMc1_2
* | |
* | +-->group MMgr1
* | | |
* | | +-->frame MMp2_1<------->frame MMc2_1
* | | |
* | | +-->frame MMp2_2<------->frame MMc2_2
* | |
* | +-->group MMgr2
* | | ...
* | |
* | ...
* |
* +-->window MMw2
* ...
*
* For example: a message sent from MMc1_1, from the child side, is
* sent only to MMp1_1 on the parent side. However, note that all
* message managers in the hierarchy above MMp1_1, in this diagram
* MMw1 and MMg, will also notify their message listeners when the
* message arrives.
*
* A message sent from MMc2_1 will be sent to MMp2_1 and also notify
* all message managers in the hierarchy above that, including the
* group message manager MMgr1.
* For example: a message broadcast through the global MMg on the
* parent side would be broadcast to MMw1, which would transitively
* broadcast it to MMp1_1, MM1p_2. The message would next be
* broadcast to MMgr1, which would broadcast it to MMp2_1 and MMp2_2.
* After that it would broadcast to MMgr2 and then to MMw2, and so
* on down the hierarchy.
*
* ***** PERFORMANCE AND SECURITY WARNING *****
* Messages broadcast through the global MM and window or group MMs
* can result in messages being dispatched across many OS processes,
* and to many processes with different permissions. Great care
* should be taken when broadcasting.
*
* Interfaces
* ----------
*
* The global MMg and window MMw's are message broadcasters implementing
* nsIMessageBroadcaster while the frame MMp's are simple message senders
* (nsIMessageSender). Their counterparts in the content processes are
* message senders implementing nsIContentFrameMessageManager.
*
* nsIMessageListenerManager
* / \
* nsIMessageSender nsIMessageBroadcaster
* |
* nsISyncMessageSender (content process/in-process only)
* |
* nsIContentFrameMessageManager (content process/in-process only)
* |
* nsIInProcessContentFrameMessageManager (in-process only)
*
*
* Message managers in the chrome process can also be QI'ed to nsIFrameScriptLoader.
*
*
* Message managers corresponding to process boundaries
* ====================================================
*
* The second realm of message managers is the "process message
* managers". With one exception, these always correspond to process
* boundaries. The picture looks like
*
* Parent process Child processes
* ---------------- -----------------
* global (GPPMM)
* |
* +-->parent in-process PIPMM<-->child in-process CIPPMM
* |
* +-->parent (PPMM1)<------------------>child (CPMM1)
* |
* +-->parent (PPMM2)<------------------>child (CPMM2)
* ...
*
* Note, PIPMM and CIPPMM both run in the parent process.
*
* For example: the parent-process PPMM1 sends messages to the
* child-process CPMM1.
*
* For example: CPMM1 sends messages directly to PPMM1. The global GPPMM
* will also notify their message listeners when the message arrives.
*
* For example: messages sent through the global GPPMM will be
* dispatched to the listeners of the same-process, CIPPMM, CPMM1,
* CPMM2, etc.
*
* ***** PERFORMANCE AND SECURITY WARNING *****
* Messages broadcast through the GPPMM can result in messages
* being dispatched across many OS processes, and to many processes
* with different permissions. Great care should be taken when
* broadcasting.
*
* Requests sent to parent-process message listeners should usually
* have replies scoped to the requesting CPMM. The following pattern
* is common
*
* const ParentProcessListener = {
* receiveMessage: function(aMessage) {
* let childMM = aMessage.target.QueryInterface(Ci.nsIMessageSender);
* switch (aMessage.name) {
* case "Foo:Request":
* // service request
* childMM.sendAsyncMessage("Foo:Response", { data });
* }
* }
* };
*/
[scriptable, function, uuid(2b44eb57-a9c6-4773-9a1e-fe0818739a4c)]
interface nsIMessageListener : nsISupports
{
/**
* This is for JS only.
