search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bumping manifests a=b2g-bump
[gecko.git] / caps / nsPrincipal.cpp
blobbcbc909f2c75e42561c43e12a75b8aea0a759b39
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=2 sw=2 et tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #include "nsPrincipal.h"
8
9 #include "mozIThirdPartyUtil.h"
10 #include "nscore.h"
11 #include "nsScriptSecurityManager.h"
12 #include "nsString.h"
13 #include "nsReadableUtils.h"
14 #include "pratom.h"
15 #include "nsIURI.h"
16 #include "nsJSPrincipals.h"
17 #include "nsIObjectInputStream.h"
18 #include "nsIObjectOutputStream.h"
19 #include "nsIClassInfoImpl.h"
20 #include "nsIProtocolHandler.h"
21 #include "nsError.h"
22 #include "nsIContentSecurityPolicy.h"
23 #include "jswrapper.h"
24
25 #include "mozilla/dom/ScriptSettings.h"
26 #include "mozilla/Preferences.h"
27 #include "mozilla/HashFunctions.h"
28
29 #include "nsIAppsService.h"
30 #include "mozIApplication.h"
31
32 using namespace mozilla;
33
34 static bool gCodeBasePrincipalSupport = false;
35 static bool gIsObservingCodeBasePrincipalSupport = false;
36
37 static bool URIIsImmutable(nsIURI* aURI)
38 {
39 nsCOMPtr<nsIMutable> mutableObj(do_QueryInterface(aURI));
40 bool isMutable;
41 return
42 mutableObj &&
43 NS_SUCCEEDED(mutableObj->GetMutable(&isMutable)) &&
44 !isMutable;
45 }
46
47 // Static member variables
48 const char nsBasePrincipal::sInvalid[] = "Invalid";
49
50 NS_IMETHODIMP_(MozExternalRefCountType)
51 nsBasePrincipal::AddRef()
52 {
53 NS_PRECONDITION(int32_t(refcount) >= 0, "illegal refcnt");
54 // XXXcaa does this need to be threadsafe? See bug 143559.
55 nsrefcnt count = ++refcount;
56 NS_LOG_ADDREF(this, count, "nsBasePrincipal", sizeof(*this));
57 return count;
58 }
59
60 NS_IMETHODIMP_(MozExternalRefCountType)
61 nsBasePrincipal::Release()
62 {
63 NS_PRECONDITION(0 != refcount, "dup release");
64 nsrefcnt count = --refcount;
65 NS_LOG_RELEASE(this, count, "nsBasePrincipal");
66 if (count == 0) {
67 delete this;
68 }
69
70 return count;
71 }
72
73 nsBasePrincipal::nsBasePrincipal()
74 {
75 if (!gIsObservingCodeBasePrincipalSupport) {
76 nsresult rv =
77 Preferences::AddBoolVarCache(&gCodeBasePrincipalSupport,
78 "signed.applets.codebase_principal_support",
79 false);
80 gIsObservingCodeBasePrincipalSupport = NS_SUCCEEDED(rv);
81 NS_WARN_IF_FALSE(gIsObservingCodeBasePrincipalSupport,
82 "Installing gCodeBasePrincipalSupport failed!");
83 }
84 }
85
86 nsBasePrincipal::~nsBasePrincipal(void)
87 {
88 }
89
90 NS_IMETHODIMP
91 nsBasePrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
92 {
93 NS_IF_ADDREF(*aCsp = mCSP);
94 return NS_OK;
95 }
96
97 NS_IMETHODIMP
98 nsBasePrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
99 {
100 // If CSP was already set, it should not be destroyed! Instead, it should
101 // get set anew when a new principal is created.
