search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 1842773 - Part 5: Add ArrayBuffer.prototype.{maxByteLength,resizable} getters...
[gecko.git] / dom / base / nsContentPolicy.cpp
blob2c59d6fbf070af094bff35eda6c92d774e52d291
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 // vim: ft=cpp tw=80 sw=2 et ts=8
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 /*
8 * Implementation of the "@mozilla.org/layout/content-policy;1" contract.
9 */
10
11 #include "mozilla/Logging.h"
12
13 #include "nsISupports.h"
14 #include "nsXPCOM.h"
15 #include "nsContentPolicyUtils.h"
16 #include "mozilla/dom/nsCSPService.h"
17 #include "nsContentPolicy.h"
18 #include "nsIURI.h"
19 #include "nsIBrowserChild.h"
20 #include "nsIContent.h"
21 #include "nsIImageLoadingContent.h"
22 #include "nsCOMArray.h"
23 #include "nsContentUtils.h"
24 #include "mozilla/dom/nsMixedContentBlocker.h"
25 #include "nsIContentSecurityPolicy.h"
26
27 class nsIDOMWindow;
28
29 using mozilla::LogLevel;
30
31 NS_IMPL_ISUPPORTS(nsContentPolicy, nsIContentPolicy)
32
33 static mozilla::LazyLogModule gConPolLog("nsContentPolicy");
34
35 nsresult NS_NewContentPolicy(nsIContentPolicy** aResult) {
36 *aResult = new nsContentPolicy;
37 NS_ADDREF(*aResult);
38 return NS_OK;
39 }
40
41 nsContentPolicy::nsContentPolicy() : mPolicies(NS_CONTENTPOLICY_CATEGORY) {}
42
43 nsContentPolicy::~nsContentPolicy() = default;
44
45 #ifdef DEBUG
46 # define WARN_IF_URI_UNINITIALIZED(uri, name) \
47 PR_BEGIN_MACRO \
48 if ((uri)) { \
49 nsAutoCString spec; \
50 (uri)->GetAsciiSpec(spec); \
51 if (spec.IsEmpty()) { \
52 NS_WARNING(name " is uninitialized, fix caller"); \
53 } \
54 } \
55 PR_END_MACRO
56
57 #else // ! defined(DEBUG)
58
59 # define WARN_IF_URI_UNINITIALIZED(uri, name)
60
61 #endif // defined(DEBUG)
62
63 inline nsresult nsContentPolicy::CheckPolicy(CPMethod policyMethod,
64 nsIURI* contentLocation,
65 nsILoadInfo* loadInfo,
66 int16_t* decision) {
67 nsCOMPtr<nsISupports> requestingContext = loadInfo->GetLoadingContext();
68 // sanity-check passed-through parameters
69 MOZ_ASSERT(decision, "Null out pointer");
70 WARN_IF_URI_UNINITIALIZED(contentLocation, "Request URI");
71
72 #ifdef DEBUG
73 {
74 nsCOMPtr<nsINode> node(do_QueryInterface(requestingContext));
75 nsCOMPtr<nsIDOMWindow> window(do_QueryInterface(requestingContext));
76 nsCOMPtr<nsIBrowserChild> browserChild(
77 do_QueryInterface(requestingContext));
78 NS_ASSERTION(!requestingContext || node || window || browserChild,
79 "Context should be a DOM node, DOM window or a browserChild!");
80 }
81 #endif
82
83 nsCOMPtr<mozilla::dom::Document> doc;
84 nsCOMPtr<nsIContent> node = do_QueryInterface(requestingContext);
85 if (node) {
86 doc = node->OwnerDoc();
87 }
88 if (!doc) {
89 doc = do_QueryInterface(requestingContext);
90 }
91
92 /*
93 * Enumerate mPolicies and ask each of them, taking the logical AND of
94 * their permissions.
95 */
96 nsresult rv;
97 const nsCOMArray<nsIContentPolicy>& entries = mPolicies.GetCachedEntries();
98 if (doc) {
99 if (nsCOMPtr<nsIContentSecurityPolicy> csp = doc->GetCsp()) {
100 csp->EnsureEventTarget(mozilla::GetMainThreadSerialEventTarget());
101 }
102 }
103
104 int32_t count = entries.Count();
105 for (int32_t i = 0; i < count; i++) {
106 /* check the appropriate policy */
107 rv = (entries[i]->*policyMethod)(contentLocation, loadInfo, decision);
108
109 if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
110 /* policy says no, no point continuing to check */
111 return NS_OK;
112 }
113 }
114
115 // everyone returned failure, or no policies: sanitize result
116 *decision = nsIContentPolicy::ACCEPT;
117 return NS_OK;
118 }
119
120 // uses the parameters from ShouldXYZ to produce and log a message
121 // logType must be a literal string constant
122 #define LOG_CHECK(logType) \
123 PR_BEGIN_MACRO \
124 /* skip all this nonsense if the call failed or logging is disabled */ \
125 if (NS_SUCCEEDED(rv) && MOZ_LOG_TEST(gConPolLog, LogLevel::Debug)) { \
126 const char* resultName; \
127 if (decision) { \
128 resultName = NS_CP_ResponseName(*decision); \
129 } else { \
130 resultName = "(null ptr)"; \
131 } \
132 MOZ_LOG( \
133 gConPolLog, LogLevel::Debug, \
134 ("Content Policy: " logType ": <%s> result=%s", \
135 contentLocation ? contentLocation->GetSpecOrDefault().get() : "None", \
136 resultName)); \
137 } \
138 PR_END_MACRO
139
140 NS_IMETHODIMP
141 nsContentPolicy::ShouldLoad(nsIURI* contentLocation, nsILoadInfo* loadInfo,
142 int16_t* decision) {
143 // ShouldProcess does not need a content location, but we do
144 MOZ_ASSERT(contentLocation, "Must provide request location");
145 nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentLocation,
146 loadInfo, decision);
147 LOG_CHECK("ShouldLoad");
148
149 return rv;
150 }
151
152 NS_IMETHODIMP
153 nsContentPolicy::ShouldProcess(nsIURI* contentLocation, nsILoadInfo* loadInfo,
154 int16_t* decision) {
155 nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentLocation,
156 loadInfo, decision);
157 LOG_CHECK("ShouldProcess");
158
159 return rv;
160 }