caps/src/nsNullPrincipal.cpp

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* ***** BEGIN LICENSE BLOCK *****
   3  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   4  *
   5  * The contents of this file are subject to the Mozilla Public License Version
   6  * 1.1 (the "License"); you may not use this file except in compliance with
   7  * the License. You may obtain a copy of the License at
   8  * http://www.mozilla.org/MPL/
   9  *
  10  * Software distributed under the License is distributed on an "AS IS" basis,
  11  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12  * for the specific language governing rights and limitations under the
  13  * License.
  14  *
  15  * The Original Code is mozilla.org code.
  16  *
  17  * The Initial Developer of the Original Code is
  18  * the Mozilla Corporation.
  19  * Portions created by the Initial Developer are Copyright (C) 2006
  20  * the Initial Developer. All Rights Reserved.
  21  *
  22  * Contributor(s):
  23  *   Boris Zbarsky <bzbarsky@mit.edu> (Original author)
  24  *
  25  * Alternatively, the contents of this file may be used under the terms of
  26  * either of the GNU General Public License Version 2 or later (the "GPL"),
  27  * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  28  * in which case the provisions of the GPL or the LGPL are applicable instead
  29  * of those above. If you wish to allow use of your version of this file only
  30  * under the terms of either the GPL or the LGPL, and not to allow others to
  31  * use your version of this file under the terms of the MPL, indicate your
  32  * decision by deleting the provisions above and replace them with the notice
  33  * and other provisions required by the GPL or the LGPL. If you do not delete
  34  * the provisions above, a recipient may use your version of this file under
  35  * the terms of any one of the MPL, the GPL or the LGPL.
  36  *
  37  * ***** END LICENSE BLOCK ***** */
  38
  39 /**
  40  * This is the principal that has no rights and can't be accessed by
  41  * anything other than itself and chrome; null principals are not
  42  * same-origin with anything but themselves.
  43  */
  44
  45 #include "nsNullPrincipal.h"
  46 #include "nsNullPrincipalURI.h"
  47 #include "nsMemory.h"
  48 #include "nsIUUIDGenerator.h"
  49 #include "nsID.h"
  50 #include "nsNetUtil.h"
  51 #include "nsIClassInfoImpl.h"
  52 #include "nsNetCID.h"
  53 #include "nsDOMError.h"
  54 #include "nsScriptSecurityManager.h"
  55
  56 NS_IMPL_CLASSINFO(nsNullPrincipal, NULL, nsIClassInfo::MAIN_THREAD_ONLY,
  57                   NS_NULLPRINCIPAL_CID)
  58 NS_IMPL_QUERY_INTERFACE2_CI(nsNullPrincipal,
  59                             nsIPrincipal,
  60                             nsISerializable)
  61 NS_IMPL_CI_INTERFACE_GETTER2(nsNullPrincipal,
  62                              nsIPrincipal,
  63                              nsISerializable)
  64
  65 NS_IMETHODIMP_(nsrefcnt)
  66 nsNullPrincipal::AddRef()
  67 {
  68   NS_PRECONDITION(PRInt32(mJSPrincipals.refcount) >= 0, "illegal refcnt");
  69   nsrefcnt count = PR_AtomicIncrement((PRInt32 *)&mJSPrincipals.refcount);
  70   NS_LOG_ADDREF(this, count, "nsNullPrincipal", sizeof(*this));
  71   return count;
  72 }
  73
  74 NS_IMETHODIMP_(nsrefcnt)
  75 nsNullPrincipal::Release()
  76 {
  77   NS_PRECONDITION(0 != mJSPrincipals.refcount, "dup release");
  78   nsrefcnt count = PR_AtomicDecrement((PRInt32 *)&mJSPrincipals.refcount);
  79   NS_LOG_RELEASE(this, count, "nsNullPrincipal");
  80   if (count == 0) {
  81     delete this;
  82   }
  83
  84   return count;
  85 }
  86
  87 nsNullPrincipal::nsNullPrincipal()
  88 {
  89 }
  90
  91 nsNullPrincipal::~nsNullPrincipal()
  92 {
  93 }
  94
  95 #define NS_NULLPRINCIPAL_PREFIX NS_NULLPRINCIPAL_SCHEME ":"
  96
  97 nsresult
  98 nsNullPrincipal::Init()
