caps/src/nsNullPrincipal.cpp

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* ***** BEGIN LICENSE BLOCK *****
   3  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
   4  *
   5  * The contents of this file are subject to the Mozilla Public License Version
   6  * 1.1 (the "License"); you may not use this file except in compliance with
   7  * the License. You may obtain a copy of the License at
   8  * http://www.mozilla.org/MPL/
   9  *
  10  * Software distributed under the License is distributed on an "AS IS" basis,
  11  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
  12  * for the specific language governing rights and limitations under the
  13  * License.
  14  *
  15  * The Original Code is mozilla.org code.
  16  *
  17  * The Initial Developer of the Original Code is
  18  * the Mozilla Corporation.
  19  * Portions created by the Initial Developer are Copyright (C) 2006
  20  * the Initial Developer. All Rights Reserved.
  21  *
  22  * Contributor(s):
  23  *   Boris Zbarsky <bzbarsky@mit.edu> (Original author)
  24  *
  25  * Alternatively, the contents of this file may be used under the terms of
  26  * either of the GNU General Public License Version 2 or later (the "GPL"),
  27  * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
  28  * in which case the provisions of the GPL or the LGPL are applicable instead
  29  * of those above. If you wish to allow use of your version of this file only
  30  * under the terms of either the GPL or the LGPL, and not to allow others to
  31  * use your version of this file under the terms of the MPL, indicate your
  32  * decision by deleting the provisions above and replace them with the notice
  33  * and other provisions required by the GPL or the LGPL. If you do not delete
  34  * the provisions above, a recipient may use your version of this file under
  35  * the terms of any one of the MPL, the GPL or the LGPL.
  36  *
  37  * ***** END LICENSE BLOCK ***** */
  38
  39 /**
  40  * This is the principal that has no rights and can't be accessed by
  41  * anything other than itself and chrome; null principals are not
  42  * same-origin with anything but themselves.
  43  */
  44
  45 #include "nsNullPrincipal.h"
  46 #include "nsNullPrincipalURI.h"
  47 #include "nsMemory.h"
  48 #include "nsIUUIDGenerator.h"
  49 #include "nsID.h"
  50 #include "nsNetUtil.h"
  51 #include "nsIClassInfoImpl.h"
  52 #include "nsNetCID.h"
  53 #include "nsDOMError.h"
  54 #include "nsScriptSecurityManager.h"
  55
  56 NS_IMPL_QUERY_INTERFACE2_CI(nsNullPrincipal,
  57                             nsIPrincipal,
  58                             nsISerializable)
  59 NS_IMPL_CI_INTERFACE_GETTER2(nsNullPrincipal,
  60                              nsIPrincipal,
  61                              nsISerializable)
  62
  63 NS_IMETHODIMP_(nsrefcnt)
  64 nsNullPrincipal::AddRef()
  65 {
  66   NS_PRECONDITION(PRInt32(mJSPrincipals.refcount) >= 0, "illegal refcnt");
  67   nsrefcnt count = PR_AtomicIncrement((PRInt32 *)&mJSPrincipals.refcount);
  68   NS_LOG_ADDREF(this, count, "nsNullPrincipal", sizeof(*this));
  69   return count;
  70 }
  71
  72 NS_IMETHODIMP_(nsrefcnt)
  73 nsNullPrincipal::Release()
  74 {
  75   NS_PRECONDITION(0 != mJSPrincipals.refcount, "dup release");
  76   nsrefcnt count = PR_AtomicDecrement((PRInt32 *)&mJSPrincipals.refcount);
  77   NS_LOG_RELEASE(this, count, "nsNullPrincipal");
  78   if (count == 0) {
  79     NS_DELETEXPCOM(this);
  80   }
  81
  82   return count;
  83 }
  84
  85 nsNullPrincipal::nsNullPrincipal()
  86 {
  87 }
  88
  89 nsNullPrincipal::~nsNullPrincipal()
  90 {
  91 }
  92
  93 #define NS_NULLPRINCIPAL_PREFIX NS_NULLPRINCIPAL_SCHEME ":"
  94
  95 nsresult
  96 nsNullPrincipal::Init()
  97 {
  98   // FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
  99   nsresult rv;
 100   nsCOMPtr<nsIUUIDGenerator> uuidgen =
 101     do_GetService("@mozilla.org/uuid-generator;1", &rv);
 102   NS_ENSURE_SUCCESS(rv, rv);
 103
 104   nsID id;
 105   rv = uuidgen->GenerateUUIDInPlace(&id);
 106   NS_ENSURE_SUCCESS(rv, rv);
 107
 108   char chars[NSID_LENGTH];
 109   id.ToProvidedString(chars);
 110
 111   PRUint32 suffixLen = NSID_LENGTH - 1;
 112   PRUint32 prefixLen = NS_ARRAY_LENGTH(NS_NULLPRINCIPAL_PREFIX) - 1;
 113
 114   // Use an nsCString so we only do the allocation once here and then share
 115   // with nsJSPrincipals
 116   nsCString str;
 117   str.SetCapacity(prefixLen + suffixLen);
 118
 119   str.Append(NS_NULLPRINCIPAL_PREFIX);
 120   str.Append(chars);
 121
 122   if (str.Length() != prefixLen + suffixLen) {
 123     NS_WARNING("Out of memory allocating null-principal URI");
 124     return NS_ERROR_OUT_OF_MEMORY;
 125   }
 126
 127   mURI = new nsNullPrincipalURI(str);
 128   NS_ENSURE_TRUE(mURI, NS_ERROR_OUT_OF_MEMORY);
 129
 130   return mJSPrincipals.Init(this, str);
 131 }
 132
 133 /**
 134  * nsIPrincipal implementation
 135  */
 136
 137 NS_IMETHODIMP
 138 nsNullPrincipal::GetPreferences(char** aPrefName, char** aID,
 139                                 char** aSubjectName,
 140                                 char** aGrantedList, char** aDeniedList,
 141                                 PRBool* aIsTrusted)
 142 {
 143   // The null principal should never be written to preferences.
