caps/OriginAttributes.h

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #ifndef mozilla_OriginAttributes_h
   8 #define mozilla_OriginAttributes_h
   9
  10 #include "mozilla/dom/ChromeUtils.h"
  11 #include "mozilla/dom/ChromeUtilsBinding.h"
  12 #include "nsIScriptSecurityManager.h"
  13
  14 namespace mozilla {
  15
  16 class OriginAttributes : public dom::OriginAttributesDictionary {
  17  public:
  18   OriginAttributes() {}
  19
  20   explicit OriginAttributes(bool aInIsolatedMozBrowser) {
  21     mInIsolatedMozBrowser = aInIsolatedMozBrowser;
  22   }
  23
  24   explicit OriginAttributes(const OriginAttributesDictionary& aOther)
  25       : OriginAttributesDictionary(aOther) {}
  26
  27   void SetFirstPartyDomain(const bool aIsTopLevelDocument, nsIURI* aURI,
  28                            bool aForced = false);
  29   void SetFirstPartyDomain(const bool aIsTopLevelDocument,
  30                            const nsACString& aDomain);
  31
  32   enum {
  33     STRIP_FIRST_PARTY_DOMAIN = 0x01,
  34     STRIP_USER_CONTEXT_ID = 0x02,
  35   };
  36
  37   inline void StripAttributes(uint32_t aFlags) {
  38     if (aFlags & STRIP_FIRST_PARTY_DOMAIN) {
  39       mFirstPartyDomain.Truncate();
  40     }
  41
  42     if (aFlags & STRIP_USER_CONTEXT_ID) {
  43       mUserContextId = nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID;
  44     }
  45   }
  46
  47   bool operator==(const OriginAttributes& aOther) const {
  48     return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
  49            mUserContextId == aOther.mUserContextId &&
  50            mPrivateBrowsingId == aOther.mPrivateBrowsingId &&
  51            mFirstPartyDomain == aOther.mFirstPartyDomain;
  52   }
  53
  54   bool operator!=(const OriginAttributes& aOther) const {
  55     return !(*this == aOther);
  56   }
  57
  58   MOZ_MUST_USE bool EqualsIgnoringFPD(const OriginAttributes& aOther) const {
  59     return mInIsolatedMozBrowser == aOther.mInIsolatedMozBrowser &&
  60            mUserContextId == aOther.mUserContextId &&
  61            mPrivateBrowsingId == aOther.mPrivateBrowsingId;
  62   }
  63
  64   // Serializes/Deserializes non-default values into the suffix format, i.e.
  65   // |!key1=value1&key2=value2|. If there are no non-default attributes, this
  66   // returns an empty string.
  67   void CreateSuffix(nsACString& aStr) const;
  68
  69   // Don't use this method for anything else than debugging!
  70   void CreateAnonymizedSuffix(nsACString& aStr) const;
  71
  72   MOZ_MUST_USE bool PopulateFromSuffix(const nsACString& aStr);
  73
  74   // Populates the attributes from a string like
  75   // |uri!key1=value1&key2=value2| and returns the uri without the suffix.
  76   MOZ_MUST_USE bool PopulateFromOrigin(const nsACString& aOrigin,
  77                                        nsACString& aOriginNoSuffix);
  78
  79   // Helper function to match mIsPrivateBrowsing to existing private browsing
  80   // flags. Once all other flags are removed, this can be removed too.
  81   void SyncAttributesWithPrivateBrowsing(bool aInPrivateBrowsing);
  82
  83   // check if "privacy.firstparty.isolate" is enabled.
  84   static inline bool IsFirstPartyEnabled() { return sFirstPartyIsolation; }
  85
  86   // check if the access of window.opener across different FPDs is restricted.
  87   // We only restrict the access of window.opener when first party isolation
  88   // is enabled and "privacy.firstparty.isolate.restrict_opener_access" is on.
  89   static inline bool IsRestrictOpenerAccessForFPI() {
  90     // We always want to restrict window.opener if first party isolation is
  91     // disabled.
  92     return !sFirstPartyIsolation || sRestrictedOpenerAccess;
  93   }
  94
  95   // Check whether we block the postMessage across different FPDs when the
  96   // targetOrigin is '*'.
  97   static inline MOZ_MUST_USE bool IsBlockPostMessageForFPI() {
  98     return sFirstPartyIsolation && sBlockPostMessageForFPI;
  99   }
 100
 101   // returns true if the originAttributes suffix has mPrivateBrowsingId value
 102   // different than 0.
 103   static bool IsPrivateBrowsing(const nsACString& aOrigin);
 104
 105   static void InitPrefs();
 106
 107  private:
 108   static bool sFirstPartyIsolation;
 109   static bool sRestrictedOpenerAccess;
 110   static bool sBlockPostMessageForFPI;
 111 };
 112
 113 class OriginAttributesPattern : public dom::OriginAttributesPatternDictionary {
 114  public:
 115   // To convert a JSON string to an OriginAttributesPattern, do the following:
 116   //
 117   // OriginAttributesPattern pattern;
 118   // if (!pattern.Init(aJSONString)) {
 119   //   ... // handle failure.
 120   // }
 121   OriginAttributesPattern() {}
 122
 123   explicit OriginAttributesPattern(
 124       const OriginAttributesPatternDictionary& aOther)
 125       : OriginAttributesPatternDictionary(aOther) {}
 126
 127   // Performs a match of |aAttrs| against this pattern.
 128   bool Matches(const OriginAttributes& aAttrs) const {
 129     if (mInIsolatedMozBrowser.WasPassed() &&
 130         mInIsolatedMozBrowser.Value() != aAttrs.mInIsolatedMozBrowser) {
 131       return false;
 132     }
 133
 134     if (mUserContextId.WasPassed() &&
 135         mUserContextId.Value() != aAttrs.mUserContextId) {
 136       return false;
 137     }
 138
 139     if (mPrivateBrowsingId.WasPassed() &&
 140         mPrivateBrowsingId.Value() != aAttrs.mPrivateBrowsingId) {
 141       return false;
 142     }
 143
 144     if (mFirstPartyDomain.WasPassed() &&
 145         mFirstPartyDomain.Value() != aAttrs.mFirstPartyDomain) {
 146       return false;
 147     }
 148
 149     return true;
 150   }
 151
 152   bool Overlaps(const OriginAttributesPattern& aOther) const {
 153     if (mInIsolatedMozBrowser.WasPassed() &&
 154         aOther.mInIsolatedMozBrowser.WasPassed() &&
 155         mInIsolatedMozBrowser.Value() != aOther.mInIsolatedMozBrowser.Value()) {
 156       return false;
 157     }
 158
 159     if (mUserContextId.WasPassed() && aOther.mUserContextId.WasPassed() &&
 160         mUserContextId.Value() != aOther.mUserContextId.Value()) {
 161       return false;
 162     }
 163
 164     if (mPrivateBrowsingId.WasPassed() &&
 165         aOther.mPrivateBrowsingId.WasPassed() &&
 166         mPrivateBrowsingId.Value() != aOther.mPrivateBrowsingId.Value()) {
 167       return false;
 168     }
 169
 170     if (mFirstPartyDomain.WasPassed() && aOther.mFirstPartyDomain.WasPassed() &&
 171         mFirstPartyDomain.Value() != aOther.mFirstPartyDomain.Value()) {
 172       return false;
 173     }
 174
 175     return true;
 176   }
 177 };
 178
 179 }  // namespace mozilla
 180
 181 #endif /* mozilla_OriginAttributes_h */