  99 {
 100   // FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
 101   nsresult rv;
 102   nsCOMPtr<nsIUUIDGenerator> uuidgen =
 103     do_GetService("@mozilla.org/uuid-generator;1", &rv);
 104   NS_ENSURE_SUCCESS(rv, rv);
 105
 106   nsID id;
 107   rv = uuidgen->GenerateUUIDInPlace(&id);
 108   NS_ENSURE_SUCCESS(rv, rv);
 109
 110   char chars[NSID_LENGTH];
 111   id.ToProvidedString(chars);
 112
 113   PRUint32 suffixLen = NSID_LENGTH - 1;
 114   PRUint32 prefixLen = NS_ARRAY_LENGTH(NS_NULLPRINCIPAL_PREFIX) - 1;
 115
 116   // Use an nsCString so we only do the allocation once here and then share
 117   // with nsJSPrincipals
 118   nsCString str;
 119   str.SetCapacity(prefixLen + suffixLen);
 120
 121   str.Append(NS_NULLPRINCIPAL_PREFIX);
 122   str.Append(chars);
 123
 124   if (str.Length() != prefixLen + suffixLen) {
 125     NS_WARNING("Out of memory allocating null-principal URI");
 126     return NS_ERROR_OUT_OF_MEMORY;
 127   }
 128
 129   mURI = new nsNullPrincipalURI(str);
 130   NS_ENSURE_TRUE(mURI, NS_ERROR_OUT_OF_MEMORY);
 131
 132   return mJSPrincipals.Init(this, str);
 133 }
 134
 135 /**
 136  * nsIPrincipal implementation
 137  */
 138
 139 NS_IMETHODIMP
 140 nsNullPrincipal::GetPreferences(char** aPrefName, char** aID,
 141                                 char** aSubjectName,
 142                                 char** aGrantedList, char** aDeniedList,
 143                                 PRBool* aIsTrusted)
 144 {
 145   // The null principal should never be written to preferences.
 146   *aPrefName = nsnull;
 147   *aID = nsnull;
 148   *aSubjectName = nsnull;
 149   *aGrantedList = nsnull;
 150   *aDeniedList = nsnull;
 151   *aIsTrusted = PR_FALSE;
 152
 153   return NS_ERROR_FAILURE;
 154 }
 155
 156 NS_IMETHODIMP
 157 nsNullPrincipal::Equals(nsIPrincipal *aOther, PRBool *aResult)
 158 {
 159   // Just equal to ourselves.  Note that nsPrincipal::Equals will return false
 160   // for us since we have a unique domain/origin/etc.
 161   *aResult = (aOther == this);
 162   return NS_OK;
 163 }
 164
 165 NS_IMETHODIMP
 166 nsNullPrincipal::GetHashValue(PRUint32 *aResult)
 167 {
 168   *aResult = (NS_PTR_TO_INT32(this) >> 2);
 169   return NS_OK;
 170 }
 171
 172 NS_IMETHODIMP
 173 nsNullPrincipal::GetJSPrincipals(JSContext *cx, JSPrincipals **aJsprin)
 174 {
 175   NS_PRECONDITION(mJSPrincipals.nsIPrincipalPtr,
 176                   "mJSPrincipals is uninitalized!");
 177
 178   JSPRINCIPALS_HOLD(cx, &mJSPrincipals);
 179   *aJsprin = &mJSPrincipals;
 180   return NS_OK;
 181 }
 182
 183 NS_IMETHODIMP
 184 nsNullPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
 185 {
 186   // We don't actually do security policy caching.  And it's not like anyone
 187   // can set a security policy for us anyway.
 188   *aSecurityPolicy = nsnull;
 189   return NS_OK;
 190 }
 191
 192 NS_IMETHODIMP
 193 nsNullPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
 194 {
 195   // We don't actually do security policy caching.  And it's not like anyone
 196   // can set a security policy for us anyway.
 197   return NS_OK;
 198 }
 199
 200 NS_IMETHODIMP
 201 nsNullPrincipal::CanEnableCapability(const char *aCapability,
 202                                      PRInt16 *aResult)
 203 {
 204   // Null principal can enable no capabilities.
 205   *aResult = nsIPrincipal::ENABLE_DENIED;
 206   return NS_OK;
 207 }
 208
 209 NS_IMETHODIMP
 210 nsNullPrincipal::SetCanEnableCapability(const char *aCapability,
 211                                         PRInt16 aCanEnable)
 212 {
 213   return NS_ERROR_NOT_AVAILABLE;
 214 }
 215
 216
 217 NS_IMETHODIMP
 218 nsNullPrincipal::IsCapabilityEnabled(const char *aCapability,
 219                                      void *aAnnotation,
 220                                      PRBool *aResult)
 221 {
 222   // Nope.  No capabilities, I say!
