2 * Copyright (C) 2007 Benjamin Otte <otte@gnome.org>
3 * 2007 Pekka Lampila <pekka.lampila@iki.fi>
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 * Boston, MA 02110-1301 USA
27 #include "swfdec_policy_loader.h"
28 #include "swfdec_flash_security.h"
29 #include "swfdec_resource.h"
30 #include "swfdec_as_strings.h"
31 #include "swfdec_debug.h"
32 #include "swfdec_loader_internal.h"
33 #include "swfdec_player_internal.h"
34 #include "swfdec_xml.h"
35 #include "swfdec_xml_node.h"
37 /*** SWFDEC_LOADER_TARGET ***/
40 swfdec_policy_loader_target_get_player (SwfdecLoaderTarget
*target
)
42 return SWFDEC_POLICY_LOADER (target
)->sec
->player
;
46 swfdec_policy_loader_target_error (SwfdecLoaderTarget
*target
,
49 SwfdecPolicyLoader
*policy_loader
= SWFDEC_POLICY_LOADER (target
);
51 policy_loader
->func (policy_loader
, FALSE
);
55 swfdec_policy_loader_check (SwfdecAsContext
*context
, const char *text
,
62 g_return_val_if_fail (SWFDEC_IS_AS_CONTEXT (context
), FALSE
);
63 g_return_val_if_fail (text
!= NULL
, FALSE
);
65 xml
= swfdec_xml_new_no_properties (context
, text
, TRUE
);
68 SWFDEC_ERROR ("failed to create an XML object for crossdomain policy");
72 if (SWFDEC_XML_NODE (xml
)->type
!= SWFDEC_XML_NODE_ELEMENT
) {
73 SWFDEC_LOG ("empty crossdomain policy file");
78 host_lower
= g_ascii_strdown (host
, -1);
83 for (i
= 0; i
< swfdec_xml_node_num_children (SWFDEC_XML_NODE (xml
)); i
++) {
84 SwfdecXmlNode
*node_cdp
=
85 swfdec_xml_node_get_child (SWFDEC_XML_NODE (xml
), i
);
87 if (node_cdp
->type
!= SWFDEC_XML_NODE_ELEMENT
)
90 if (g_ascii_strcasecmp (node_cdp
->name
, "cross-domain-policy") != 0)
93 for (j
= 0; j
< swfdec_xml_node_num_children (node_cdp
); j
++) {
94 SwfdecXmlNode
*node_aaf
= swfdec_xml_node_get_child (node_cdp
, j
);
96 GPatternSpec
*pattern
;
99 if (node_aaf
->type
!= SWFDEC_XML_NODE_ELEMENT
)
102 if (g_ascii_strcasecmp (node_aaf
->name
, "allow-access-from") != 0)
105 // FIXME: secure attribute?
