2007-03-22 10:30:00 -07:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
|
|
/* vim: set ft=cpp tw=78 sw=2 et ts=8 : */
|
2012-05-21 04:12:37 -07:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
#include "nsISupports.idl"
|
|
|
|
|
|
|
|
interface nsIURI;
|
|
|
|
interface nsIDOMNode;
|
2013-09-22 16:23:30 -07:00
|
|
|
interface nsIPrincipal;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2012-11-20 17:28:34 -08:00
|
|
|
/**
|
|
|
|
* The type of nsIContentPolicy::TYPE_*
|
|
|
|
*/
|
|
|
|
typedef unsigned long nsContentPolicyType;
|
|
|
|
|
2007-03-22 10:30:00 -07:00
|
|
|
/**
|
|
|
|
* Interface for content policy mechanism. Implementations of this
|
|
|
|
* interface can be used to control loading of various types of out-of-line
|
|
|
|
* content, or processing of certain types of in-line content.
|
|
|
|
*
|
|
|
|
* WARNING: do not block the caller from shouldLoad or shouldProcess (e.g.,
|
|
|
|
* by launching a dialog to prompt the user for something).
|
|
|
|
*/
|
|
|
|
|
2014-08-19 14:49:38 -07:00
|
|
|
[scriptable,uuid(94513f07-d559-480e-8879-6249852365ea)]
|
2007-03-22 10:30:00 -07:00
|
|
|
interface nsIContentPolicy : nsISupports
|
|
|
|
{
|
2014-08-19 14:49:38 -07:00
|
|
|
/**
|
|
|
|
* Indicates a unset or bogus policy type.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_INVALID = 0;
|
|
|
|
|
2012-11-20 17:28:34 -08:00
|
|
|
/**
|
|
|
|
* Gecko/Firefox developers: Do not use TYPE_OTHER under any circumstances.
|
|
|
|
*
|
|
|
|
* Extension developers: Whenever it is reasonable, use one of the existing
|
|
|
|
* content types. If none of the existing content types are right for
|
|
|
|
* something you are doing, file a bug in the Core/DOM component that
|
|
|
|
* includes a patch that adds your new content type to the end of the list of
|
|
|
|
* TYPE_* constants here. But, don't start using your new content type until
|
|
|
|
* your patch has been accepted, because it will be uncertain what exact
|
|
|
|
* value and name your new content type will have; in that interim period,
|
|
|
|
* use TYPE_OTHER. In your patch, document your new content type in the style
|
|
|
|
* of the existing ones. In the bug you file, provide a more detailed
|
|
|
|
* description of the new type of content you want Gecko to support, so that
|
|
|
|
* the existing implementations of nsIContentPolicy can be properly modified
|
|
|
|
* to deal with that new type of content.
|
|
|
|
*
|
|
|
|
* Implementations of nsIContentPolicy should treat this the same way they
|
|
|
|
* treat unknown types, because existing users of TYPE_OTHER may be converted
|
|
|
|
* to use new content types.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_OTHER = 1;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates an executable script (such as JavaScript).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_SCRIPT = 2;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates an image (e.g., IMG elements).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_IMAGE = 3;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a stylesheet (e.g., STYLE elements).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_STYLESHEET = 4;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a generic object (plugin-handled content typically falls under
|
|
|
|
* this category).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_OBJECT = 5;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a document at the top-level (i.e., in a browser).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_DOCUMENT = 6;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a document contained within another document (e.g., IFRAMEs,
|
|
|
|
* FRAMES, and OBJECTs).
