1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6 * Manifest.sys.mjs is the top level api for managing installed web applications
7 * https://www.w3.org/TR/appmanifest/
9 * It is used to trigger the installation of a web application via .install()
10 * and to access the manifest data (including icons).
13 * - Trigger appropriate app installed events
16 import { ManifestObtainer } from "resource://gre/modules/ManifestObtainer.sys.mjs";
18 import { ManifestIcons } from "resource://gre/modules/ManifestIcons.sys.mjs";
22 ChromeUtils.defineESModuleGetters(lazy, {
23 JSONFile: "resource://gre/modules/JSONFile.sys.mjs",
27 * Generates an hash for the given string.
29 * @note The generated hash is returned in base64 form. Mind the fact base64
30 * is case-sensitive if you are going to reuse this code.
32 function generateHash(aString, hashAlg) {
33 const cryptoHash = Cc["@mozilla.org/security/hash;1"].createInstance(
36 cryptoHash.init(hashAlg);
37 const stringStream = Cc[
38 "@mozilla.org/io/string-input-stream;1"
39 ].createInstance(Ci.nsIStringInputStream);
40 stringStream.data = aString;
41 cryptoHash.updateFromStream(stringStream, -1);
42 // base64 allows the '/' char, but we can't use it for filenames.
43 return cryptoHash.finish(true).replace(/\//g, "-");
47 * Trims the query parameters from a url
49 function stripQuery(url) {
50 return url.split("?")[0];
53 // Folder in which we store the manifest files
54 const MANIFESTS_DIR = PathUtils.join(PathUtils.profileDir, "manifests");
56 // We maintain a list of scopes for installed webmanifests so we can determine
57 // whether a given url is within the scope of a previously installed manifest
58 const MANIFESTS_FILE = "manifest-scopes.json";
65 constructor(browser, manifestUrl) {
66 this._manifestUrl = manifestUrl;
67 // The key for this is the manifests URL that is required to be unique.
68 // However arbitrary urls are not safe file paths so lets hash it.
70 generateHash(manifestUrl, Ci.nsICryptoHash.SHA256) + ".json";
71 this._path = PathUtils.join(MANIFESTS_DIR, filename);
72 this.browser = browser;
77 * This function is called at the beginning of initialize() to check if a given
78 * manifest has MD5 based filename, if so we remove it and migrate the content to
79 * a new file with SHA256 based name.
80 * This is done due to security concern, as MD5 is an outdated hashing algorithm and
81 * shouldn't be used anymore
83 async removeMD5BasedFilename() {
85 generateHash(this._manifestUrl, Ci.nsICryptoHash.MD5) + ".json";
86 const MD5Path = PathUtils.join(MANIFESTS_DIR, filenameMD5);
88 await IOUtils.copy(MD5Path, this._path, { noOverwrite: true });
90 // we are ignoring the failures returned from copy as it should not stop us from
91 // installing a new manifest
94 // Remove the old MD5 based file unconditionally to ensure it's no longer used
96 await IOUtils.remove(MD5Path);
98 // ignore the error in case MD5 based file does not exist
103 return this._browser;
106 set browser(aBrowser) {
107 this._browser = aBrowser;
111 await this.removeMD5BasedFilename();
112 this._store = new lazy.JSONFile({ path: this._path, saveDelayMs: 100 });
113 await this._store.load();
116 async prefetch(browser) {
117 const manifestData = await ManifestObtainer.browserObtainManifest(browser);
118 const icon = await ManifestIcons.browserFetchIcon(
125 manifest: manifestData,
132 const manifestData = await ManifestObtainer.browserObtainManifest(
137 manifest: manifestData,
139 Manifests.manifestInstalled(this);
140 this._store.saveSoon();
143 async icon(expectedSize) {
144 if ("cached_icon" in this._store.data) {
145 return this._store.data.cached_icon;
147 const icon = await ManifestIcons.browserFetchIcon(
149 this._store.data.manifest,
152 // Cache the icon so future requests do not go over the network
153 this._store.data.cached_icon = icon;
154 this._store.saveSoon();
160 this._store.data.manifest.scope || this._store.data.manifest.start_url;
161 return stripQuery(scope);
166 this._store.data.manifest.short_name ||
167 this._store.data.manifest.name ||
168 this._store.data.manifest.short_url
173 return this._manifestUrl;
177 return (this._store.data && this._store.data.installed) || false;
181 return this._store.data.manifest.start_url;
190 * Manifests maintains the list of installed manifests
192 export var Manifests = {
193 async _initialize() {
194 if (this._readyPromise) {
195 return this._readyPromise;
198 // Prevent multiple initializations
199 this._readyPromise = (async () => {
200 // Make sure the manifests have the folder needed to save into
201 await IOUtils.makeDirectory(MANIFESTS_DIR, { ignoreExisting: true });
203 // Ensure any existing scope data we have about manifests is loaded
204 this._path = PathUtils.join(PathUtils.profileDir, MANIFESTS_FILE);
205 this._store = new lazy.JSONFile({ path: this._path });
206 await this._store.load();
208 // If we don't have any existing data, initialize empty
209 if (!this._store.data.hasOwnProperty("scopes")) {
210 this._store.data.scopes = new Map();
214 // Cache the Manifest objects creates as they are references to files
215 // and we do not want multiple file handles
216 this.manifestObjs = new Map();
217 return this._readyPromise;
220 // When a manifest is installed, we save its scope so we can determine if
221 // future visits fall within this manifests scope
222 manifestInstalled(manifest) {
223 this._store.data.scopes[manifest.scope] = manifest.url;
224 this._store.saveSoon();
227 // Given a url, find if it is within an installed manifests scope and if so
228 // return that manifests url
229 findManifestUrl(url) {
230 for (let scope in this._store.data.scopes) {
231 if (url.startsWith(scope)) {
232 return this._store.data.scopes[scope];
238 // Get the manifest given a url, or if not look for a manifest that is
239 // tied to the current page
240 async getManifest(browser, manifestUrl) {
241 // Ensure we have all started up
242 if (!this._readyPromise) {
243 await this._initialize();
246 // If the client does not already know its manifestUrl, we take the
247 // url of the client and see if it matches the scope of any installed
250 const url = stripQuery(browser.currentURI.spec);
251 manifestUrl = this.findManifestUrl(url);
254 // No matches so no manifest
255 if (manifestUrl === null) {
259 // If we have already created this manifest return cached
260 if (this.manifestObjs.has(manifestUrl)) {
261 const manifest = this.manifestObjs.get(manifestUrl);
262 if (manifest.browser !== browser) {
263 manifest.browser = browser;
268 // Otherwise create a new manifest object
269 const manifest = new Manifest(browser, manifestUrl);
270 this.manifestObjs.set(manifestUrl, manifest);
271 await manifest.initialize();