* receiveMessage is called with one parameter, which has the following
* properties:
* {
* target: %the target of the message. Either an element owning
* the message manager, or message manager itself if no
* element owns it%
* name: %message name%,
* sync: %true or false%.
* data: %structured clone of the sent message data%,
* json: %same as .data, deprecated%,
* objects: %named table of jsvals/objects, or null%
* principal: %principal for the window app
* }
*
* Each listener is invoked with its own copy of the message
* parameter.
*
* When the listener is called, 'this' value is the target of the message.
*
* If the message is synchronous, the possible return value is
* returned as JSON (will be changed to use structured clones).
* When there are multiple listeners to sync messages, each
* listener's return value is sent back as an array. |undefined|
* return values show up as undefined values in the array.
*/
void receiveMessage();
};
[scriptable, builtinclass, uuid(b949bfec-bb7d-47bc-b387-ac6a9b655072)]
interface nsIMessageListenerManager : nsISupports
{
/**
* Register |listener| to receive |messageName|. All listener
* callbacks for a particular message are invoked when that message
* is received.
*
* The message manager holds a strong ref to |listener|.
*
* If the same listener registers twice for the same message, the
* second registration is ignored.
*
* Pass true for listenWhenClosed if you want to receive messages
* during the short period after a frame has been removed from the
* DOM and before its frame script has finished unloading. This
* parameter only has an effect for frame message managers in
* the main process. Default is false.
*/
void addMessageListener(in AString messageName,
in nsIMessageListener listener,
[optional] in boolean listenWhenClosed);
/**
* Undo an |addMessageListener| call -- that is, calling this causes us to no
* longer invoke |listener| when |messageName| is received.
*
* removeMessageListener does not remove a message listener added via
* addWeakMessageListener; use removeWeakMessageListener for that.
*/
void removeMessageListener(in AString messageName,
in nsIMessageListener listener);
/**
* This is just like addMessageListener, except the message manager holds a
* weak ref to |listener|.
*
* If you have two weak message listeners for the same message, they may be
* called in any order.
*/
void addWeakMessageListener(in AString messageName,
in nsIMessageListener listener);
/**
* This undoes an |addWeakMessageListener| call.
*/
void removeWeakMessageListener(in AString messageName,
in nsIMessageListener listener);
[notxpcom] boolean markForCC();
};
/**
* Message "senders" have a single "other side" to which messages are
* sent. For example, a child-process message manager will send
* messages that are only delivered to its one parent-process message
* manager.
*/
[scriptable, builtinclass, uuid(bb5d79e4-e73c-45e7-9651-4d718f4b994c)]
interface nsIMessageSender : nsIMessageListenerManager
{
/**
* Send |messageName| and |obj| to the "other side" of this message
* manager. This invokes listeners who registered for
* |messageName|.
*
* See nsIMessageListener::receiveMessage() for the format of the
* data delivered to listeners.
* @throws NS_ERROR_NOT_INITIALIZED if the sender is not initialized. For
* example, we will throw NS_ERROR_NOT_INITIALIZED if we try to send
* a message to a cross-process frame but the other process has not
* yet been set up.
* @throws NS_ERROR_FAILURE when the message receiver cannot be found. For
* example, we will throw NS_ERROR_FAILURE if we try to send a message
* to a cross-process frame whose process has crashed.
*/
[implicit_jscontext, optional_argc]
void sendAsyncMessage([optional] in AString messageName,
[optional] in jsval obj,
[optional] in jsval objects,
[optional] in nsIPrincipal principal,
[optional] in jsval transfers);
};
/**
* Message "broadcasters" don't have a single "other side" that they
* send messages to, but rather a set of subordinate message managers.
* For example, broadcasting a message through a window message
* manager will broadcast the message to all frame message managers
* within its window.
*/
[scriptable, builtinclass, uuid(4d7d62ad-4725-4f39-86cf-8fb22bf9c1d8)]
interface nsIMessageBroadcaster : nsIMessageListenerManager
{
/**
* Like |sendAsyncMessage()|, but also broadcasts this message to
* all "child" message managers of this message manager. See long
* comment above for details.
