caps/NullPrincipal.cpp

   1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
   2 /* vim: set sw=2 sts=2 ts=2 et tw=80: */
   3 /* This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 /**
   8  * This is the principal that has no rights and can't be accessed by
   9  * anything other than itself and chrome; null principals are not
  10  * same-origin with anything but themselves.
  11  */
  12
  13 #include "mozilla/ArrayUtils.h"
  14
  15 #include "nsDocShell.h"
  16 #include "NullPrincipal.h"
  17 #include "NullPrincipalURI.h"
  18 #include "nsMemory.h"
  19 #include "nsIClassInfoImpl.h"
  20 #include "nsNetCID.h"
  21 #include "nsError.h"
  22 #include "nsIScriptSecurityManager.h"
  23 #include "ContentPrincipal.h"
  24 #include "nsScriptSecurityManager.h"
  25 #include "pratom.h"
  26
  27 using namespace mozilla;
  28
  29 NS_IMPL_CLASSINFO(NullPrincipal, nullptr, nsIClassInfo::MAIN_THREAD_ONLY,
  30                   NS_NULLPRINCIPAL_CID)
  31 NS_IMPL_QUERY_INTERFACE_CI(NullPrincipal, nsIPrincipal, nsISerializable)
  32 NS_IMPL_CI_INTERFACE_GETTER(NullPrincipal, nsIPrincipal, nsISerializable)
  33
  34 /* static */
  35 already_AddRefed<NullPrincipal> NullPrincipal::CreateWithInheritedAttributes(
  36     nsIPrincipal* aInheritFrom) {
  37   MOZ_ASSERT(aInheritFrom);
  38   return CreateWithInheritedAttributes(
  39       Cast(aInheritFrom)->OriginAttributesRef(), false);
  40 }
  41
  42 /* static */
  43 already_AddRefed<NullPrincipal> NullPrincipal::CreateWithInheritedAttributes(
  44     nsIDocShell* aDocShell, bool aIsFirstParty) {
  45   MOZ_ASSERT(aDocShell);
  46
  47   OriginAttributes attrs = nsDocShell::Cast(aDocShell)->GetOriginAttributes();
  48   return CreateWithInheritedAttributes(attrs, aIsFirstParty);
  49 }
  50
  51 /* static */
  52 already_AddRefed<NullPrincipal> NullPrincipal::CreateWithInheritedAttributes(
  53     const OriginAttributes& aOriginAttributes, bool aIsFirstParty) {
  54   RefPtr<NullPrincipal> nullPrin = new NullPrincipal();
  55   nsresult rv = nullPrin->Init(aOriginAttributes, aIsFirstParty);
  56   MOZ_RELEASE_ASSERT(NS_SUCCEEDED(rv));
  57   return nullPrin.forget();
  58 }
  59
  60 /* static */
  61 already_AddRefed<NullPrincipal> NullPrincipal::Create(
  62     const OriginAttributes& aOriginAttributes, nsIURI* aURI) {
  63   RefPtr<NullPrincipal> nullPrin = new NullPrincipal();
  64   nsresult rv = nullPrin->Init(aOriginAttributes, aURI);
  65   MOZ_RELEASE_ASSERT(NS_SUCCEEDED(rv));
  66
  67   return nullPrin.forget();
  68 }
  69
  70 /* static */
  71 already_AddRefed<NullPrincipal> NullPrincipal::CreateWithoutOriginAttributes() {
  72   return NullPrincipal::Create(OriginAttributes(), nullptr);
  73 }
  74
  75 nsresult NullPrincipal::Init(const OriginAttributes& aOriginAttributes,
  76                              nsIURI* aURI) {
  77   if (aURI) {
  78     nsAutoCString scheme;
  79     nsresult rv = aURI->GetScheme(scheme);
  80     NS_ENSURE_SUCCESS(rv, rv);
  81
  82     NS_ENSURE_TRUE(scheme.EqualsLiteral(NS_NULLPRINCIPAL_SCHEME),
  83                    NS_ERROR_NOT_AVAILABLE);
  84
  85     mURI = aURI;
  86   } else {
  87     mURI = NullPrincipalURI::Create();
  88     NS_ENSURE_TRUE(mURI, NS_ERROR_NOT_AVAILABLE);
  89   }
  90
  91   nsAutoCString originNoSuffix;
  92   DebugOnly<nsresult> rv = mURI->GetSpec(originNoSuffix);
  93   MOZ_ASSERT(NS_SUCCEEDED(rv));
  94
  95   FinishInit(originNoSuffix, aOriginAttributes);
  96
  97   return NS_OK;
  98 }
  99
 100 nsresult NullPrincipal::Init(const OriginAttributes& aOriginAttributes,
 101                              bool aIsFirstParty) {
 102   mURI = NullPrincipalURI::Create();
 103   NS_ENSURE_TRUE(mURI, NS_ERROR_NOT_AVAILABLE);
 104
 105   nsAutoCString originNoSuffix;
 106   DebugOnly<nsresult> rv = mURI->GetSpec(originNoSuffix);
 107   MOZ_ASSERT(NS_SUCCEEDED(rv));
 108
 109   nsAutoCString path;
 110   rv = mURI->GetPathQueryRef(path);
 111   MOZ_ASSERT(NS_SUCCEEDED(rv));
 112
 113   OriginAttributes attrs(aOriginAttributes);
 114   if (aIsFirstParty) {
 115     // remove the '{}' characters from both ends.