102 if (mCSP)
103 return NS_ERROR_ALREADY_INITIALIZED;
104
105 mCSP = aCsp;
106 return NS_OK;
107 }
108
109 #ifdef DEBUG
110 void nsPrincipal::dumpImpl()
111 {
112 nsAutoCString str;
113 GetScriptLocation(str);
114 fprintf(stderr, "nsPrincipal (%p) = %s\n", static_cast<void*>(this), str.get());
115 }
116 #endif
117
118 NS_IMPL_CLASSINFO(nsPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
119 NS_PRINCIPAL_CID)
120 NS_IMPL_QUERY_INTERFACE_CI(nsPrincipal,
121 nsIPrincipal,
122 nsISerializable)
123 NS_IMPL_CI_INTERFACE_GETTER(nsPrincipal,
124 nsIPrincipal,
125 nsISerializable)
126 NS_IMPL_ADDREF_INHERITED(nsPrincipal, nsBasePrincipal)
127 NS_IMPL_RELEASE_INHERITED(nsPrincipal, nsBasePrincipal)
128
129 nsPrincipal::nsPrincipal()
130 : mAppId(nsIScriptSecurityManager::UNKNOWN_APP_ID)
131 , mInMozBrowser(false)
132 , mCodebaseImmutable(false)
133 , mDomainImmutable(false)
134 , mInitialized(false)
135 { }
136
137 nsPrincipal::~nsPrincipal()
138 { }
139
140 nsresult
141 nsPrincipal::Init(nsIURI *aCodebase,
142 uint32_t aAppId,
143 bool aInMozBrowser)
144 {
145 NS_ENSURE_STATE(!mInitialized);
146 NS_ENSURE_ARG(aCodebase);
147
148 mInitialized = true;
149
150 mCodebase = NS_TryToMakeImmutable(aCodebase);
151 mCodebaseImmutable = URIIsImmutable(mCodebase);
152
153 mAppId = aAppId;
154 mInMozBrowser = aInMozBrowser;
155
156 return NS_OK;
157 }
158
159 void
160 nsPrincipal::GetScriptLocation(nsACString &aStr)
161 {
162 mCodebase->GetSpec(aStr);
163 }
164
165 /* static */ nsresult
166 nsPrincipal::GetOriginForURI(nsIURI* aURI, char **aOrigin)
167 {
168 if (!aURI) {
169 return NS_ERROR_FAILURE;
170 }
171
172 *aOrigin = nullptr;
173
174 nsCOMPtr<nsIURI> origin = NS_GetInnermostURI(aURI);
175 if (!origin) {
176 return NS_ERROR_FAILURE;
177 }
178
179 nsAutoCString hostPort;
180
181 // chrome: URLs don't have a meaningful origin, so make
182 // sure we just get the full spec for them.
183 // XXX this should be removed in favor of the solution in
184 // bug 160042.
185 bool isChrome;
186 nsresult rv = origin->SchemeIs("chrome", &isChrome);
187 if (NS_SUCCEEDED(rv) && !isChrome) {
188 rv = origin->GetAsciiHost(hostPort);
189 // Some implementations return an empty string, treat it as no support
190 // for asciiHost by that implementation.
191 if (hostPort.IsEmpty()) {
192 rv = NS_ERROR_FAILURE;
193 }
194 }
195
196 int32_t port;
197 if (NS_SUCCEEDED(rv) && !isChrome) {
198 rv = origin->GetPort(&port);
199 }
200
201 if (NS_SUCCEEDED(rv) && !isChrome) {
202 if (port != -1) {
203 hostPort.Append(':');
204 hostPort.AppendInt(port, 10);
205 }
206
207 nsAutoCString scheme;
208 rv = origin->GetScheme(scheme);
209 NS_ENSURE_SUCCESS(rv, rv);
210
211 *aOrigin = ToNewCString(scheme + NS_LITERAL_CSTRING("://") + hostPort);
212 }
213 else {
214 // Some URIs (e.g., nsSimpleURI) don't support asciiHost. Just
215 // get the full spec.
216 nsAutoCString spec;
217 // XXX nsMozIconURI and nsJARURI don't implement this correctly, they
218 // both fall back to GetSpec. That needs to be fixed.