 144   *aPrefName = nsnull;
 145   *aID = nsnull;
 146   *aSubjectName = nsnull;
 147   *aGrantedList = nsnull;
 148   *aDeniedList = nsnull;
 149   *aIsTrusted = PR_FALSE;
 150
 151   return NS_ERROR_FAILURE;
 152 }
 153
 154 NS_IMETHODIMP
 155 nsNullPrincipal::Equals(nsIPrincipal *aOther, PRBool *aResult)
 156 {
 157   // Just equal to ourselves.  Note that nsPrincipal::Equals will return false
 158   // for us since we have a unique domain/origin/etc.
 159   *aResult = (aOther == this);
 160   return NS_OK;
 161 }
 162
 163 NS_IMETHODIMP
 164 nsNullPrincipal::GetHashValue(PRUint32 *aResult)
 165 {
 166   *aResult = (NS_PTR_TO_INT32(this) >> 2);
 167   return NS_OK;
 168 }
 169
 170 NS_IMETHODIMP
 171 nsNullPrincipal::GetJSPrincipals(JSContext *cx, JSPrincipals **aJsprin)
 172 {
 173   NS_PRECONDITION(mJSPrincipals.nsIPrincipalPtr,
 174                   "mJSPrincipals is uninitalized!");
 175
 176   JSPRINCIPALS_HOLD(cx, &mJSPrincipals);
 177   *aJsprin = &mJSPrincipals;
 178   return NS_OK;
 179 }
 180
 181 NS_IMETHODIMP
 182 nsNullPrincipal::GetSecurityPolicy(void** aSecurityPolicy)
 183 {
 184   // We don't actually do security policy caching.  And it's not like anyone
 185   // can set a security policy for us anyway.
 186   *aSecurityPolicy = nsnull;
 187   return NS_OK;
 188 }
 189
 190 NS_IMETHODIMP
 191 nsNullPrincipal::SetSecurityPolicy(void* aSecurityPolicy)
 192 {
 193   // We don't actually do security policy caching.  And it's not like anyone
 194   // can set a security policy for us anyway.
 195   return NS_OK;
 196 }
 197
 198 NS_IMETHODIMP
 199 nsNullPrincipal::CanEnableCapability(const char *aCapability,
 200                                      PRInt16 *aResult)
 201 {
 202   // Null principal can enable no capabilities.
 203   *aResult = nsIPrincipal::ENABLE_DENIED;
 204   return NS_OK;
 205 }
 206
 207 NS_IMETHODIMP
 208 nsNullPrincipal::SetCanEnableCapability(const char *aCapability,
 209                                         PRInt16 aCanEnable)
 210 {
 211   return NS_ERROR_NOT_AVAILABLE;
 212 }
 213
 214
 215 NS_IMETHODIMP
 216 nsNullPrincipal::IsCapabilityEnabled(const char *aCapability,
 217                                      void *aAnnotation,
 218                                      PRBool *aResult)
 219 {
 220   // Nope.  No capabilities, I say!