 116     path.Mid(path, 1, path.Length() - 2);
 117     path.AppendLiteral(".mozilla");
 118     attrs.SetFirstPartyDomain(true, path);
 119   }
 120
 121   FinishInit(originNoSuffix, attrs);
 122
 123   return NS_OK;
 124 }
 125
 126 nsresult NullPrincipal::GetScriptLocation(nsACString& aStr) {
 127   return mURI->GetSpec(aStr);
 128 }
 129
 130 /**
 131  * nsIPrincipal implementation
 132  */
 133
 134 uint32_t NullPrincipal::GetHashValue() { return (NS_PTR_TO_INT32(this) >> 2); }
 135
 136 NS_IMETHODIMP
 137 NullPrincipal::SetCsp(nsIContentSecurityPolicy* aCsp) {
 138   // Never destroy an existing CSP on the principal.
 139   // This method should only be called in rare cases.
 140
 141   MOZ_ASSERT(!mCSP, "do not destroy an existing CSP");
 142   if (mCSP) {
 143     return NS_ERROR_ALREADY_INITIALIZED;
 144   }
 145
 146   mCSP = aCsp;
 147   return NS_OK;
 148 }
 149
 150 NS_IMETHODIMP
 151 NullPrincipal::GetURI(nsIURI** aURI) {
 152   nsCOMPtr<nsIURI> uri = mURI;
 153   uri.forget(aURI);
 154   return NS_OK;
 155 }
 156
 157 NS_IMETHODIMP
 158 NullPrincipal::GetDomain(nsIURI** aDomain) {
 159   nsCOMPtr<nsIURI> uri = mURI;
 160   uri.forget(aDomain);
 161   return NS_OK;
 162 }
 163
 164 NS_IMETHODIMP
 165 NullPrincipal::SetDomain(nsIURI* aDomain) {
 166   // I think the right thing to do here is to just throw...  Silently failing
 167   // seems counterproductive.
 168   return NS_ERROR_NOT_AVAILABLE;
 169 }
 170
 171 bool NullPrincipal::MayLoadInternal(nsIURI* aURI) {
 172   // Also allow the load if we are the principal of the URI being checked.
 173   nsCOMPtr<nsIPrincipal> blobPrincipal;
 174   if (dom::BlobURLProtocolHandler::GetBlobURLPrincipal(
 175           aURI, getter_AddRefs(blobPrincipal))) {
 176     MOZ_ASSERT(blobPrincipal);
 177     return SubsumesInternal(blobPrincipal,
 178                             BasePrincipal::ConsiderDocumentDomain);
 179   }
 180
 181   return false;
 182 }
 183
 184 NS_IMETHODIMP
 185 NullPrincipal::GetBaseDomain(nsACString& aBaseDomain) {
 186   // For a null principal, we use our unique uuid as the base domain.
 187   return mURI->GetPathQueryRef(aBaseDomain);
 188 }
 189
 190 NS_IMETHODIMP
 191 NullPrincipal::GetAddonId(nsAString& aAddonId) {
 192   aAddonId.Truncate();
 193   return NS_OK;
 194 };
 195
 196 /**
 197  * nsISerializable implementation
 198  */
 199 NS_IMETHODIMP
 200 NullPrincipal::Read(nsIObjectInputStream* aStream) {
 201   // Note - NullPrincipal use NS_GENERIC_FACTORY_CONSTRUCTOR_INIT, which means
 202   // that the Init() method has already been invoked by the time we deserialize.
 203   // This is in contrast to ContentPrincipal, which uses
 204   // NS_GENERIC_FACTORY_CONSTRUCTOR, in which case ::Read needs to invoke
 205   // Init().
 206
 207   nsAutoCString spec;
 208   nsresult rv = aStream->ReadCString(spec);
 209   NS_ENSURE_SUCCESS(rv, rv);
 210
 211   nsCOMPtr<nsIURI> uri;
 212   rv = NS_NewURI(getter_AddRefs(uri), spec);
 213   NS_ENSURE_SUCCESS(rv, rv);
 214
 215   nsAutoCString suffix;
 216   rv = aStream->ReadCString(suffix);
 217   NS_ENSURE_SUCCESS(rv, rv);
 218
 219   OriginAttributes attrs;
 220   bool ok = attrs.PopulateFromSuffix(suffix);
 221   NS_ENSURE_TRUE(ok, NS_ERROR_FAILURE);
 222
 223   return Init(attrs, uri);
 224 }
 225
 226 NS_IMETHODIMP
 227 NullPrincipal::Write(nsIObjectOutputStream* aStream) {
 228   NS_ENSURE_STATE(mURI);
 229
 230   nsAutoCString spec;
 231   nsresult rv = mURI->GetSpec(spec);
 232   NS_ENSURE_SUCCESS(rv, rv);
 233
 234   rv = aStream->WriteStringZ(spec.get());
 235   NS_ENSURE_SUCCESS(rv, rv);
 236
 237   nsAutoCString suffix;
 238   OriginAttributesRef().CreateSuffix(suffix);
 239
 240   rv = aStream->WriteStringZ(suffix.get());
 241   NS_ENSURE_SUCCESS(rv, rv);
 242
 243   return NS_OK;
 244 }