219 rv = origin->GetAsciiSpec(spec);
220 NS_ENSURE_SUCCESS(rv, rv);
221
222 *aOrigin = ToNewCString(spec);
223 }
224
225 return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
226 }
227
228 NS_IMETHODIMP
229 nsPrincipal::GetOrigin(char **aOrigin)
230 {
231 return GetOriginForURI(mCodebase, aOrigin);
232 }
233
234 NS_IMETHODIMP
235 nsPrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
236 {
237 *aResult = false;
238
239 if (!aOther) {
240 NS_WARNING("Need a principal to compare this to!");
241 return NS_OK;
242 }
243
244 if (aOther == this) {
245 *aResult = true;
246 return NS_OK;
247 }
248
249 if (!nsScriptSecurityManager::AppAttributesEqual(this, aOther)) {
250 return NS_OK;
251 }
252
253 // If either the subject or the object has changed its principal by
254 // explicitly setting document.domain then the other must also have
255 // done so in order to be considered the same origin. This prevents
256 // DNS spoofing based on document.domain (154930)
257
258 nsCOMPtr<nsIURI> thisURI;
259 this->GetDomain(getter_AddRefs(thisURI));
260 bool thisSetDomain = !!thisURI;
261 if (!thisURI) {
262 this->GetURI(getter_AddRefs(thisURI));
263 }
264
265 nsCOMPtr<nsIURI> otherURI;
266 aOther->GetDomain(getter_AddRefs(otherURI));
267 bool otherSetDomain = !!otherURI;
268 if (!otherURI) {
269 aOther->GetURI(getter_AddRefs(otherURI));
270 }
271
272 *aResult = thisSetDomain == otherSetDomain &&
273 nsScriptSecurityManager::SecurityCompareURIs(thisURI, otherURI);
274 return NS_OK;
275 }
276
277 NS_IMETHODIMP
278 nsPrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
279 {
280 *aResult = false;
281
282 if (!aOther) {
283 NS_WARNING("Need a principal to compare this to!");
284 return NS_OK;
285 }
286
287 if (aOther == this) {
288 *aResult = true;
289 return NS_OK;
290 }
291
292 if (!nsScriptSecurityManager::AppAttributesEqual(this, aOther)) {
293 return NS_OK;
294 }
295
296 nsCOMPtr<nsIURI> otherURI;
297 nsresult rv = aOther->GetURI(getter_AddRefs(otherURI));
298 if (NS_FAILED(rv)) {
299 return rv;
300 }
301
302 NS_ASSERTION(mCodebase,
303 "shouldn't be calling this on principals from preferences");
304
305 // Compare codebases.
306 *aResult = nsScriptSecurityManager::SecurityCompareURIs(mCodebase,
307 otherURI);
308 return NS_OK;
309 }
310
311 NS_IMETHODIMP
312 nsPrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
313 {
314 return Equals(aOther, aResult);
315 }
316
317 NS_IMETHODIMP
318 nsPrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
319 {
320 return EqualsConsideringDomain(aOther, aResult);
321 }
322
323 NS_IMETHODIMP
324 nsPrincipal::GetURI(nsIURI** aURI)
325 {
326 if (mCodebaseImmutable) {
327 NS_ADDREF(*aURI = mCodebase);
328 return NS_OK;
329 }
330
331 if (!mCodebase) {
332 *aURI = nullptr;
333 return NS_OK;
334 }
335
336 return NS_EnsureSafeToReturn(mCodebase, aURI);
337 }
338
339 NS_IMETHODIMP
340 nsPrincipal::CheckMayLoad(nsIURI* aURI, bool aReport, bool aAllowIfInheritsPrincipal)
341 {
342 if (aAllowIfInheritsPrincipal) {
343 // If the caller specified to allow loads of URIs that inherit
344 // our principal, allow the load if this URI inherits its principal
345 if (nsPrincipal::IsPrincipalInherited(aURI)) {
346 return NS_OK;
347 }
348 }
349
350 // See if aURI is something like a Blob URI that is actually associated with
351 // a principal.
