DXR is a code search and navigation tool aimed at making sense of large projects. It supports full-text and regex searches as well as structural queries.

Implementation

Mercurial (ae8d2f148d7d)

VCS Links

Line Code
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=4 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#ifndef nsScriptSecurityManager_h__
#define nsScriptSecurityManager_h__

#include "nsIScriptSecurityManager.h"

#include "mozilla/Maybe.h"
#include "nsIPrincipal.h"
#include "nsCOMPtr.h"
#include "nsServiceManagerUtils.h"
#include "nsStringFwd.h"
#include "plstr.h"
#include "js/TypeDecls.h"

#include <stdint.h>

class nsIIOService;
class nsIStringBundle;

namespace mozilla {
class OriginAttributes;
class SystemPrincipal;
}  // namespace mozilla

/////////////////////////////
// nsScriptSecurityManager //
/////////////////////////////
#define NS_SCRIPTSECURITYMANAGER_CID                 \
  {                                                  \
    0x7ee2a4c0, 0x4b93, 0x17d3, {                    \
      0xba, 0x18, 0x00, 0x60, 0xb0, 0xf1, 0x99, 0xa2 \
    }                                                \
  }

class nsScriptSecurityManager final : public nsIScriptSecurityManager {
 public:
  static void Shutdown();

  NS_DEFINE_STATIC_CID_ACCESSOR(NS_SCRIPTSECURITYMANAGER_CID)

  NS_DECL_ISUPPORTS
  NS_DECL_NSISCRIPTSECURITYMANAGER

  static nsScriptSecurityManager* GetScriptSecurityManager();

  // Invoked exactly once, by XPConnect.
  static void InitStatics();

  void InitJSCallbacks(JSContext* aCx);

  // This has to be static because it is called after gScriptSecMan is cleared.
  static void ClearJSCallbacks(JSContext* aCx);

  static already_AddRefed<mozilla::SystemPrincipal>
  SystemPrincipalSingletonConstructor();

  /**
   * Utility method for comparing two URIs.  For security purposes, two URIs
   * are equivalent if their schemes, hosts, and ports (if any) match.  This
   * method returns true if aSubjectURI and aObjectURI have the same origin,
   * false otherwise.
   */
  static bool SecurityCompareURIs(nsIURI* aSourceURI, nsIURI* aTargetURI);
  static uint32_t SecurityHashURI(nsIURI* aURI);

  static nsresult ReportError(const char* aMessageTag, nsIURI* aSource,
                              nsIURI* aTarget, bool aFromPrivateWindow,
                              uint64_t aInnerWindowID = 0);

  static bool GetStrictFileOriginPolicy() { return sStrictFileOriginPolicy; }

  void DeactivateDomainPolicy();

 private:
  // GetScriptSecurityManager is the only call that can make one
  nsScriptSecurityManager();
  virtual ~nsScriptSecurityManager();

  // Decides, based on CSP, whether or not eval() and stuff can be executed.
  static bool ContentSecurityPolicyPermitsJSAction(JSContext* cx,
                                                   JS::HandleValue aValue);

  static bool JSPrincipalsSubsume(JSPrincipals* first, JSPrincipals* second);

  nsresult Init();

  nsresult InitPrefs();

  static void ScriptSecurityPrefChanged(const char* aPref, void* aSelf);
  void ScriptSecurityPrefChanged(const char* aPref = nullptr);

  inline void AddSitesToFileURIAllowlist(const nsCString& aSiteList);

  nsresult GetChannelResultPrincipal(nsIChannel* aChannel,
                                     nsIPrincipal** aPrincipal,
                                     bool aIgnoreSandboxing);

  nsresult CheckLoadURIFlags(nsIURI* aSourceURI, nsIURI* aTargetURI,
                             nsIURI* aSourceBaseURI, nsIURI* aTargetBaseURI,
                             uint32_t aFlags, bool aFromPrivateWindow,
                             uint64_t aInnerWindowID);

  // Returns the file URI allowlist, initializing it if it has not been
  // initialized.
  const nsTArray<nsCOMPtr<nsIURI>>& EnsureFileURIAllowlist();

  nsCOMPtr<nsIPrincipal> mSystemPrincipal;
  bool mPrefInitialized;
  bool mIsJavaScriptEnabled;

  // List of URIs whose domains and sub-domains are allowlisted to allow
  // access to file: URIs.  Lazily initialized; isNothing() when not yet
  // initialized.
  mozilla::Maybe<nsTArray<nsCOMPtr<nsIURI>>> mFileURIAllowlist;

  // This machinery controls new-style domain policies. The old-style
  // policy machinery will be removed soon.
  nsCOMPtr<nsIDomainPolicy> mDomainPolicy;

  static bool sStrictFileOriginPolicy;

  static nsIIOService* sIOService;
  static nsIStringBundle* sStrBundle;
};

#endif  // nsScriptSecurityManager_h__