1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* This Source Code Form is subject to the terms of the Mozilla Public
3 * License, v. 2.0. If a copy of the MPL was not distributed with this
4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 #include "nsIPrincipal.h"
9 #include "nsJSPrincipals.h"
11 #include "mozilla/BasePrincipal.h"
12 #include "mozilla/StaticPtr.h"
13 #include "mozilla/dom/StructuredCloneTags.h"
14 #include "mozilla/ipc/BackgroundUtils.h"
15 #include "mozilla/ipc/PBackgroundSharedTypes.h"
17 using namespace mozilla
;
18 using namespace mozilla::dom
;
19 using namespace mozilla::ipc
;
21 NS_IMETHODIMP_(MozExternalRefCountType
)
22 nsJSPrincipals::AddRef() {
23 MOZ_ASSERT(int32_t(refcount
) >= 0, "illegal refcnt");
24 nsrefcnt count
= ++refcount
;
25 NS_LOG_ADDREF(this, count
, "nsJSPrincipals", sizeof(*this));
29 NS_IMETHODIMP_(MozExternalRefCountType
)
30 nsJSPrincipals::Release() {
31 MOZ_ASSERT(0 != refcount
, "dup release");
32 nsrefcnt count
= --refcount
;
33 NS_LOG_RELEASE(this, count
, "nsJSPrincipals");
42 bool nsJSPrincipals::Subsume(JSPrincipals
* jsprin
, JSPrincipals
* other
) {
44 nsresult rv
= nsJSPrincipals::get(jsprin
)->Subsumes(
45 nsJSPrincipals::get(other
), &result
);
46 return NS_SUCCEEDED(rv
) && result
;
50 void nsJSPrincipals::Destroy(JSPrincipals
* jsprin
) {
51 // The JS runtime can call this method during the last GC when
52 // nsScriptSecurityManager is destroyed. So we must not assume here that
53 // the security manager still exists.
55 nsJSPrincipals
* nsjsprin
= nsJSPrincipals::get(jsprin
);
57 // We need to destroy the nsIPrincipal. We'll do this by adding
58 // to the refcount and calling release
60 #ifdef NS_BUILD_REFCNT_LOGGING
61 // The refcount logging considers AddRef-to-1 to indicate creation,
62 // so trick it into thinking it's otherwise, but balance the
63 // Release() we do below.
75 // Defined here so one can do principals->dump() in the debugger
76 JS_PUBLIC_API
void JSPrincipals::dump() {
77 if (debugToken
== nsJSPrincipals::DEBUG_TOKEN
) {
79 nsresult rv
= static_cast<nsJSPrincipals
*>(this)->GetScriptLocation(str
);
80 fprintf(stderr
, "nsIPrincipal (%p) = %s\n", static_cast<void*>(this),
81 NS_SUCCEEDED(rv
) ? str
.get() : "(unknown)");
84 "!!! JSPrincipals (%p) is not nsJSPrincipals instance - bad token: "
85 "actual=0x%x expected=0x%x\n",
86 this, unsigned(debugToken
), unsigned(nsJSPrincipals::DEBUG_TOKEN
));
93 bool nsJSPrincipals::ReadPrincipals(JSContext
* aCx
,
94 JSStructuredCloneReader
* aReader
,
95 JSPrincipals
** aOutPrincipals
) {
98 if (!JS_ReadUint32Pair(aReader
, &tag
, &unused
)) {
102 if (tag
!= SCTAG_DOM_NULL_PRINCIPAL
&& tag
!= SCTAG_DOM_SYSTEM_PRINCIPAL
&&
103 tag
!= SCTAG_DOM_CONTENT_PRINCIPAL
&&
104 tag