352 nsCOMPtr<nsIURIWithPrincipal> uriWithPrin = do_QueryInterface(aURI);
353 nsCOMPtr<nsIPrincipal> uriPrin;
354 if (uriWithPrin) {
355 uriWithPrin->GetPrincipal(getter_AddRefs(uriPrin));
356 }
357 if (uriPrin && nsIPrincipal::Subsumes(uriPrin)) {
358 return NS_OK;
359 }
360
361 if (nsScriptSecurityManager::SecurityCompareURIs(mCodebase, aURI)) {
362 return NS_OK;
363 }
364
365 // If strict file origin policy is in effect, local files will always fail
366 // SecurityCompareURIs unless they are identical. Explicitly check file origin
367 // policy, in that case.
368 if (nsScriptSecurityManager::GetStrictFileOriginPolicy() &&
369 NS_URIIsLocalFile(aURI) &&
370 NS_RelaxStrictFileOriginPolicy(aURI, mCodebase)) {
371 return NS_OK;
372 }
373
374 if (aReport) {
375 nsScriptSecurityManager::ReportError(nullptr, NS_LITERAL_STRING("CheckSameOriginError"), mCodebase, aURI);
376 }
377 return NS_ERROR_DOM_BAD_URI;
378 }
379
380 void
381 nsPrincipal::SetURI(nsIURI* aURI)
382 {
383 mCodebase = NS_TryToMakeImmutable(aURI);
384 mCodebaseImmutable = URIIsImmutable(mCodebase);
385 }
386
387 NS_IMETHODIMP
388 nsPrincipal::GetHashValue(uint32_t* aValue)
389 {
390 NS_PRECONDITION(mCodebase, "Need a codebase");
391
392 *aValue = nsScriptSecurityManager::HashPrincipalByOrigin(this);
393 return NS_OK;
394 }
395
396 NS_IMETHODIMP
397 nsPrincipal::GetDomain(nsIURI** aDomain)
398 {
399 if (!mDomain) {
400 *aDomain = nullptr;
401 return NS_OK;
402 }
403
404 if (mDomainImmutable) {
405 NS_ADDREF(*aDomain = mDomain);
406 return NS_OK;
407 }
408
409 return NS_EnsureSafeToReturn(mDomain, aDomain);
410 }
411
412 NS_IMETHODIMP
413 nsPrincipal::SetDomain(nsIURI* aDomain)
414 {
415 mDomain = NS_TryToMakeImmutable(aDomain);
416 mDomainImmutable = URIIsImmutable(mDomain);
417
418 // Recompute all wrappers between compartments using this principal and other
419 // non-chrome compartments.
420 AutoSafeJSContext cx;
421 JSPrincipals *principals = nsJSPrincipals::get(static_cast<nsIPrincipal*>(this));
422 bool success = js::RecomputeWrappers(cx, js::ContentCompartmentsOnly(),
423 js::CompartmentsWithPrincipals(principals));
424 NS_ENSURE_TRUE(success, NS_ERROR_FAILURE);
425 success = js::RecomputeWrappers(cx, js::CompartmentsWithPrincipals(principals),
426 js::ContentCompartmentsOnly());
427 NS_ENSURE_TRUE(success, NS_ERROR_FAILURE);
428
429 return NS_OK;
430 }
431
432 NS_IMETHODIMP
433 nsPrincipal::GetJarPrefix(nsACString& aJarPrefix)
434 {
435 MOZ_ASSERT(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
436
437 mozilla::GetJarPrefix(mAppId, mInMozBrowser, aJarPrefix);
438 return NS_OK;
439 }
440
441 NS_IMETHODIMP
442 nsPrincipal::GetAppStatus(uint16_t* aAppStatus)
443 {
444 *aAppStatus = GetAppStatus();
445 return NS_OK;
446 }
447
448 NS_IMETHODIMP
449 nsPrincipal::GetAppId(uint32_t* aAppId)
450 {
451 if (mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
452 MOZ_ASSERT(false);
453 *aAppId = nsIScriptSecurityManager::NO_APP_ID;
454 return NS_OK;
455 }
456
457 *aAppId = mAppId;
458 return NS_OK;
459 }
460
461 NS_IMETHODIMP
462 nsPrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
463 {
464 *aIsInBrowserElement = mInMozBrowser;
465 return NS_OK;
466 }
467
468 NS_IMETHODIMP
469 nsPrincipal::GetUnknownAppId(bool* aUnknownAppId)
470 {
471 *aUnknownAppId = mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID;
472 return NS_OK;
473 }
474
475 NS_IMETHODIMP
476 nsPrincipal::GetIsNullPrincipal(bool* aIsNullPrincipal)
477 {
478 *aIsNullPrincipal = false;
479 return NS_OK;
480 }
481
482 NS_IMETHODIMP
483 nsPrincipal::GetBaseDomain(nsACString& aBaseDomain)
484 {
485 // For a file URI, we return the file path.