107 value
= swfdec_xml_node_get_attribute (node_aaf
, SWFDEC_AS_STR_domain
);
112 // GPatternSpec uses ? as a wildcard character, but we won't
113 // And there can't be a host that has ? character
114 if (strchr (value
, '?') != NULL
)
117 value_lower
= g_ascii_strdown (value
, -1);
118 pattern
= g_pattern_spec_new (value_lower
);
119 g_free (value_lower
);
121 if (g_pattern_match_string (pattern
, host_lower
)) {
123 g_pattern_spec_free (pattern
);
127 g_pattern_spec_free (pattern
);
129 // in case we don't have a host name, only match asterisks
130 if (value
[strspn (value
, "*")] == '\0')
142 swfdec_policy_loader_target_eof (SwfdecLoaderTarget
*target
,
143 SwfdecLoader
*loader
)
145 SwfdecPolicyLoader
*policy_loader
= SWFDEC_POLICY_LOADER (target
);
149 text
= swfdec_loader_get_text (policy_loader
->loader
, 8);
152 SWFDEC_ERROR ("couldn't get text from crossdomain policy");
155 allow
= swfdec_policy_loader_check (
156 SWFDEC_AS_CONTEXT (policy_loader
->sec
->player
), text
,
157 swfdec_url_get_host (policy_loader
->sec
->url
));
162 SWFDEC_LOG ("crossdomain policy %s access from %s to %s",
163 (allow
? "allows" : "doesn't allow"),
164 swfdec_url_get_host (policy_loader
->sec
->url
), policy_loader
->host
);
166 policy_loader
->func (policy_loader
, allow
);
170 swfdec_policy_loader_loader_target_init (SwfdecLoaderTargetInterface
*iface
)
172 iface
->get_player
= swfdec_policy_loader_target_get_player
;
173 iface
->eof
= swfdec_policy_loader_target_eof
;
174 iface
->error
= swfdec_policy_loader_target_error
;
177 /*** SWFDEC_POLICY_LOADER ***/
179 G_DEFINE_TYPE_WITH_CODE (SwfdecPolicyLoader
, swfdec_policy_loader
, G_TYPE_OBJECT
,
180 G_IMPLEMENT_INTERFACE (SWFDEC_TYPE_LOADER_TARGET
, swfdec_policy_loader_loader_target_init
))
183 swfdec_policy_loader_dispose (GObject
*object
)
185 SwfdecPolicyLoader
*policy_loader
= SWFDEC_POLICY_LOADER (object
);
187 g_assert (policy_loader
->loader
);
188 swfdec_loader_set_target (policy_loader
->loader
, NULL
);
189 g_object_unref (policy_loader
->loader
);
190 policy_loader
->loader
= NULL
;
192 g_assert (policy_loader
->host
);
193 g_free (policy_loader
->host
);
195 G_OBJECT_CLASS (swfdec_policy_loader_parent_class
)->dispose (object
);
199 swfdec_policy_loader_class_init (SwfdecPolicyLoaderClass
*klass
)
201 GObjectClass
*object_class
= G_OBJECT_CLASS (klass
);
203 object_class
->dispose
= swfdec_policy_loader_dispose
;
207 swfdec_policy_loader_init (SwfdecPolicyLoader
*policy_loader
)
212 swfdec_policy_loader_new (SwfdecFlashSecurity
*sec
, const char *host
,
213 SwfdecPolicyLoaderFunc func
)
215 SwfdecPolicyLoader
*policy_loader
;
219 g_return_val_if_fail (SWFDEC_IS_FLASH_SECURITY (sec
), NULL
);
220 g_return_val_if_fail (host
!= NULL
, NULL
);
221 g_return_val_if_fail (func
!= NULL
, NULL
);
223 policy_loader
= SWFDEC_POLICY_LOADER (g_object_new (
224 SWFDEC_TYPE_POLICY_LOADER
, NULL
));
226 url_str
= g_strdup_printf ("http://%s/crossdomain.xml", host
);
227 url
= swfdec_url_new (url_str
);
229 policy_loader
->loader
= swfdec_loader_load (sec
->player
->priv
->resource
->loader
,
230 url
, SWFDEC_LOADER_REQUEST_DEFAULT
, NULL
, 0);
231 swfdec_url_free (url
);
233 if (!policy_loader
->loader
) {
234 g_free (policy_loader
);
238 policy_loader
->sec
= sec
;
239 policy_loader
->host
= g_strdup (host
);
240 policy_loader
->func
= func
;
242 swfdec_loader_set_target (policy_loader
->loader
,
243 SWFDEC_LOADER_TARGET (policy_loader
));
244 swfdec_loader_set_data_type (policy_loader
->loader
, SWFDEC_LOADER_DATA_TEXT
);
246 return policy_loader
;
250 swfdec_policy_loader_free (SwfdecPolicyLoader
*policy_loader
)
252 g_return_if_fail (SWFDEC_IS_POLICY_LOADER (policy_loader
));
254 g_object_unref (policy_loader
);