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_SUBDOCUMENT = 7;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a timed refresh.
|
|
|
|
*
|
|
|
|
* shouldLoad will never get this, because it does not represent content
|
|
|
|
* to be loaded (the actual load triggered by the refresh will go through
|
|
|
|
* shouldLoad as expected).
|
|
|
|
*
|
|
|
|
* shouldProcess will get this for, e.g., META Refresh elements and HTTP
|
|
|
|
* Refresh headers.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_REFRESH = 8;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2007-06-17 06:50:50 -07:00
|
|
|
/**
|
|
|
|
* Indicates an XBL binding request, triggered either by -moz-binding CSS
|
2013-01-24 09:45:49 -08:00
|
|
|
* property.
|
2007-06-17 06:50:50 -07:00
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_XBL = 9;
|
2007-06-17 06:50:50 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a ping triggered by a click on <A PING="..."> element.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_PING = 10;
|
2007-06-17 06:50:50 -07:00
|
|
|
|
|
|
|
/**
|
2011-10-31 08:39:46 -07:00
|
|
|
* Indicates an XMLHttpRequest. Also used for document.load and for EventSource.
|
2007-06-17 06:50:50 -07:00
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_XMLHTTPREQUEST = 11;
|
|
|
|
const nsContentPolicyType TYPE_DATAREQUEST = 11; // alias
|
2007-06-17 06:50:50 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Indicates a request by a plugin.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_OBJECT_SUBREQUEST = 12;
|
2007-03-22 10:30:00 -07:00
|
|
|
|
2008-03-05 02:29:32 -08:00
|
|
|
/**
|
|
|
|
* Indicates a DTD loaded by an XML document.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_DTD = 13;
|
2008-03-05 02:29:32 -08:00
|
|
|
|
2008-11-05 16:32:12 -08:00
|
|
|
/**
|
|
|
|
* Indicates a font loaded via @font-face rule.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_FONT = 14;
|
2008-11-05 16:32:12 -08:00
|
|
|
|
2009-01-24 03:00:17 -08:00
|
|
|
/**
|
|
|
|
* Indicates a video or audio load.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_MEDIA = 15;
|
2009-01-24 03:00:17 -08:00
|
|
|
|
2011-12-07 15:19:43 -08:00
|
|
|
/**
|
|
|
|
* Indicates a WebSocket load.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
const nsContentPolicyType TYPE_WEBSOCKET = 16;
|
2011-12-07 15:19:43 -08:00
|
|
|
|
2012-11-20 17:28:34 -08:00
|
|
|
/**
|
|
|
|
* Indicates a Content Security Policy report.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_CSP_REPORT = 17;
|
|
|
|
|
2013-09-11 14:11:49 -07:00
|
|
|
/**
|
|
|
|
* Indicates a style sheet transformation.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_XSLT = 18;
|
|
|
|
|
2014-03-06 07:51:23 -08:00
|
|
|
/**
|
|
|
|
* Indicates a beacon post.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_BEACON = 19;
|
|
|
|
|
2014-10-13 15:09:58 -07:00
|
|
|
/**
|
|
|
|
* Indicates a load initiated by the fetch() function from the Fetch
|
|
|
|
* specification.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_FETCH = 20;
|
|
|
|
|
2014-08-19 14:12:34 -07:00
|
|
|
/**
|
|
|
|
* Indicates a <img srcset> or <picture> request.
|
|
|
|
*/
|
|
|
|
const nsContentPolicyType TYPE_IMAGESET = 21;
|
|
|
|
|
2012-11-20 17:28:34 -08:00
|
|
|
/* When adding new content types, please update nsContentBlocker,
|
2014-07-30 14:37:22 -07:00
|
|
|
* NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
|
2012-11-20 17:28:34 -08:00
|
|
|
* implementations, and other things that are not listed here that are
|
|
|
|
* related to nsIContentPolicy. */
|
2011-09-08 13:20:44 -07:00
|
|
|
|
2007-03-22 10:30:00 -07:00
|
|
|
//////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returned from shouldLoad or shouldProcess if the load or process request
|
|
|
|
* is rejected based on details of the request.
|
|
|
|
*/
|
|
|
|
const short REJECT_REQUEST = -1;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returned from shouldLoad or shouldProcess if the load/process is rejected
|
|
|
|
* based solely on its type (of the above flags).