486 if (NS_URIIsLocalFile(mCodebase)) {
487 nsCOMPtr<nsIURL> url = do_QueryInterface(mCodebase);
488
489 if (url) {
490 return url->GetFilePath(aBaseDomain);
491 }
492 }
493
494 bool hasNoRelativeFlag;
495 nsresult rv = NS_URIChainHasFlags(mCodebase,
496 nsIProtocolHandler::URI_NORELATIVE,
497 &hasNoRelativeFlag);
498 if (NS_WARN_IF(NS_FAILED(rv))) {
499 return rv;
500 }
501
502 if (hasNoRelativeFlag) {
503 return mCodebase->GetSpec(aBaseDomain);
504 }
505
506 // For everything else, we ask the TLD service via
507 // the ThirdPartyUtil.
508 nsCOMPtr<mozIThirdPartyUtil> thirdPartyUtil =
509 do_GetService(THIRDPARTYUTIL_CONTRACTID);
510 if (thirdPartyUtil) {
511 return thirdPartyUtil->GetBaseDomain(mCodebase, aBaseDomain);
512 }
513
514 return NS_OK;
515 }
516
517 NS_IMETHODIMP
518 nsPrincipal::Read(nsIObjectInputStream* aStream)
519 {
520 nsCOMPtr<nsISupports> supports;
521 nsCOMPtr<nsIURI> codebase;
522 nsresult rv = NS_ReadOptionalObject(aStream, true, getter_AddRefs(supports));
523 if (NS_FAILED(rv)) {
524 return rv;
525 }
526
527 codebase = do_QueryInterface(supports);
528
529 nsCOMPtr<nsIURI> domain;
530 rv = NS_ReadOptionalObject(aStream, true, getter_AddRefs(supports));
531 if (NS_FAILED(rv)) {
532 return rv;
533 }
534
535 domain = do_QueryInterface(supports);
536
537 uint32_t appId;
538 rv = aStream->Read32(&appId);
539 NS_ENSURE_SUCCESS(rv, rv);
540
541 bool inMozBrowser;
542 rv = aStream->ReadBoolean(&inMozBrowser);
543 NS_ENSURE_SUCCESS(rv, rv);
544
545 rv = NS_ReadOptionalObject(aStream, true, getter_AddRefs(supports));
546 NS_ENSURE_SUCCESS(rv, rv);
547
548 // This may be null.
549 nsCOMPtr<nsIContentSecurityPolicy> csp = do_QueryInterface(supports, &rv);
550
551 rv = Init(codebase, appId, inMozBrowser);
552 NS_ENSURE_SUCCESS(rv, rv);
553
554 rv = SetCsp(csp);
555 NS_ENSURE_SUCCESS(rv, rv);
556
557 // need to link in the CSP context here (link in the URI of the protected
558 // resource).
