1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef mozilla_OriginAttributes_h
8 #define mozilla_OriginAttributes_h
10 #include "mozilla/dom/ChromeUtils.h"
11 #include "mozilla/dom/ChromeUtilsBinding.h"
12 #include "nsIScriptSecurityManager.h"
16 class OriginAttributes
: public dom::OriginAttributesDictionary
{
20 OriginAttributes(uint32_t aAppId
, bool aInIsolatedMozBrowser
) {
22 mInIsolatedMozBrowser
= aInIsolatedMozBrowser
;
25 explicit OriginAttributes(const OriginAttributesDictionary
& aOther
)
26 : OriginAttributesDictionary(aOther
) {}
28 void SetFirstPartyDomain(const bool aIsTopLevelDocument
, nsIURI
* aURI
);
29 void SetFirstPartyDomain(const bool aIsTopLevelDocument
,
30 const nsACString
& aDomain
);
33 STRIP_FIRST_PARTY_DOMAIN
= 0x01,
34 STRIP_USER_CONTEXT_ID
= 0x02,
37 inline void StripAttributes(uint32_t aFlags
) {
38 if (aFlags
& STRIP_FIRST_PARTY_DOMAIN
) {
39 mFirstPartyDomain
.Truncate();
42 if (aFlags
& STRIP_USER_CONTEXT_ID
) {
43 mUserContextId
= nsIScriptSecurityManager::DEFAULT_USER_CONTEXT_ID
;
47 bool operator==(const OriginAttributes
& aOther
) const {
48 return mAppId
== aOther
.mAppId
&&
49 mInIsolatedMozBrowser
== aOther
.mInIsolatedMozBrowser
&&
50 mUserContextId
== aOther
.mUserContextId
&&
51 mPrivateBrowsingId
== aOther
.mPrivateBrowsingId
&&
52 mFirstPartyDomain
== aOther
.mFirstPartyDomain
;
55 bool operator!=(const OriginAttributes
& aOther
) const {
56 return !(*this == aOther
);
59 MOZ_MUST_USE
bool EqualsIgnoringFPD(const OriginAttributes
& aOther
) const {
60 return mAppId
== aOther
.mAppId
&&
61 mInIsolatedMozBrowser
== aOther
.mInIsolatedMozBrowser
&&
62 mUserContextId
== aOther
.mUserContextId
&&
63 mPrivateBrowsingId
== aOther
.mPrivateBrowsingId
;
66 // Serializes/Deserializes non-default values into the suffix format, i.e.
67 // |!key1=value1&key2=value2|. If there are no non-default attributes, this
68 // returns an empty string.
69 void CreateSuffix(nsACString
& aStr
) const;
71 // Don't use this method for anything else than debugging!
72 void CreateAnonymizedSuffix(nsACString
& aStr
) const;
74 MOZ_MUST_USE
bool PopulateFromSuffix(const nsACString
& aStr
);
76 // Populates the attributes from a string like
77 // |uri!key1=value1&key2=value2| and returns the uri without the suffix.
78 MOZ_MUST_USE
bool PopulateFromOrigin(const nsACString
& aOrigin
,
79 nsACString
& aOriginNoSuffix
);
81 // Helper function to match mIsPrivateBrowsing to existing private browsing
82 // flags. Once all other flags are removed, this can be removed too.
83 void SyncAttributesWithPrivateBrowsing(bool aInPrivateBrowsing
);
85 // check if "privacy.firstparty.isolate" is enabled.
86 static inline bool IsFirstPartyEnabled() { return sFirstPartyIsolation
; }
88 // check if the access of window.opener across different FPDs is restricted.
89 // We only restrict the access of window.opener when first party isolation
90 // is enabled and "privacy.firstparty.isolate.restrict_opener_access" is on.
91 static inline bool IsRestrictOpenerAccessForFPI() {
92 // We always want to restrict window.opener if first party isolation is
94 return !sFirstPartyIsolation
|| sRestrictedOpenerAccess
;
97 // Check whether we block the postMessage across different FPDs when the
98 // targetOrigin is '*'.
99 static inline MOZ_MUST_USE
bool IsBlockPostMessageForFPI() {
100 return sFirstPartyIsolation
&& sBlockPostMessageForFPI
;
103 // returns true if the originAttributes suffix has mPrivateBrowsingId value
105 static bool IsPrivateBrowsing(const nsACString
& aOrigin
);
107 static void InitPrefs();
110 static bool sFirstPartyIsolation
;
111 static bool sRestrictedOpenerAccess
;
112 static bool sBlockPostMessageForFPI
;
115 class OriginAttributesPattern
: public dom::OriginAttributesPatternDictionary
{
117 // To convert a JSON string to an OriginAttributesPattern, do the following:
119 // OriginAttributesPattern pattern;
120 // if (!pattern.Init(aJSONString)) {
121 // ... // handle failure.
123 OriginAttributesPattern() {}
125 explicit OriginAttributesPattern(
126 const OriginAttributesPatternDictionary
& aOther
)
127 : OriginAttributesPatternDictionary(aOther
) {}
129 // Performs a match of |aAttrs| against this pattern.
130 bool Matches(const OriginAttributes
& aAttrs
) const {
131 if (mAppId
.WasPassed() && mAppId
.Value() != aAttrs
.mAppId
) {
135 if (mInIsolatedMozBrowser
.WasPassed() &&
136 mInIsolatedMozBrowser
.Value() != aAttrs
.mInIsolatedMozBrowser
) {
140 if (mUserContextId
.WasPassed() &&
141 mUserContextId
.Value() != aAttrs
.mUserContextId
) {
145 if (mPrivateBrowsingId
.WasPassed() &&
146 mPrivateBrowsingId
.Value() != aAttrs
.mPrivateBrowsingId
) {
150 if (mFirstPartyDomain
.WasPassed() &&
151 mFirstPartyDomain
.Value() != aAttrs
.mFirstPartyDomain
) {
158 bool Overlaps(const OriginAttributesPattern
& aOther
) const {
159 if (mAppId
.WasPassed() && aOther
.mAppId
.WasPassed() &&
160 mAppId
.Value() != aOther
.mAppId
.Value()) {
164 if (mInIsolatedMozBrowser
.WasPassed() &&
165 aOther
.mInIsolatedMozBrowser
.WasPassed() &&
166 mInIsolatedMozBrowser
.Value() != aOther
.mInIsolatedMozBrowser
.Value()) {
170 if (mUserContextId
.WasPassed() && aOther
.mUserContextId
.WasPassed() &&
171 mUserContextId
.Value() != aOther
.mUserContextId
.Value()) {
175 if (mPrivateBrowsingId
.WasPassed() &&
176 aOther
.mPrivateBrowsingId
.WasPassed() &&
177 mPrivateBrowsingId
.Value() != aOther
.mPrivateBrowsingId
.Value()) {
181 if (mFirstPartyDomain
.WasPassed() && aOther
.mFirstPartyDomain
.WasPassed() &&
182 mFirstPartyDomain
.Value() != aOther
.mFirstPartyDomain
.Value()) {
190 } // namespace mozilla
192 #endif /* mozilla_OriginAttributes_h */