Bug 1885565 - Part 1: Add mozac_ic_avatar_circle_24 to ui-icons r=android-reviewers...
[gecko.git] / caps / nsIAddonPolicyService.idl
blobde218ff70c59133acd4a59217814ec9f0d458d61
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include "nsISupports.idl"
8 #include "nsIURI.idl"
10 /**
11 * This interface allows the security manager to query custom per-addon security
12 * policy.
14 [scriptable, uuid(8a034ef9-9d14-4c5d-8319-06c1ab574baa)]
15 interface nsIAddonPolicyService : nsISupports
17 /**
18 * Returns the default content security policy which applies to extension
19 * documents which do not specify any custom policies.
21 readonly attribute AString defaultCSP;
23 /**
24 * Same as above, but used for extensions using manifest v3.
26 readonly attribute AString defaultCSPV3;
28 /**
29 * Returns the base content security policy which applies to all extension resources.
31 AString getBaseCSP(in AString aAddonId);
33 /**
34 * Returns the content security policy which applies to documents belonging
35 * to the extension with the given ID. This may be either a custom policy,
36 * if one was supplied, or the default policy if one was not.
38 AString getExtensionPageCSP(in AString aAddonId);
40 /**
41 * Returns the generated background page as a data-URI, if any. If the addon
42 * does not have an auto-generated background page, an empty string is
43 * returned.
45 ACString getGeneratedBackgroundPageUrl(in ACString aAddonId);
47 /**
48 * Returns true if the addon was granted the |aPerm| API permission.
50 boolean addonHasPermission(in AString aAddonId, in AString aPerm);
52 /**
53 * Returns true if unprivileged code associated with the given addon may load
54 * data from |aURI|. If |aExplicit| is true, the <all_urls> permission and
55 * permissive host globs are ignored when checking for a match.
57 boolean addonMayLoadURI(in AString aAddonId, in nsIURI aURI, [optional] in boolean aExplicit);
59 /**
60 * Returns the name of the WebExtension with the given ID, or the ID string
61 * if no matching add-on can be found.
63 AString getExtensionName(in AString aAddonId);
65 /**
66 * Returns true if a given extension:// URI is web-accessible and loadable by the source.
67 * This should be called if the protocol flags for the extension URI has URI_WEB_ACCESSIBLE.
69 boolean sourceMayLoadExtensionURI(in nsIURI aSourceURI, in nsIURI aExtensionURI);
71 /**
72 * Maps an extension URI to the ID of the addon it belongs to.
74 AString extensionURIToAddonId(in nsIURI aURI);
77 /**
78 * This interface exposes functionality related to add-on content policy
79 * enforcement.
81 [scriptable, uuid(7a4fe60b-9131-45f5-83f3-dc63b5d71a5d)]
82 interface nsIAddonContentPolicy : nsISupports
84 /* options to pass to validateAddonCSP
86 * Manifest V2 uses CSP_ALLOW_ANY.
87 * In Manifest V3, extension_pages would use CSP_ALLOW_WASM
88 * and sandbox would use CSP_ALLOW_EVAL.
90 const unsigned long CSP_ALLOW_ANY = 0xFFFF;
91 const unsigned long CSP_ALLOW_LOCALHOST = (1<<0);
92 const unsigned long CSP_ALLOW_EVAL = (1<<1);
93 const unsigned long CSP_ALLOW_REMOTE = (1<<2);
94 const unsigned long CSP_ALLOW_WASM = (1<<3);
96 /**
97 * Checks a custom content security policy string, to ensure that it meets
98 * minimum security requirements. Returns null for valid policies, or a
99 * string describing the error for invalid policies.
101 AString validateAddonCSP(in AString aPolicyString, in unsigned long aPermittedPolicy);