559 if (csp) {
560 csp->SetRequestContext(codebase, nullptr, nullptr);
561 }
562
563 SetDomain(domain);
564
565 return NS_OK;
566 }
567
568 NS_IMETHODIMP
569 nsPrincipal::Write(nsIObjectOutputStream* aStream)
570 {
571 NS_ENSURE_STATE(mCodebase);
572
573 nsresult rv = NS_WriteOptionalCompoundObject(aStream, mCodebase, NS_GET_IID(nsIURI),
574 true);
575 if (NS_FAILED(rv)) {
576 return rv;
577 }
578
579 rv = NS_WriteOptionalCompoundObject(aStream, mDomain, NS_GET_IID(nsIURI),
580 true);
581 if (NS_FAILED(rv)) {
582 return rv;
583 }
584
585 aStream->Write32(mAppId);
586 aStream->WriteBoolean(mInMozBrowser);
587
588 rv = NS_WriteOptionalCompoundObject(aStream, mCSP,
589 NS_GET_IID(nsIContentSecurityPolicy),
590 true);
591 if (NS_FAILED(rv)) {
592 return rv;
593 }
594
595 // mCodebaseImmutable and mDomainImmutable will be recomputed based
596 // on the deserialized URIs in Read().
597
598 return NS_OK;
599 }
600
601 uint16_t
602 nsPrincipal::GetAppStatus()
603 {
604 if (mAppId == nsIScriptSecurityManager::UNKNOWN_APP_ID) {
605 NS_WARNING("Asking for app status on a principal with an unknown app id");
606 return nsIPrincipal::APP_STATUS_NOT_INSTALLED;
607 }
608 return nsScriptSecurityManager::AppStatusForPrincipal(this);
609 }
610
611 /************************************************************************************************************************/
612
613 static const char EXPANDED_PRINCIPAL_SPEC[] = "[Expanded Principal]";
614
615 NS_IMPL_CLASSINFO(nsExpandedPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
616 NS_EXPANDEDPRINCIPAL_CID)
617 NS_IMPL_QUERY_INTERFACE_CI(nsExpandedPrincipal,
618 nsIPrincipal,
619 nsIExpandedPrincipal)
620 NS_IMPL_CI_INTERFACE_GETTER(nsExpandedPrincipal,
621 nsIPrincipal,
622 nsIExpandedPrincipal)
623 NS_IMPL_ADDREF_INHERITED(nsExpandedPrincipal, nsBasePrincipal)
624 NS_IMPL_RELEASE_INHERITED(nsExpandedPrincipal, nsBasePrincipal)
625
626 nsExpandedPrincipal::nsExpandedPrincipal(nsTArray<nsCOMPtr <nsIPrincipal> > &aWhiteList)
627 {
628 mPrincipals.AppendElements(aWhiteList);
629 }
630
631 nsExpandedPrincipal::~nsExpandedPrincipal()
632 { }
633
634 NS_IMETHODIMP
635 nsExpandedPrincipal::GetDomain(nsIURI** aDomain)
636 {
637 *aDomain = nullptr;
638 return NS_OK;
639 }
640
641 NS_IMETHODIMP
642 nsExpandedPrincipal::SetDomain(nsIURI* aDomain)
643 {
644 return NS_OK;
645 }
646
647 NS_IMETHODIMP
648 nsExpandedPrincipal::GetOrigin(char** aOrigin)
649 {
650 *aOrigin = ToNewCString(NS_LITERAL_CSTRING(EXPANDED_PRINCIPAL_SPEC));
651 return *aOrigin ? NS_OK : NS_ERROR_OUT_OF_MEMORY;
652 }
653
654 typedef nsresult (NS_STDCALL nsIPrincipal::*nsIPrincipalMemFn)(nsIPrincipal* aOther,
655 bool* aResult);
656 #define CALL_MEMBER_FUNCTION(THIS,MEM_FN) ((THIS)->*(MEM_FN))
657
658 // nsExpandedPrincipal::Equals and nsExpandedPrincipal::EqualsConsideringDomain
659 // shares the same logic. The difference only that Equals requires 'this'
660 // and 'aOther' to Subsume each other while EqualsConsideringDomain requires
661 // bidirectional SubsumesConsideringDomain.