*
* WARNING: broadcasting messages can be very expensive and leak
* sensitive data. Use with extreme caution.
*/
[implicit_jscontext, optional_argc]
void broadcastAsyncMessage([optional] in AString messageName,
[optional] in jsval obj,
[optional] in jsval objects);
/**
* Number of subordinate message managers.
*/
readonly attribute unsigned long childCount;
/**
* Return a single subordinate message manager.
*/
nsIMessageListenerManager getChildAt(in unsigned long aIndex);
};
[scriptable, builtinclass, uuid(0e602c9e-1977-422a-a8e4-fe0d4a4f78d0)]
interface nsISyncMessageSender : nsIMessageSender
{
/**
* Like |sendAsyncMessage()|, except blocks the sender until all
* listeners of the message have been invoked. Returns an array
* containing return values from each listener invoked.
*/
[implicit_jscontext, optional_argc]
jsval sendSyncMessage([optional] in AString messageName,
[optional] in jsval obj,
[optional] in jsval objects,
[optional] in nsIPrincipal principal);
/**
* Like |sendSyncMessage()|, except re-entrant. New RPC messages may be
* issued even if, earlier on the call stack, we are waiting for a reply
* to an earlier sendRpcMessage() call.
*
* Both sendSyncMessage and sendRpcMessage will block until a reply is
* received, but they may be temporarily interrupted to process an urgent
* incoming message (such as a CPOW request).
*/
[implicit_jscontext, optional_argc]
jsval sendRpcMessage([optional] in AString messageName,
[optional] in jsval obj,
[optional] in jsval objects,
[optional] in nsIPrincipal principal);
};
[scriptable, builtinclass, uuid(13f3555f-769e-44ea-b607-5239230c3162)]
interface nsIMessageManagerGlobal : nsISyncMessageSender
{
/**
* Print a string to stdout.
*/
void dump(in DOMString aStr);
/**
* If leak detection is enabled, print a note to the leak log that this
* process will intentionally crash.
*/
void privateNoteIntentionalCrash();
/**
* Ascii base64 data to binary data and vice versa
*/
DOMString atob(in DOMString aAsciiString);
DOMString btoa(in DOMString aBase64Data);
};
[scriptable, builtinclass, uuid(fff36099-9f84-4c7c-b69a-1cbf103d1708)]
interface nsIContentFrameMessageManager : nsIMessageManagerGlobal
{
/**
* The current top level window in the frame or null.
*/
readonly attribute nsIDOMWindow content;
/**
* The top level docshell or null.
*/
readonly attribute nsIDocShell docShell;
};
[uuid(9c6bd4d7-88d2-46d6-8606-f2d57d46f051)]
interface nsIInProcessContentFrameMessageManager : nsIContentFrameMessageManager
{
[notxpcom] nsIContent getOwnerContent();
[notxpcom] void cacheFrameLoader(in nsIFrameLoader aFrameLoader);
};
[scriptable, builtinclass, uuid(6d12e467-2446-46db-9965-e4e93cb87ca5)]
interface nsIContentProcessMessageManager : nsIMessageManagerGlobal
{
/**
* Read out a copy of the object that was initialized in the parent
* process via nsIProcessScriptLoader.initialProcessData.
*/
[implicit_jscontext]
readonly attribute jsval initialProcessData;
};
[scriptable, builtinclass, uuid(bf61446b-ba24-4b1d-88c7-4f94724b9ce1)]
interface nsIFrameScriptLoader : nsISupports
{
/**
* Load a script in the (remote) frame. aURL must be the absolute URL.
* data: URLs are also supported. For example data:,dump("foo\n");
* If aAllowDelayedLoad is true, script will be loaded when the
* remote frame becomes available. Otherwise the script will be loaded
* only if the frame is already available.
*/
void loadFrameScript(in AString aURL, in boolean aAllowDelayedLoad,
[optional] in boolean aRunInGlobalScope);
/**
* Removes aURL from the list of scripts which support delayed load.