 221   *aResult = PR_FALSE;
 222   return NS_OK;
 223 }
 224
 225 NS_IMETHODIMP
 226 nsNullPrincipal::EnableCapability(const char *aCapability, void **aAnnotation)
 227 {
 228   NS_NOTREACHED("Didn't I say it?  NO CAPABILITIES!");
 229   *aAnnotation = nsnull;
 230   return NS_OK;
 231 }
 232
 233 NS_IMETHODIMP
 234 nsNullPrincipal::RevertCapability(const char *aCapability, void **aAnnotation)
 235 {
 236     *aAnnotation = nsnull;
 237     return NS_OK;
 238 }
 239
 240 NS_IMETHODIMP
 241 nsNullPrincipal::DisableCapability(const char *aCapability, void **aAnnotation)
 242 {
 243   // Just a no-op.  They're all disabled anyway.
 244   *aAnnotation = nsnull;
 245   return NS_OK;
 246 }
 247
 248 NS_IMETHODIMP
 249 nsNullPrincipal::GetURI(nsIURI** aURI)
 250 {
 251   return NS_EnsureSafeToReturn(mURI, aURI);
 252 }
 253
 254 NS_IMETHODIMP
 255 nsNullPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 256 {
 257   // CSP on a null principal makes no sense
 258   *aCsp = nsnull;
 259   return NS_OK;
 260 }
 261
 262 NS_IMETHODIMP
 263 nsNullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
 264 {
 265   // CSP on a null principal makes no sense
 266   return NS_ERROR_NOT_AVAILABLE;
 267 }
 268
 269 NS_IMETHODIMP
 270 nsNullPrincipal::GetDomain(nsIURI** aDomain)
 271 {
 272   return NS_EnsureSafeToReturn(mURI, aDomain);
 273 }
 274
 275 NS_IMETHODIMP
 276 nsNullPrincipal::SetDomain(nsIURI* aDomain)
 277 {
 278   // I think the right thing to do here is to just throw...  Silently failing
 279   // seems counterproductive.
 280   return NS_ERROR_NOT_AVAILABLE;
 281 }
 282
 283 NS_IMETHODIMP
 284 nsNullPrincipal::GetOrigin(char** aOrigin)
 285 {
 286   *aOrigin = nsnull;
 287
 288   nsCAutoString str;
 289   nsresult rv = mURI->GetSpec(str);
 290   NS_ENSURE_SUCCESS(rv, rv);
 291
 292   *aOrigin = ToNewCString(str);
 293   NS_ENSURE_TRUE(*aOrigin, NS_ERROR_OUT_OF_MEMORY);
 294
 295   return NS_OK;
 296 }
 297
 298 NS_IMETHODIMP
 299 nsNullPrincipal::GetHasCertificate(PRBool* aResult)
 300 {
 301   *aResult = PR_FALSE;
 302   return NS_OK;
 303 }
 304
 305 NS_IMETHODIMP
 306 nsNullPrincipal::GetFingerprint(nsACString& aID)
 307 {
 308     return NS_ERROR_NOT_AVAILABLE;
 309 }
 310
 311 NS_IMETHODIMP
 312 nsNullPrincipal::GetPrettyName(nsACString& aName)
 313 {
 314     return NS_ERROR_NOT_AVAILABLE;
 315 }
 316
 317 NS_IMETHODIMP
 318 nsNullPrincipal::Subsumes(nsIPrincipal *aOther, PRBool *aResult)
 319 {
 320   // We don't subsume anything except ourselves.  Note that nsPrincipal::Equals
 321   // will return false for us, since we're not about:blank and not Equals to
 322   // reasonable nsPrincipals.
 323   *aResult = (aOther == this);
 324   return NS_OK;
 325 }
 326
 327 NS_IMETHODIMP
 328 nsNullPrincipal::CheckMayLoad(nsIURI* aURI, PRBool aReport)
 329 {
 330   if (aReport) {
 331     nsScriptSecurityManager::ReportError(
 332       nsnull, NS_LITERAL_STRING("CheckSameOriginError"), mURI, aURI);
 333   }
 334
 335   return NS_ERROR_DOM_BAD_URI;
 336 }
 337
 338 NS_IMETHODIMP
 339 nsNullPrincipal::GetSubjectName(nsACString& aName)
 340 {
 341     return NS_ERROR_NOT_AVAILABLE;
 342 }
 343
 344 NS_IMETHODIMP
 345 nsNullPrincipal::GetCertificate(nsISupports** aCertificate)
 346 {
 347     *aCertificate = nsnull;
 348     return NS_OK;
 349 }
 350
 351 /**
 352  * nsISerializable implementation
 353  */
 354 NS_IMETHODIMP
 355 nsNullPrincipal::Read(nsIObjectInputStream* aStream)
 356 {
 357   // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
 358   // is not really relevant.
 359   return NS_OK;
 360 }
 361
 362 NS_IMETHODIMP
 363 nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
 364 {
 365   // no-op: CID is sufficient to create a useful nsNullPrincipal, since the URI
 366   // is not really relevant.
 367   return NS_OK;
 368 }
 369