662 static nsresult
663 Equals(nsExpandedPrincipal* aThis, nsIPrincipalMemFn aFn, nsIPrincipal* aOther,
664 bool* aResult)
665 {
666 // If (and only if) 'aThis' and 'aOther' both Subsume/SubsumesConsideringDomain
667 // each other, then they are Equal.
668 *aResult = false;
669 // Calling the corresponding subsume function on this (aFn).
670 nsresult rv = CALL_MEMBER_FUNCTION(aThis, aFn)(aOther, aResult);
671 NS_ENSURE_SUCCESS(rv, rv);
672 if (!*aResult)
673 return NS_OK;
674
675 // Calling the corresponding subsume function on aOther (aFn).
676 rv = CALL_MEMBER_FUNCTION(aOther, aFn)(aThis, aResult);
677 NS_ENSURE_SUCCESS(rv, rv);
678 return NS_OK;
679 }
680
681 NS_IMETHODIMP
682 nsExpandedPrincipal::Equals(nsIPrincipal* aOther, bool* aResult)
683 {
684 return ::Equals(this, &nsIPrincipal::Subsumes, aOther, aResult);
685 }
686
687 NS_IMETHODIMP
688 nsExpandedPrincipal::EqualsConsideringDomain(nsIPrincipal* aOther, bool* aResult)
689 {
690 return ::Equals(this, &nsIPrincipal::SubsumesConsideringDomain, aOther, aResult);
691 }
692
693 // nsExpandedPrincipal::Subsumes and nsExpandedPrincipal::SubsumesConsideringDomain
694 // shares the same logic. The difference only that Subsumes calls are replaced
695 //with SubsumesConsideringDomain calls in the second case.
696 static nsresult
697 Subsumes(nsExpandedPrincipal* aThis, nsIPrincipalMemFn aFn, nsIPrincipal* aOther,
698 bool* aResult)
699 {
700 nsresult rv;
701 nsCOMPtr<nsIExpandedPrincipal> expanded = do_QueryInterface(aOther);
702 if (expanded) {
703 // If aOther is an ExpandedPrincipal too, check if all of its
704 // principals are subsumed.
705 nsTArray< nsCOMPtr<nsIPrincipal> >* otherList;
706 expanded->GetWhiteList(&otherList);
707 for (uint32_t i = 0; i < otherList->Length(); ++i){
708 rv = CALL_MEMBER_FUNCTION(aThis, aFn)((*otherList)[i], aResult);
709 NS_ENSURE_SUCCESS(rv, rv);
710 if (!*aResult) {
711 // If we don't subsume at least one principal of aOther, return false.
712 return NS_OK;
713 }
714 }
715 } else {
716 // For a regular aOther, one of our principals must subsume it.
717 nsTArray< nsCOMPtr<nsIPrincipal> >* list;
718 aThis->GetWhiteList(&list);
719 for (uint32_t i = 0; i < list->Length(); ++i){
720 rv = CALL_MEMBER_FUNCTION((*list)[i], aFn)(aOther, aResult);
721 NS_ENSURE_SUCCESS(rv, rv);
722 if (*aResult) {
723 // If one of our principal subsumes it, return true.
