1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #include
"nsISupports.idl"
11 * This interface allows the security manager to query custom per-addon security
14 [scriptable
, uuid(8a034ef9
-9d14
-4c5d
-8319-06c1ab574baa
)]
15 interface nsIAddonPolicyService
: nsISupports
18 * Returns the default content security policy which applies to extension
19 * documents which do not specify any custom policies.
21 readonly attribute AString defaultCSP
;
24 * Returns the base content security policy which applies to all extension resources.
26 AString getBaseCSP
(in AString aAddonId
);
29 * Returns the content security policy which applies to documents belonging
30 * to the extension with the given ID. This may be either a custom policy,
31 * if one was supplied, or the default policy if one was not.
33 AString getExtensionPageCSP
(in AString aAddonId
);
36 * Returns the generated background page as a data-URI, if any. If the addon
37 * does not have an auto-generated background page, an empty string is
40 ACString getGeneratedBackgroundPageUrl
(in ACString aAddonId
);
43 * Returns true if the addon was granted the |aPerm| API permission.
45 boolean addonHasPermission
(in AString aAddonId
, in AString aPerm
);
48 * Returns true if unprivileged code associated with the given addon may load
49 * data from |aURI|. If |aExplicit| is true, the <all_urls> permission and
50 * permissive host globs are ignored when checking for a match.
52 boolean addonMayLoadURI
(in AString aAddonId
, in nsIURI aURI
, [optional] in boolean aExplicit
);
55 * Returns the name of the WebExtension with the given ID, or the ID string
56 * if no matching add-on can be found.
58 AString getExtensionName
(in AString aAddonId
);
61 * Returns true if a given extension:// URI is web-accessible and loadable by the source.
62 * This should be called if the protocol flags for the extension URI has URI_WEB_ACCESSIBLE.
64 boolean sourceMayLoadExtensionURI
(in nsIURI aSourceURI
, in nsIURI aExtensionURI
);
67 * Maps an extension URI to the ID of the addon it belongs to.
69 AString extensionURIToAddonId
(in nsIURI aURI
);
73 * This interface exposes functionality related to add-on content policy
76 [scriptable
, uuid(7a4fe60b
-9131-45f5
-83f3
-dc63b5d71a5d
)]
77 interface nsIAddonContentPolicy
: nsISupports
79 /* options to pass to validateAddonCSP
81 * Manifest V2 uses CSP_ALLOW_ANY.
82 * In Manifest V3, extension_pages would use CSP_ALLOW_LOCALHOST and
83 * sandbox would use CSP_ALLOW_EVAL.
85 const unsigned long CSP_ALLOW_ANY
= 0xFFFF;
86 const unsigned long CSP_ALLOW_LOCALHOST
= (1<<0);
87 const unsigned long CSP_ALLOW_EVAL
= (1<<1);
88 const unsigned long CSP_ALLOW_REMOTE
= (1<<2);
91 * Checks a custom content security policy string, to ensure that it meets
92 * minimum security requirements. Returns null for valid policies, or a
93 * string describing the error for invalid policies.
95 AString validateAddonCSP
(in AString aPolicyString
, in unsigned long aPermittedPolicy
);