|
|
|
|
*
|
|
|
|
* NOTE that it is not meant to stop future requests for this type--only the
|
|
|
|
* current request.
|
|
|
|
*/
|
|
|
|
const short REJECT_TYPE = -2;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returned from shouldLoad or shouldProcess if the load/process is rejected
|
|
|
|
* based on the server it is hosted on or requested from (aContentLocation or
|
|
|
|
* aRequestOrigin), e.g., if you block an IMAGE because it is served from
|
|
|
|
* goatse.cx (even if you don't necessarily block other types from that
|
|
|
|
* server/domain).
|
2012-11-20 17:28:34 -08:00
|
|
|
*
|
2007-03-22 10:30:00 -07:00
|
|
|
* NOTE that it is not meant to stop future requests for this server--only the
|
|
|
|
* current request.
|
|
|
|
*/
|
|
|
|
const short REJECT_SERVER = -3;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returned from shouldLoad or shouldProcess if the load/process is rejected
|
|
|
|
* based on some other criteria. Mozilla callers will handle this like
|
|
|
|
* REJECT_REQUEST; third-party implementors may, for example, use this to
|
|
|
|
* direct their own callers to consult the extra parameter for additional
|
|
|
|
* details.
|
|
|
|
*/
|
|
|
|
const short REJECT_OTHER = -4;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Returned from shouldLoad or shouldProcess if the load or process request
|
|
|
|
* is not rejected.
|
|
|
|
*/
|
|
|
|
const short ACCEPT = 1;
|
|
|
|
|
|
|
|
//////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Should the resource at this location be loaded?
|
|
|
|
* ShouldLoad will be called before loading the resource at aContentLocation
|
|
|
|
* to determine whether to start the load at all.
|
|
|
|
*
|
|
|
|
* @param aContentType the type of content being tested. This will be one
|
|
|
|
* one of the TYPE_* constants.
|
|
|
|
*
|
|
|
|
* @param aContentLocation the location of the content being checked; must
|
|
|
|
* not be null
|
|
|
|
*
|
|
|
|
* @param aRequestOrigin OPTIONAL. the location of the resource that
|
|
|
|
* initiated this load request; can be null if
|
|
|
|
* inapplicable
|
|
|
|
*
|
|
|
|
* @param aContext OPTIONAL. the nsIDOMNode or nsIDOMWindow that
|
|
|
|
* initiated the request, or something that can QI
|
|
|
|
* to one of those; can be null if inapplicable.
|
2012-10-23 21:44:11 -07:00
|
|
|
* Note that for navigation events (new windows and
|
|
|
|
* link clicks), this is the NEW window.
|
2007-03-22 10:30:00 -07:00
|
|
|
*
|
|
|
|
* @param aMimeTypeGuess OPTIONAL. a guess for the requested content's
|
|
|
|
* MIME type, based on information available to
|
|
|
|
* the request initiator (e.g., an OBJECT's type
|
|
|
|
* attribute); does not reliably reflect the
|
|
|
|
* actual MIME type of the requested content
|
|
|
|
*
|
|
|
|
* @param aExtra an OPTIONAL argument, pass-through for non-Gecko
|
|
|
|
* callers to pass extra data to callees.
|
|
|
|
*
|
2012-10-23 21:44:11 -07:00
|
|
|
* @param aRequestPrincipal an OPTIONAL argument, defines the principal that
|
|
|
|
* caused the load. This is optional only for
|
|
|
|
* non-gecko code: all gecko code should set this
|
|
|
|
* argument. For navigation events, this is
|
|
|
|
* the principal of the page that caused this load.
|
|
|
|
*
|
2007-03-22 10:30:00 -07:00
|
|
|
* @return ACCEPT or REJECT_*
|
|
|
|
*
|
|
|
|
* @note shouldLoad can be called while the DOM and layout of the document
|
|
|
|
* involved is in an inconsistent state. This means that implementors of
|
|
|
|
* this method MUST NOT do any of the following:
|
|
|
|
* 1) Modify the DOM in any way (e.g. setting attributes is a no-no).