 223   *aResult = PR_FALSE;
 224   return NS_OK;
 225 }
 226
 227 NS_IMETHODIMP
 228 nsNullPrincipal::EnableCapability(const char *aCapability, void **aAnnotation)
 229 {
 230   NS_NOTREACHED("Didn't I say it?  NO CAPABILITIES!");
 231   *aAnnotation = nsnull;
 232   return NS_OK;
 233 }
 234
 235 NS_IMETHODIMP
 236 nsNullPrincipal::RevertCapability(const char *aCapability, void **aAnnotation)
 237 {
 238     *aAnnotation = nsnull;
 239     return NS_OK;
 240 }
 241
 242 NS_IMETHODIMP
 243 nsNullPrincipal::DisableCapability(const char *aCapability, void **aAnnotation)
 244 {
 245   // Just a no-op.  They're all disabled anyway.
 246   *aAnnotation = nsnull;
 247   return NS_OK;
 248 }
 249
 250 NS_IMETHODIMP
 251 nsNullPrincipal::GetURI(nsIURI** aURI)
 252 {
 253   return NS_EnsureSafeToReturn(mURI, aURI);
 254 }
 255
 256 NS_IMETHODIMP
 257 nsNullPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 258 {
 259   // CSP on a null principal makes no sense
 260   *aCsp = nsnull;
 261   return NS_OK;
 262 }
 263
 264 NS_IMETHODIMP
 265 nsNullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
 266 {
 267   // CSP on a null principal makes no sense
 268   return NS_ERROR_NOT_AVAILABLE;
 269 }
 270
 271 NS_IMETHODIMP
 272 nsNullPrincipal::GetDomain(nsIURI** aDomain)
 273 {
 274   return NS_EnsureSafeToReturn(mURI, aDomain);
 275 }
 276
 277 NS_IMETHODIMP
 278 nsNullPrincipal::SetDomain(nsIURI* aDomain)
 279 {
 280   // I think the right thing to do here is to just throw...  Silently failing
 281   // seems counterproductive.
 282   return NS_ERROR_NOT_AVAILABLE;
 283 }
 284
 285 NS_IMETHODIMP
 286 nsNullPrincipal::GetOrigin(char** aOrigin)
 287 {
 288   *aOrigin = nsnull;
 289
 290   nsCAutoString str;
 291   nsresult rv = mURI->GetSpec(str);
 292   NS_ENSURE_SUCCESS(rv, rv);
 293
 294   *aOrigin = ToNewCString(str);
 295   NS_ENSURE_TRUE(*aOrigin, NS_ERROR_OUT_OF_MEMORY);
 296
 297   return NS_OK;
 298 }
 299
 300 NS_IMETHODIMP
 301 nsNullPrincipal::GetHasCertificate(PRBool* aResult)
 302 {
 303   *aResult = PR_FALSE;
 304   return NS_OK;
 305 }
 306
 307 NS_IMETHODIMP
 308 nsNullPrincipal::GetFingerprint(nsACString& aID)
 309 {
 310     return NS_ERROR_NOT_AVAILABLE;
 311 }
 312
 313 NS_IMETHODIMP
 314 nsNullPrincipal::GetPrettyName(nsACString& aName)
 315 {
 316     return NS_ERROR_NOT_AVAILABLE;
 317 }
 318
 319 NS_IMETHODIMP
 320 nsNullPrincipal::Subsumes(nsIPrincipal *aOther, PRBool *aResult)
 321 {
 322   // We don't subsume anything except ourselves.  Note that nsPrincipal::Equals
 323   // will return false for us, since we're not about:blank and not Equals to
 324   // reasonable nsPrincipals.
 325   *aResult = (aOther == this);
 326   return NS_OK;
 327 }
 328
 329 NS_IMETHODIMP
 330 nsNullPrincipal::CheckMayLoad(nsIURI* aURI, PRBool aReport)
 331 {
 332   if (aReport) {
 333     nsScriptSecurityManager::ReportError(
 334       nsnull, NS_LITERAL_STRING("CheckSameOriginError"), mURI, aURI);
 335   }
 336
 337   return NS_ERROR_DOM_BAD_URI;
 338 }
 339
 340 NS_IMETHODIMP
 341 nsNullPrincipal::GetSubjectName(nsACString& aName)
 342 {
 343     return NS_ERROR_NOT_AVAILABLE;
 344 }
 345
 346 NS_IMETHODIMP
 347 nsNullPrincipal::GetCertificate(nsISupports** aCertificate)
 348 {
 349     *aCertificate = nsnull;
 350     return NS_OK;
 351 }
 352
 353 /**
 354  * nsISerializable implementation
 355  */
 356 NS_IMETHODIMP
 357 nsNullPrincipal::Read(nsIObjectInputStream* aStream)
 358 {
 359   // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
 360   // is not really relevant.
 361   return NS_OK;
 362 }
 363
 364 NS_IMETHODIMP
 365 nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
 366 {
 367   // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
 368   // is not really relevant.
 369   return NS_OK;
 370 }
 371