caps/nsNullPrincipal.cpp

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* This Source Code Form is subject to the terms of the Mozilla Public
   3  * License, v. 2.0. If a copy of the MPL was not distributed with this
   4  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   5
   6 /**
   7  * This is the principal that has no rights and can't be accessed by
   8  * anything other than itself and chrome; null principals are not
   9  * same-origin with anything but themselves.
  10  */
  11
  12 #include "mozilla/ArrayUtils.h"
  13
  14 #include "nsNullPrincipal.h"
  15 #include "nsNullPrincipalURI.h"
  16 #include "nsMemory.h"
  17 #include "nsIUUIDGenerator.h"
  18 #include "nsID.h"
  19 #include "nsNetUtil.h"
  20 #include "nsIClassInfoImpl.h"
  21 #include "nsIObjectInputStream.h"
  22 #include "nsIObjectOutputStream.h"
  23 #include "nsNetCID.h"
  24 #include "nsError.h"
  25 #include "nsIScriptSecurityManager.h"
  26 #include "nsPrincipal.h"
  27 #include "nsScriptSecurityManager.h"
  28 #include "pratom.h"
  29
  30 using namespace mozilla;
  31
  32 NS_IMPL_CLASSINFO(nsNullPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
  33                   NS_NULLPRINCIPAL_CID)
  34 NS_IMPL_QUERY_INTERFACE_CI(nsNullPrincipal,
  35                            nsIPrincipal,
  36                            nsISerializable)
  37 NS_IMPL_CI_INTERFACE_GETTER(nsNullPrincipal,
  38                             nsIPrincipal,
  39                             nsISerializable)
  40
  41 NS_IMETHODIMP_(MozExternalRefCountType)
  42 nsNullPrincipal::AddRef()
  43 {
  44   NS_PRECONDITION(int32_t(refcount) >= 0, "illegal refcnt");
  45   nsrefcnt count = ++refcount;
  46   NS_LOG_ADDREF(this, count, "nsNullPrincipal", sizeof(*this));
  47   return count;
  48 }
  49
  50 NS_IMETHODIMP_(MozExternalRefCountType)
  51 nsNullPrincipal::Release()
  52 {
  53   NS_PRECONDITION(0 != refcount, "dup release");
  54   nsrefcnt count = --refcount;
  55   NS_LOG_RELEASE(this, count, "nsNullPrincipal");
  56   if (count == 0) {
  57     delete this;
  58   }
  59
  60   return count;
  61 }
  62
  63 nsNullPrincipal::nsNullPrincipal()
  64 {
  65 }
  66
  67 nsNullPrincipal::~nsNullPrincipal()
  68 {
  69 }
  70
  71 /* static */ already_AddRefed<nsNullPrincipal>
  72 nsNullPrincipal::CreateWithInheritedAttributes(nsIPrincipal* aInheritFrom)
  73 {
  74   nsRefPtr<nsNullPrincipal> nullPrin = new nsNullPrincipal();
  75   nsresult rv = nullPrin->Init(aInheritFrom->GetAppId(),
  76                                aInheritFrom->GetIsInBrowserElement());
  77   return NS_SUCCEEDED(rv) ? nullPrin.forget() : nullptr;
  78 }
  79
  80 #define NS_NULLPRINCIPAL_PREFIX NS_NULLPRINCIPAL_SCHEME ":"
  81
  82 nsresult
  83 nsNullPrincipal::Init(uint32_t aAppId, bool aInMozBrowser)
  84 {
  85   MOZ_ASSERT(aAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
  86   mAppId = aAppId;
  87   mInMozBrowser = aInMozBrowser;
  88
  89   // FIXME: bug 327161 -- make sure the uuid generator is reseeding-resistant.