|
|
|
|
* 2) Query any DOM properties that depend on layout (e.g. offset*
|
|
|
|
* properties).
|
|
|
|
* 3) Query any DOM properties that depend on style (e.g. computed style).
|
|
|
|
* 4) Query any DOM properties that depend on the current state of the DOM
|
|
|
|
* outside the "context" node (e.g. lengths of node lists).
|
|
|
|
* 5) [JavaScript implementations only] Access properties of any sort on any
|
|
|
|
* object without using XPCNativeWrapper (either explicitly or
|
|
|
|
* implicitly). Due to various DOM0 things, this leads to item 4.
|
|
|
|
* If you do any of these things in your shouldLoad implementation, expect
|
|
|
|
* unpredictable behavior, possibly including crashes, content not showing
|
|
|
|
* up, content showing up doubled, etc. If you need to do any of the things
|
|
|
|
* above, do them off timeout or event.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
short shouldLoad(in nsContentPolicyType aContentType,
|
2007-03-22 10:30:00 -07:00
|
|
|
in nsIURI aContentLocation,
|
|
|
|
in nsIURI aRequestOrigin,
|
|
|
|
in nsISupports aContext,
|
|
|
|
in ACString aMimeTypeGuess,
|
2012-07-02 16:16:11 -07:00
|
|
|
in nsISupports aExtra,
|
|
|
|
[optional] in nsIPrincipal aRequestPrincipal);
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Should the resource be processed?
|
|
|
|
* ShouldProcess will be called once all the information passed to it has
|
|
|
|
* been determined about the resource, typically after part of the resource
|
|
|
|
* has been loaded.
|
|
|
|
*
|
|
|
|
* @param aContentType the type of content being tested. This will be one
|
|
|
|
* one of the TYPE_* constants.
|
|
|
|
*
|
|
|
|
* @param aContentLocation OPTIONAL; the location of the resource being
|
|
|
|
* requested: MAY be, e.g., a post-redirection URI
|
|
|
|
* for the resource.
|
|
|
|
*
|
|
|
|
* @param aRequestOrigin OPTIONAL. the location of the resource that
|
|
|
|
* initiated this load request; can be null if
|
|
|
|
* inapplicable
|
|
|
|
*
|
|
|
|
* @param aContext OPTIONAL. the nsIDOMNode or nsIDOMWindow that
|
|
|
|
* initiated the request, or something that can QI
|
|
|
|
* to one of those; can be null if inapplicable.
|
|
|
|
*
|
|
|
|
* @param aMimeType the MIME type of the requested resource (e.g.,
|
|
|
|
* image/png), as reported by the networking library,
|
|
|
|
* if available (may be empty if inappropriate for
|
|
|
|
* the type, e.g., TYPE_REFRESH).
|
|
|
|
*
|
|
|
|
* @param aExtra an OPTIONAL argument, pass-through for non-Gecko
|
|
|
|
* callers to pass extra data to callees.
|
|
|
|
*
|
|
|
|
* @return ACCEPT or REJECT_*
|
|
|
|
*
|
|
|
|
* @note shouldProcess can be called while the DOM and layout of the document
|
|
|
|
* involved is in an inconsistent state. See the note on shouldLoad to see
|
|
|
|
* what this means for implementors of this method.
|
|
|
|
*/
|
2012-11-20 17:28:34 -08:00
|
|
|
short shouldProcess(in nsContentPolicyType aContentType,
|
2007-03-22 10:30:00 -07:00
|
|
|
in nsIURI aContentLocation,
|
|
|
|
in nsIURI aRequestOrigin,
|
|
|
|
in nsISupports aContext,
|
|
|
|
in ACString aMimeType,
|
2012-07-02 16:16:11 -07:00
|
|
|
in nsISupports aExtra,
|
|
|
|
[optional] in nsIPrincipal aRequestPrincipal);
|
2007-03-22 10:30:00 -07:00
|
|
|
|
|
|
|
};
|