*/
void removeDelayedFrameScript(in AString aURL);
/**
* Returns all delayed scripts that will be loaded once a (remote)
* frame becomes available. The return value is a list of pairs
* [<URL>, <WasLoadedInGlobalScope>].
*/
[implicit_jscontext]
jsval getDelayedFrameScripts();
};
[scriptable, builtinclass, uuid(7e1e1a20-b24f-11e4-ab27-0800200c9a66)]
interface nsIProcessScriptLoader : nsISupports
{
/**
* Load a script in the (possibly remote) process. aURL must be the absolute URL.
* data: URLs are also supported. For example data:,dump("foo\n");
* If aAllowDelayedLoad is true, script will be loaded when the
* remote frame becomes available. Otherwise the script will be loaded
* only if the frame is already available.
*/
void loadProcessScript(in AString aURL, in boolean aAllowDelayedLoad);
/**
* Removes aURL from the list of scripts which support delayed load.
*/
void removeDelayedProcessScript(in AString aURL);
/**
* Returns all delayed scripts that will be loaded once a (remote)
* frame becomes available. The return value is a list of URLs.
*/
[implicit_jscontext]
jsval getDelayedProcessScripts();
};
[scriptable, builtinclass, uuid(5b390753-abb3-49b0-ae3b-b803dab58144)]
interface nsIGlobalProcessScriptLoader : nsIProcessScriptLoader
{
/**
* Allows the parent process to set the initial process data for
* new, not-yet-created child processes. This attribute should only
* be used by the global parent process message manager. When a new
* process is created, it gets a copy of this data (via structured
* cloning). It can access the data via the initialProcessData
* attribute of its childprocessmessagemanager.
*
* This value will always be a JS object. Different users are
* expected to set properties on this object. The property name
* should be unique enough that other Gecko consumers won't
* accidentally choose it.
*/
[implicit_jscontext]
readonly attribute jsval initialProcessData;
};
[scriptable, builtinclass, uuid(637e8538-4f8f-4a3d-8510-e74386233e19)]
interface nsIProcessChecker : nsISupports
{
bool killChild();
/**
* Return true if the "remote" process has |aPermission|. This is
* intended to be used by JS implementations of cross-process DOM
* APIs, like so
*
* recvFooRequest: function(message) {
* if (!message.target.assertPermission("foo")) {
* return false;
* }
* // service foo request
*
* This interface only returns meaningful data when our content is
* in a separate process. If it shares the same OS process as us,
* then applying this permission check doesn't add any security,
* though it doesn't hurt anything either.
*
* Note: If the remote content process does *not* have |aPermission|,
* it will be killed as a precaution.
*/
boolean assertPermission(in DOMString aPermission);
/**
* Return true if the "remote" process has |aManifestURL|. This is
* intended to be used by JS implementations of cross-process DOM
* APIs, like so
*
* recvFooRequest: function(message) {
* if (!message.target.assertContainApp("foo")) {
* return false;
* }
* // service foo request
*
* This interface only returns meaningful data when our content is
* in a separate process. If it shares the same OS process as us,
* then applying this manifest URL check doesn't add any security,
* though it doesn't hurt anything either.
*
* Note: If the remote content process does *not* contain |aManifestURL|,
* it will be killed as a precaution.
*/
boolean assertContainApp(in DOMString aManifestURL);
boolean assertAppHasPermission(in DOMString aPermission);
/**
* Return true if the "remote" process' principal has an appStatus equal to
* |aStatus|.
*
* This interface only returns meaningful data when our content is
* in a separate process. If it shares the same OS process as us,
* then applying this permission check doesn't add any security,
* though it doesn't hurt anything either.
*
* Note: If the remote content process does *not* has the |aStatus|,
* it will be killed as a precaution.
*/
boolean assertAppHasStatus(in unsigned short aStatus);
};
Reference in New Issue View Git Blame Copy Permalink