caps/nsScriptSecurityManager.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /* vim: set ts=4 et sw=4 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef nsScriptSecurityManager_h__
   8 #define nsScriptSecurityManager_h__
   9
  10 #include "nsIScriptSecurityManager.h"
  11 #include "nsIPrincipal.h"
  12 #include "nsCOMPtr.h"
  13 #include "nsIChannelEventSink.h"
  14 #include "nsIObserver.h"
  15 #include "plstr.h"
  16 #include "js/TypeDecls.h"
  17
  18 #include <stdint.h>
  19
  20 class nsIDocShell;
  21 class nsCString;
  22 class nsIClassInfo;
  23 class nsIIOService;
  24 class nsIStringBundle;
  25 class nsSystemPrincipal;
  26 class ClassInfoData;
  27
  28 /////////////////////////////
  29 // nsScriptSecurityManager //
  30 /////////////////////////////
  31 #define NS_SCRIPTSECURITYMANAGER_CID \
  32 { 0x7ee2a4c0, 0x4b93, 0x17d3, \
  33 { 0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 }}
  34
  35 class nsScriptSecurityManager MOZ_FINAL : public nsIScriptSecurityManager,
  36                                           public nsIChannelEventSink,
  37                                           public nsIObserver
  38 {
  39 public:
  40     static void Shutdown();
  41
  42     NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)
  43
  44     NS_DECL_ISUPPORTS
  45     NS_DECL_NSISCRIPTSECURITYMANAGER
  46     NS_DECL_NSICHANNELEVENTSINK
  47     NS_DECL_NSIOBSERVER
  48
  49     static nsScriptSecurityManager*
  50     GetScriptSecurityManager();
  51
  52     // Invoked exactly once, by XPConnect.
  53     static void InitStatics();
  54
  55     static nsSystemPrincipal*
  56     SystemPrincipalSingletonConstructor();
  57
  58     JSContext* GetCurrentJSContext();
  59
  60     JSContext* GetSafeJSContext();
  61
  62     /**
  63      * Utility method for comparing two URIs.  For security purposes, two URIs
  64      * are equivalent if their schemes, hosts, and ports (if any) match.  This
  65      * method returns true if aSubjectURI and aObjectURI have the same origin,
  66      * false otherwise.
  67      */
  68     static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
  69     static uint32_t SecurityHashURI(nsIURI* aURI);
  70
  71     static uint16_t AppStatusForPrincipal(nsIPrincipal *aPrin);
  72
  73     static nsresult
  74     ReportError(JSContext* cx, const nsAString& messageTag,
  75                 nsIURI* aSource, nsIURI* aTarget);
  76
  77     static uint32_t
  78     HashPrincipalByOrigin(nsIPrincipal* aPrincipal);
  79
  80     static bool
  81     GetStrictFileOriginPolicy()
  82     {
  83         return sStrictFileOriginPolicy;
  84     }
  85
  86     /**
  87      * Returns true if the two principals share the same app attributes.
  88      *
  89      * App attributes are appId and the inBrowserElement flag.
  90      * Two principals have the same app attributes if those information are
  91      * equals.
  92      * This method helps keeping principals from different apps isolated from
  93      * each other. Also, it helps making sure mozbrowser (web views) and their
  94      * parent are isolated from each other. All those entities do not share the
  95      * same data (cookies, IndexedDB, localStorage, etc.) so we shouldn't allow
  96      * violating that principle.
  97      */
  98     static bool
  99     AppAttributesEqual(nsIPrincipal* aFirst,
 100                        nsIPrincipal* aSecond);
 101
 102     void DeactivateDomainPolicy();
 103
 104 private:
 105
 106     // GetScriptSecurityManager is the only call that can make one
 107     nsScriptSecurityManager();
 108     virtual ~nsScriptSecurityManager();
 109
 110     // Decides, based on CSP, whether or not eval() and stuff can be executed.
 111     static bool
 112     ContentSecurityPolicyPermitsJSAction(JSContext *cx);
 113
 114     static bool
 115     JSPrincipalsSubsume(JSPrincipals *first, JSPrincipals *second);
 116
 117     // Returns null if a principal cannot be found; generally callers
 118     // should error out at that point.
 119     static nsIPrincipal* doGetObjectPrincipal(JSObject* obj);
 120
 121     nsresult
 122     GetCodebasePrincipalInternal(nsIURI* aURI, uint32_t aAppId,
 123                                  bool aInMozBrowser,
 124                                  nsIPrincipal** result);
 125
 126     nsresult
 127     CreateCodebasePrincipal(nsIURI* aURI, uint32_t aAppId, bool aInMozBrowser,
 128                             nsIPrincipal** result);
 129
 130     nsresult
 131     Init();
 132
 133     nsresult
 134     InitPrefs();
 135
 136     inline void
 137     ScriptSecurityPrefChanged();
 138
 139     inline void
 140     AddSitesToFileURIWhitelist(const nsCString& aSiteList);
 141
 142     nsCOMPtr<nsIPrincipal> mSystemPrincipal;
 143     bool mPrefInitialized;
 144     bool mIsJavaScriptEnabled;
 145     nsTArray<nsCOMPtr<nsIURI>> mFileURIWhitelist;
 146
 147     // This machinery controls new-style domain policies. The old-style
 148     // policy machinery will be removed soon.
 149     nsCOMPtr<nsIDomainPolicy> mDomainPolicy;
 150
 151     static bool sStrictFileOriginPolicy;
 152
 153     static nsIIOService    *sIOService;
 154     static nsIStringBundle *sStrBundle;
 155     static JSRuntime       *sRuntime;
 156 };
 157
 158 namespace mozilla {
 159
 160 void
 161 GetJarPrefix(uint32_t aAppid,
 162              bool aInMozBrowser,
 163              nsACString& aJarPrefix);
 164
 165 } // namespace mozilla
 166
 167 #endif // nsScriptSecurityManager_h__