  90   nsresult rv;
  91   nsCOMPtr<nsIUUIDGenerator> uuidgen =
  92     do_GetService("@mozilla.org/uuid-generator;1", &rv);
  93   NS_ENSURE_SUCCESS(rv, rv);
  94
  95   nsID id;
  96   rv = uuidgen->GenerateUUIDInPlace(&id);
  97   NS_ENSURE_SUCCESS(rv, rv);
  98
  99   char chars[NSID_LENGTH];
 100   id.ToProvidedString(chars);
 101
 102   uint32_t suffixLen = NSID_LENGTH - 1;
 103   uint32_t prefixLen = ArrayLength(NS_NULLPRINCIPAL_PREFIX) - 1;
 104
 105   // Use an nsCString so we only do the allocation once here and then share
 106   // with nsJSPrincipals
 107   nsCString str;
 108   str.SetCapacity(prefixLen + suffixLen);
 109
 110   str.Append(NS_NULLPRINCIPAL_PREFIX);
 111   str.Append(chars);
 112
 113   if (str.Length() != prefixLen + suffixLen) {
 114     NS_WARNING("Out of memory allocating null-principal URI");
 115     return NS_ERROR_OUT_OF_MEMORY;
 116   }
 117
 118   mURI = new nsNullPrincipalURI(str);
 119   NS_ENSURE_TRUE(mURI, NS_ERROR_OUT_OF_MEMORY);
 120
 121   return NS_OK;
 122 }
 123
 124 void
 125 nsNullPrincipal::GetScriptLocation(nsACString &aStr)
 126 {
 127   mURI->GetSpec(aStr);
 128 }
 129
 130 #ifdef DEBUG
 131 void nsNullPrincipal::dumpImpl()
 132 {
 133   nsAutoCString str;
 134   mURI->GetSpec(str);
 135   fprintf(stderr, "nsNullPrincipal (%p) = %s\n", this, str.get());
 136 }
 137 #endif
 138
 139 /**
 140  * nsIPrincipal implementation
 141  */
 142
 143 NS_IMETHODIMP
 144 nsNullPrincipal::Equals(nsIPrincipal *aOther, bool *aResult)
 145 {
 146   // Just equal to ourselves.  Note that nsPrincipal::Equals will return false
 147   // for us since we have a unique domain/origin/etc.
 148   *aResult = (aOther == this);
 149   return NS_OK;
 150 }
 151
 152 NS_IMETHODIMP
 153 nsNullPrincipal::EqualsConsideringDomain(nsIPrincipal *aOther, bool *aResult)
 154 {
 155   return Equals(aOther, aResult);
 156 }
 157
 158 NS_IMETHODIMP
 159 nsNullPrincipal::GetHashValue(uint32_t *aResult)
 160 {
 161   *aResult = (NS_PTR_TO_INT32(this) >> 2);
 162   return NS_OK;
 163 }
 164
 165 NS_IMETHODIMP
 166 nsNullPrincipal::GetURI(nsIURI** aURI)
 167 {
 168   return NS_EnsureSafeToReturn(mURI, aURI);
 169 }
 170
 171 NS_IMETHODIMP
 172 nsNullPrincipal::GetCsp(nsIContentSecurityPolicy** aCsp)
 173 {
 174   NS_IF_ADDREF(*aCsp = mCSP);
 175   return NS_OK;
 176 }
 177
 178 NS_IMETHODIMP
 179 nsNullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp)
 180 {
 181   // If CSP was already set, it should not be destroyed!  Instead, it should
 182   // get set anew when a new principal is created.
 183   if (mCSP)
 184     return NS_ERROR_ALREADY_INITIALIZED;
 185
 186   mCSP = aCsp;
 187   return NS_OK;
 188 }
 189
 190 NS_IMETHODIMP
 191 nsNullPrincipal::GetDomain(nsIURI** aDomain)
 192 {
 193   return NS_EnsureSafeToReturn(mURI, aDomain);
 194 }
 195
 196 NS_IMETHODIMP
 197 nsNullPrincipal::SetDomain(nsIURI* aDomain)
 198 {
 199   // I think the right thing to do here is to just throw...  Silently failing
 200   // seems counterproductive.
 201   return NS_ERROR_NOT_AVAILABLE;
 202 }
 203
 204 NS_IMETHODIMP
 205 nsNullPrincipal::GetOrigin(char** aOrigin)
 206 {
 207   *aOrigin = nullptr;
 208
 209   nsAutoCString str;
 210   nsresult rv = mURI->GetSpec(str);
 211   NS_ENSURE_SUCCESS(rv, rv);
 212
 213   *aOrigin = ToNewCString(str);
 214   NS_ENSURE_TRUE(*aOrigin, NS_ERROR_OUT_OF_MEMORY);
 215
 216   return NS_OK;
 217 }
 218
 219 NS_IMETHODIMP
 220 nsNullPrincipal::Subsumes(nsIPrincipal *aOther, bool *aResult)
 221 {
 222   // We don't subsume anything except ourselves.  Note that nsPrincipal::Equals
 223   // will return false for us, since we're not about:blank and not Equals to
 224   // reasonable nsPrincipals.
