1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
5 * You can obtain one at http://mozilla.org/MPL/2.0/. */
8 * Constant flags that describe how a document is sandboxed according to the
12 #ifndef nsSandboxFlags_h___
13 #define nsSandboxFlags_h___
16 * This constant denotes the lack of a sandbox attribute/directive.
18 const unsigned long SANDBOXED_NONE
= 0x0;
21 * This flag prevents content from navigating browsing contexts other than
22 * itself, browsing contexts nested inside it, the top-level browsing context
23 * and browsing contexts that it has opened.
24 * As it is always on for sandboxed browsing contexts, it is used implicitly
25 * within the code by checking that the overall flags are non-zero.
26 * It is only uesd directly when the sandbox flags are initially set up.
28 const unsigned long SANDBOXED_NAVIGATION
= 0x1;
31 * This flag prevents content from creating new auxiliary browsing contexts,
32 * e.g. using the target attribute, or the window.open() method.
34 const unsigned long SANDBOXED_AUXILIARY_NAVIGATION
= 0x2;
37 * This flag prevents content from navigating their top-level browsing
40 const unsigned long SANDBOXED_TOPLEVEL_NAVIGATION
= 0x4;
43 * This flag forces content into a unique origin, thus preventing it from
44 * accessing other content from the same origin.
45 * This flag also prevents script from reading from or writing to the
46 * document.cookie IDL attribute, and blocks access to localStorage.
48 const unsigned long SANDBOXED_ORIGIN
= 0x10;
51 * This flag blocks form submission.
53 const unsigned long SANDBOXED_FORMS
= 0x20;
56 * This flag blocks the document from acquiring pointerlock.
58 const unsigned long SANDBOXED_POINTER_LOCK
= 0x40;
61 * This flag blocks script execution.
63 const unsigned long SANDBOXED_SCRIPTS
= 0x80;
66 * This flag blocks features that trigger automatically, such as
67 * automatically playing a video or automatically focusing a form control.
69 const unsigned long SANDBOXED_AUTOMATIC_FEATURES
= 0x100;
72 * This flag prevents URL schemes that use storage areas from being able to
73 * access the origin's data.
75 // We don't have an explicit representation of this one, apparently?
76 // const unsigned long SANDBOXED_STORAGE_AREA_URLS = 0x200;
79 * This flag blocks the document from changing document.domain.
81 const unsigned long SANDBOXED_DOMAIN
= 0x400;
84 * This flag prevents content from using window.alert(), window.confirm(),
85 * window.print(), window.prompt() and the beforeunload event from putting up
88 const unsigned long SANDBOXED_MODALS
= 0x800;
91 * This flag prevents content from escaping the sandbox by ensuring that any
92 * auxiliary browsing context it creates inherits the content's active
93 * sandboxing flag set.
95 const unsigned long SANDBOX_PROPAGATES_TO_AUXILIARY_BROWSING_CONTEXTS
= 0x1000;
98 * This flag prevents locking screen orientation.
100 const unsigned long SANDBOXED_ORIENTATION_LOCK
= 0x2000;
103 * This flag disables the Presentation API.
105 const unsigned long SANDBOXED_PRESENTATION
= 0x4000;
108 * This flag disables access to the first-party storage area by user activation.
110 const unsigned long SANDBOXED_STORAGE_ACCESS
= 0x8000;
113 * This flag prevents content from navigating their top-level browsing
114 * context only when the user hasn't interacted with the browser.
116 const unsigned long SANDBOXED_TOPLEVEL_NAVIGATION_USER_ACTIVATION
= 0x20000;
119 * This flag disables content from initiating or instantiating downloads,
120 * whether through downloading hyperlinks or through navigation that gets
121 * handled as a download.
123 const unsigned long SANDBOXED_ALLOW_DOWNLOADS
= 0x10000;
126 * This flag prevents content from navigating to custom protocols.
128 const unsigned long SANDBOXED_TOPLEVEL_NAVIGATION_CUSTOM_PROTOCOLS
= 0x40000;
130 const unsigned long SANDBOX_ALL_FLAGS
= 0xFFFFF;