724 return NS_OK;
725 }
726 }
727 }
728 return NS_OK;
729 }
730
731 #undef CALL_MEMBER_FUNCTION
732
733 NS_IMETHODIMP
734 nsExpandedPrincipal::Subsumes(nsIPrincipal* aOther, bool* aResult)
735 {
736 return ::Subsumes(this, &nsIPrincipal::Subsumes, aOther, aResult);
737 }
738
739 NS_IMETHODIMP
740 nsExpandedPrincipal::SubsumesConsideringDomain(nsIPrincipal* aOther, bool* aResult)
741 {
742 return ::Subsumes(this, &nsIPrincipal::SubsumesConsideringDomain, aOther, aResult);
743 }
744
745 NS_IMETHODIMP
746 nsExpandedPrincipal::CheckMayLoad(nsIURI* uri, bool aReport, bool aAllowIfInheritsPrincipal)
747 {
748 nsresult rv;
749 for (uint32_t i = 0; i < mPrincipals.Length(); ++i){
750 rv = mPrincipals[i]->CheckMayLoad(uri, aReport, aAllowIfInheritsPrincipal);
751 if (NS_SUCCEEDED(rv))
752 return rv;
753 }
754
755 return NS_ERROR_DOM_BAD_URI;
756 }
757
758 NS_IMETHODIMP
759 nsExpandedPrincipal::GetHashValue(uint32_t* result)
760 {
761 MOZ_CRASH("extended principal should never be used as key in a hash map");
762 }
763
764 NS_IMETHODIMP
765 nsExpandedPrincipal::GetURI(nsIURI** aURI)
766 {
767 *aURI = nullptr;
768 return NS_OK;
769 }
770
771 NS_IMETHODIMP
772 nsExpandedPrincipal::GetWhiteList(nsTArray<nsCOMPtr<nsIPrincipal> >** aWhiteList)
773 {
774 *aWhiteList = &mPrincipals;
775 return NS_OK;
776 }
777
778 NS_IMETHODIMP
779 nsExpandedPrincipal::GetJarPrefix(nsACString& aJarPrefix)
780 {
781 aJarPrefix.Truncate();
782 return NS_OK;
783 }
784
785 NS_IMETHODIMP
786 nsExpandedPrincipal::GetAppStatus(uint16_t* aAppStatus)
787 {
788 *aAppStatus = nsIPrincipal::APP_STATUS_NOT_INSTALLED;
789 return NS_OK;
790 }
791
792 NS_IMETHODIMP
793 nsExpandedPrincipal::GetAppId(uint32_t* aAppId)
794 {
795 *aAppId = nsIScriptSecurityManager::NO_APP_ID;
796 return NS_OK;
797 }
798
799 NS_IMETHODIMP
800 nsExpandedPrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
801 {
802 *aIsInBrowserElement = false;
803 return NS_OK;
804 }
805
806 NS_IMETHODIMP
807 nsExpandedPrincipal::GetUnknownAppId(bool* aUnknownAppId)
808 {
809 *aUnknownAppId = false;
810 return NS_OK;
811 }
812
813 NS_IMETHODIMP
814 nsExpandedPrincipal::GetIsNullPrincipal(bool* aIsNullPrincipal)
815 {
816 *aIsNullPrincipal = false;
817 return NS_OK;
818 }
819
820 NS_IMETHODIMP
821 nsExpandedPrincipal::GetBaseDomain(nsACString& aBaseDomain)
822 {
823 return NS_ERROR_NOT_AVAILABLE;
824 }
825
826 void
827 nsExpandedPrincipal::GetScriptLocation(nsACString& aStr)
828 {
829 // Is that a good idea to list it's principals?
830 aStr.Assign(EXPANDED_PRINCIPAL_SPEC);
831 }
832
833 #ifdef DEBUG
834 void nsExpandedPrincipal::dumpImpl()
835 {
836 fprintf(stderr, "nsExpandedPrincipal (%p)\n", static_cast<void*>(this));
837 }
838 #endif
839
840 //////////////////////////////////////////
841 // Methods implementing nsISerializable //
842 //////////////////////////////////////////
843
844 NS_IMETHODIMP
845 nsExpandedPrincipal::Read(nsIObjectInputStream* aStream)
846 {
847 return NS_ERROR_NOT_IMPLEMENTED;
848 }
849
850 NS_IMETHODIMP
851 nsExpandedPrincipal::Write(nsIObjectOutputStream* aStream)
852 {
853 return NS_ERROR_NOT_IMPLEMENTED;
854 }