 225   *aResult = (aOther == this);
 226   return NS_OK;
 227 }
 228
 229 NS_IMETHODIMP
 230 nsNullPrincipal::SubsumesConsideringDomain(nsIPrincipal *aOther, bool *aResult)
 231 {
 232   return Subsumes(aOther, aResult);
 233 }
 234
 235 NS_IMETHODIMP
 236 nsNullPrincipal::CheckMayLoad(nsIURI* aURI, bool aReport, bool aAllowIfInheritsPrincipal)
 237  {
 238   if (aAllowIfInheritsPrincipal) {
 239     if (nsPrincipal::IsPrincipalInherited(aURI)) {
 240       return NS_OK;
 241     }
 242
 243     // Also allow the load if the principal of the URI being checked is exactly
 244     // us ie this.
 245     nsCOMPtr<nsIURIWithPrincipal> uriPrinc = do_QueryInterface(aURI);
 246     if (uriPrinc) {
 247       nsCOMPtr<nsIPrincipal> principal;
 248       uriPrinc->GetPrincipal(getter_AddRefs(principal));
 249
 250       if (principal && principal == this) {
 251         return NS_OK;
 252       }
 253     }
 254   }
 255
 256   if (aReport) {
 257     nsScriptSecurityManager::ReportError(
 258       nullptr, NS_LITERAL_STRING("CheckSameOriginError"), mURI, aURI);
 259   }
 260
 261   return NS_ERROR_DOM_BAD_URI;
 262 }
 263
 264 NS_IMETHODIMP
 265 nsNullPrincipal::GetJarPrefix(nsACString& aJarPrefix)
 266 {
 267   aJarPrefix.Truncate();
 268   return NS_OK;
 269 }
 270
 271 NS_IMETHODIMP
 272 nsNullPrincipal::GetAppStatus(uint16_t* aAppStatus)
 273 {
 274   *aAppStatus = nsScriptSecurityManager::AppStatusForPrincipal(this);
 275   return NS_OK;
 276 }
 277
 278 NS_IMETHODIMP
 279 nsNullPrincipal::GetAppId(uint32_t* aAppId)
 280 {
 281   *aAppId = mAppId;
 282   return NS_OK;
 283 }
 284
 285 NS_IMETHODIMP
 286 nsNullPrincipal::GetIsInBrowserElement(bool* aIsInBrowserElement)
 287 {
 288   *aIsInBrowserElement = mInMozBrowser;
 289   return NS_OK;
 290 }
 291
 292 NS_IMETHODIMP
 293 nsNullPrincipal::GetUnknownAppId(bool* aUnknownAppId)
 294 {
 295   *aUnknownAppId = false;
 296   return NS_OK;
 297 }
 298
 299 NS_IMETHODIMP
 300 nsNullPrincipal::GetIsNullPrincipal(bool* aIsNullPrincipal)
 301 {
 302   *aIsNullPrincipal = true;
 303   return NS_OK;
 304 }
 305
 306 NS_IMETHODIMP
 307 nsNullPrincipal::GetBaseDomain(nsACString& aBaseDomain)
 308 {
 309   // For a null principal, we use our unique uuid as the base domain.
 310   return mURI->GetPath(aBaseDomain);
 311 }
 312
 313 /**
 314  * nsISerializable implementation
 315  */
 316 NS_IMETHODIMP
 317 nsNullPrincipal::Read(nsIObjectInputStream* aStream)
 318 {
 319   // Note - nsNullPrincipal use NS_GENERIC_FACTORY_CONSTRUCTOR_INIT, which means
 320   // that the Init() method has already been invoked by the time we deserialize.
 321   // This is in contrast to nsPrincipal, which uses NS_GENERIC_FACTORY_CONSTRUCTOR,
 322   // in which case ::Read needs to invoke Init().
 323   nsresult rv = aStream->Read32(&mAppId);
 324   NS_ENSURE_SUCCESS(rv, rv);
 325
 326   rv = aStream->ReadBoolean(&mInMozBrowser);
 327   NS_ENSURE_SUCCESS(rv, rv);
 328
 329   return NS_OK;
 330 }
 331
 332 NS_IMETHODIMP
 333 nsNullPrincipal::Write(nsIObjectOutputStream* aStream)
 334 {
 335   aStream->Write32(mAppId);
 336   aStream->WriteBoolean(mInMozBrowser);
 337   return NS_OK;
 338 }
 339