!= SCTAG_DOM_EXPANDED_PRINCIPAL
) {
105 xpc::Throw(aCx
, NS_ERROR_DOM_DATA_CLONE_ERR
);
109 return ReadKnownPrincipalType(aCx
, aReader
, tag
, aOutPrincipals
);
112 static bool ReadPrincipalInfo(JSStructuredCloneReader
* aReader
,
113 OriginAttributes
& aAttrs
, nsACString
& aSpec
,
114 nsACString
& aOriginNoSuffix
,
115 nsACString
& aBaseDomain
) {
116 uint32_t suffixLength
, specLength
;
117 if (!JS_ReadUint32Pair(aReader
, &suffixLength
, &specLength
)) {
121 nsAutoCString suffix
;
122 if (!suffix
.SetLength(suffixLength
, fallible
)) {
126 if (!JS_ReadBytes(aReader
, suffix
.BeginWriting(), suffixLength
)) {
130 if (!aAttrs
.PopulateFromSuffix(suffix
)) {
134 if (!aSpec
.SetLength(specLength
, fallible
)) {
138 if (!JS_ReadBytes(aReader
, aSpec
.BeginWriting(), specLength
)) {
142 uint32_t originNoSuffixLength
, dummy
;
143 if (!JS_ReadUint32Pair(aReader
, &originNoSuffixLength
, &dummy
)) {
147 MOZ_ASSERT(dummy
== 0);
152 if (!aOriginNoSuffix
.SetLength(originNoSuffixLength
, fallible
)) {
156 if (!JS_ReadBytes(aReader
, aOriginNoSuffix
.BeginWriting(),
157 originNoSuffixLength
)) {
161 uint32_t baseDomainIsVoid
, baseDomainLength
;
162 if (!JS_ReadUint32Pair(aReader
, &baseDomainIsVoid
, &baseDomainLength
)) {
166 if (baseDomainIsVoid
!= 0 && baseDomainIsVoid
!= 1) {
170 if (baseDomainIsVoid
) {
171 if (baseDomainLength
!= 0) {
175 aBaseDomain
.SetIsVoid(true);
179 if (!aBaseDomain
.SetLength(baseDomainLength
, fallible
)) {
183 if (!JS_ReadBytes(aReader
, aBaseDomain
.BeginWriting(), baseDomainLength
)) {
190 static bool ReadPrincipalInfo(JSStructuredCloneReader
* aReader
, uint32_t aTag
,
191 PrincipalInfo
& aInfo
) {
192 if (aTag
== SCTAG_DOM_SYSTEM_PRINCIPAL
) {
193 aInfo
= SystemPrincipalInfo();
194 } else if (aTag
== SCTAG_DOM_NULL_PRINCIPAL
) {
195 OriginAttributes attrs
;
197 nsAutoCString originNoSuffix
;
198 nsAutoCString baseDomain
;
199 if (!::ReadPrincipalInfo(aReader
, attrs
, spec
, originNoSuffix
,
203 aInfo
= NullPrincipalInfo(attrs
, spec
);
204 } else if (aTag
== SCTAG_DOM_EXPANDED_PRINCIPAL
) {
205 uint32_t length
, unused
;
206 if (!JS_ReadUint32Pair(aReader
, &length
, &unused
)) {
210 ExpandedPrincipalInfo expanded
;
212 for (uint32_t i
= 0; i
< length
; i
++) {
214 if (!JS_ReadUint32Pair(aReader
, &tag
, &unused
)) {
219 if (!ReadPrincipalInfo(aReader
, tag
, sub
)) {
222 expanded
.allowlist().AppendElement(sub
);
226 } else if (aTag
== SCTAG_DOM_CONTENT_PRINCIPAL
) {
227 OriginAttributes attrs
;
229 nsAutoCString originNoSuffix
;
230 nsAutoCString baseDomain
;
231 if (!::ReadPrincipalInfo(aReader
, attrs
, spec
, originNoSuffix
,
237 if (originNoSuffix
.IsEmpty()) {
242 MOZ_DIAGNOSTIC_ASSERT(!originNoSuffix
.IsEmpty());
244 // XXX: Do we care about mDomain for structured clone?
