caps/DomainPolicy.cpp

   1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /* vim: set ts=4 et sw=4 tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "DomainPolicy.h"
   8 #include "nsScriptSecurityManager.h"
   9
  10 namespace mozilla {
  11
  12 NS_IMPL_ISUPPORTS(DomainPolicy, nsIDomainPolicy)
  13
  14 DomainPolicy::DomainPolicy() : mBlacklist(new DomainSet())
  15                              , mSuperBlacklist(new DomainSet())
  16                              , mWhitelist(new DomainSet())
  17                              , mSuperWhitelist(new DomainSet())
  18 {}
  19
  20 DomainPolicy::~DomainPolicy()
  21 {
  22     // The SSM holds a strong ref to the DomainPolicy until Deactivate() is
  23     // invoked, so we should never hit the destructor until that happens.
  24     MOZ_ASSERT(!mBlacklist && !mSuperBlacklist &&
  25                !mWhitelist && !mSuperWhitelist);
  26 }
  27
  28
  29 NS_IMETHODIMP
  30 DomainPolicy::GetBlacklist(nsIDomainSet** aSet)
  31 {
  32     nsCOMPtr<nsIDomainSet> set = mBlacklist;
  33     set.forget(aSet);
  34     return NS_OK;
  35 }
  36
  37 NS_IMETHODIMP
  38 DomainPolicy::GetSuperBlacklist(nsIDomainSet** aSet)
  39 {
  40     nsCOMPtr<nsIDomainSet> set = mSuperBlacklist;
  41     set.forget(aSet);
  42     return NS_OK;
  43 }
  44
  45 NS_IMETHODIMP
  46 DomainPolicy::GetWhitelist(nsIDomainSet** aSet)
  47 {
  48     nsCOMPtr<nsIDomainSet> set = mWhitelist;
  49     set.forget(aSet);
  50     return NS_OK;
  51 }
  52
  53 NS_IMETHODIMP
  54 DomainPolicy::GetSuperWhitelist(nsIDomainSet** aSet)
  55 {
  56     nsCOMPtr<nsIDomainSet> set = mSuperWhitelist;
  57     set.forget(aSet);
  58     return NS_OK;
  59 }
  60
  61 NS_IMETHODIMP
  62 DomainPolicy::Deactivate()
  63 {
  64     // Clear the hashtables first to free up memory, since script might
  65     // hold the doomed sets alive indefinitely.
  66     mBlacklist->Clear();
  67     mSuperBlacklist->Clear();
  68     mWhitelist->Clear();
  69     mSuperWhitelist->Clear();
  70
  71     // Null them out.
  72     mBlacklist = nullptr;
  73     mSuperBlacklist = nullptr;
  74     mWhitelist = nullptr;
  75     mSuperWhitelist = nullptr;
  76
  77     // Inform the SSM.
  78     nsScriptSecurityManager::GetScriptSecurityManager()->DeactivateDomainPolicy();
  79     return NS_OK;
  80 }
  81
  82 static already_AddRefed<nsIURI>
  83 GetCanonicalClone(nsIURI* aURI)
  84 {
  85     nsCOMPtr<nsIURI> clone;
  86     nsresult rv = aURI->Clone(getter_AddRefs(clone));
  87     NS_ENSURE_SUCCESS(rv, nullptr);
  88     rv = clone->SetUserPass(EmptyCString());
  89     NS_ENSURE_SUCCESS(rv, nullptr);
  90     rv = clone->SetPath(EmptyCString());
  91     NS_ENSURE_SUCCESS(rv, nullptr);
  92     return clone.forget();
  93 }
  94
  95 NS_IMPL_ISUPPORTS(DomainSet, nsIDomainSet)
  96
  97 NS_IMETHODIMP
  98 DomainSet::Add(nsIURI* aDomain)
  99 {
 100     nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
 101     NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
 102     mHashTable.PutEntry(clone);
 103     return NS_OK;
 104 }
 105
 106 NS_IMETHODIMP
 107 DomainSet::Remove(nsIURI* aDomain)
 108 {
 109     nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
 110     NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
 111     mHashTable.RemoveEntry(clone);
 112     return NS_OK;
 113 }
 114
 115 NS_IMETHODIMP
 116 DomainSet::Clear()
 117 {
 118     mHashTable.Clear();
 119     return NS_OK;
 120 }
 121
 122 NS_IMETHODIMP
 123 DomainSet::Contains(nsIURI* aDomain, bool* aContains)
 124 {
 125     *aContains = false;
 126     nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
 127     NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
 128     *aContains = mHashTable.Contains(clone);
 129     return NS_OK;
 130 }
 131
 132 NS_IMETHODIMP
 133 DomainSet::ContainsSuperDomain(nsIURI* aDomain, bool* aContains)
 134 {
 135     *aContains = false;
 136     nsCOMPtr<nsIURI> clone = GetCanonicalClone(aDomain);
 137     NS_ENSURE_TRUE(clone, NS_ERROR_FAILURE);
 138     nsAutoCString domain;
 139     nsresult rv = clone->GetHost(domain);
 140     NS_ENSURE_SUCCESS(rv, rv);
 141     while (true) {
 142         // Check the current domain.
 143         if (mHashTable.Contains(clone)) {
 144             *aContains = true;
 145             return NS_OK;
 146         }
 147
 148         // Chop off everything before the first dot, or break if there are no
 149         // dots left.
 150         int32_t index = domain.Find(".");
 151         if (index == kNotFound)
 152             break;
 153         domain.Assign(Substring(domain, index + 1));
 154         rv = clone->SetHost(domain);
 155         NS_ENSURE_SUCCESS(rv, rv);
 156     }
 157
 158     // No match.
 159     return NS_OK;
 160
 161 }
 162
 163 } /* namespace mozilla */