245 aInfo
= ContentPrincipalInfo(attrs
, originNoSuffix
, spec
, Nothing(),
251 MOZ_CRASH("unexpected principal structured clone tag");
259 bool nsJSPrincipals::ReadPrincipalInfo(JSStructuredCloneReader
* aReader
,
260 PrincipalInfo
& aInfo
) {
261 uint32_t tag
, unused
;
262 if (!JS_ReadUint32Pair(aReader
, &tag
, &unused
)) {
265 return ::ReadPrincipalInfo(aReader
, tag
, aInfo
);
269 bool nsJSPrincipals::ReadKnownPrincipalType(JSContext
* aCx
,
270 JSStructuredCloneReader
* aReader
,
272 JSPrincipals
** aOutPrincipals
) {
273 MOZ_ASSERT(aTag
== SCTAG_DOM_NULL_PRINCIPAL
||
274 aTag
== SCTAG_DOM_SYSTEM_PRINCIPAL
||
275 aTag
== SCTAG_DOM_CONTENT_PRINCIPAL
||
276 aTag
== SCTAG_DOM_EXPANDED_PRINCIPAL
);
279 if (!::ReadPrincipalInfo(aReader
, aTag
, info
)) {
283 auto principalOrErr
= PrincipalInfoToPrincipal(info
);
284 if (NS_WARN_IF(principalOrErr
.isErr())) {
285 xpc::Throw(aCx
, NS_ERROR_DOM_DATA_CLONE_ERR
);
289 nsCOMPtr
<nsIPrincipal
> principal
= principalOrErr
.unwrap();
291 *aOutPrincipals
= get(principal
.forget().take());
295 static bool WritePrincipalInfo(JSStructuredCloneWriter
* aWriter
,
296 const OriginAttributes
& aAttrs
,
297 const nsCString
& aSpec
,
298 const nsCString
& aOriginNoSuffix
,
299 const nsCString
& aBaseDomain
) {
300 nsAutoCString suffix
;
301 aAttrs
.CreateSuffix(suffix
);
303 if (!(JS_WriteUint32Pair(aWriter
, suffix
.Length(), aSpec
.Length()) &&
304 JS_WriteBytes(aWriter
, suffix
.get(), suffix
.Length()) &&
305 JS_WriteBytes(aWriter
, aSpec
.get(), aSpec
.Length()) &&
306 JS_WriteUint32Pair(aWriter
, aOriginNoSuffix
.Length(), 0) &&
307 JS_WriteBytes(aWriter
, aOriginNoSuffix
.get(),
308 aOriginNoSuffix
.Length()))) {
312 if (aBaseDomain
.IsVoid()) {
313 return JS_WriteUint32Pair(aWriter
, 1, 0);
316 return JS_WriteUint32Pair(aWriter
, 0, aBaseDomain
.Length()) &&
317 JS_WriteBytes(aWriter
, aBaseDomain
.get(), aBaseDomain
.Length());
321 bool nsJSPrincipals::WritePrincipalInfo(JSStructuredCloneWriter
* aWriter
,
322 const PrincipalInfo
& aInfo
) {
323 if (aInfo
.type() == PrincipalInfo::TNullPrincipalInfo
) {
324 const NullPrincipalInfo
& nullInfo
= aInfo
;
325 return JS_WriteUint32Pair(aWriter
, SCTAG_DOM_NULL_PRINCIPAL
, 0) &&
326 ::WritePrincipalInfo(aWriter
, nullInfo
.attrs(), nullInfo
.spec(),
329 if (aInfo
.type() == PrincipalInfo::TSystemPrincipalInfo
) {
330 return JS_WriteUint32Pair(aWriter
, SCTAG_DOM_SYSTEM_PRINCIPAL
, 0);
332 if (aInfo
.type() == PrincipalInfo::TExpandedPrincipalInfo
) {
333 const ExpandedPrincipalInfo
& expanded
= aInfo
;
334 if (!JS_WriteUint32Pair(aWriter
, SCTAG_DOM_EXPANDED_PRINCIPAL
, 0) ||
335 !JS_WriteUint32Pair(aWriter
, expanded
.allowlist().Length(), 0)) {
339 for (uint32_t i
= 0; i
< expanded
.allowlist().Length(); i
++) {
340 if (!WritePrincipalInfo(aWriter
, expanded
.allowlist()[i
])) {
347 MOZ_ASSERT(aInfo
.type() == PrincipalInfo::TContentPrincipalInfo
);
348 const ContentPrincipalInfo
& cInfo
= aInfo
;
349 return JS_WriteUint32Pair(aWriter
, SCTAG_DOM_CONTENT_PRINCIPAL
, 0) &&
350 ::WritePrincipalInfo(aWriter
, cInfo
.attrs(), cInfo
.spec(),
351 cInfo
.originNoSuffix(), cInfo
.baseDomain());
354 bool nsJSPrincipals::write(JSContext
* aCx
, JSStructuredCloneWriter
* aWriter
) {
356 if (NS_WARN_IF(NS_FAILED(PrincipalToPrincipalInfo(this, &info
)))) {
357 xpc::Throw(aCx
, NS_ERROR_DOM_DATA_CLONE_ERR
);
361 return WritePrincipalInfo(aWriter
, info
);
364 bool nsJSPrincipals::isSystemOrAddonPrincipal() {
365 JS::AutoSuppressGCAnalysis suppress
;
366 return this->IsSystemPrincipal() ||
367 this->GetIsAddonOrExpandedAddonPrincipal();