2012-05-21 04:12:37 -07:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
2010-01-21 10:41:24 -08:00
|
|
|
|
|
|
|
#include "nsISupports.idl"
|
|
|
|
|
|
|
|
interface nsIURI;
|
|
|
|
interface nsIHttpChannel;
|
|
|
|
interface nsIDocShell;
|
|
|
|
|
|
|
|
/**
|
2012-10-15 13:54:58 -07:00
|
|
|
* nsIContentSecurityPolicy
|
2010-01-21 10:41:24 -08:00
|
|
|
* Describes an XPCOM component used to model an enforce CSPs.
|
|
|
|
*/
|
|
|
|
|
2012-08-30 10:58:24 -07:00
|
|
|
[scriptable, uuid(230b126d-afc3-4588-9794-3e135594d626)]
|
2010-01-21 10:41:24 -08:00
|
|
|
interface nsIContentSecurityPolicy : nsISupports
|
|
|
|
{
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Set to true when the CSP has been read in and parsed and is ready to
|
|
|
|
* enforce. This is a barrier for the nsDocument so it doesn't load any
|
|
|
|
* sub-content until either it knows that a CSP is ready or will not be used.
|
|
|
|
*/
|
|
|
|
attribute boolean isInitialized;
|
|
|
|
|
|
|
|
/**
|
2010-07-02 18:15:13 -07:00
|
|
|
* When set to true, content load-blocking and fail-closed are disabled: CSP
|
|
|
|
* will ONLY send reports, and not modify behavior.
|
2010-01-21 10:41:24 -08:00
|
|
|
*/
|
2010-07-02 18:15:13 -07:00
|
|
|
attribute boolean reportOnlyMode;
|
2010-01-21 10:41:24 -08:00
|
|
|
|
|
|
|
/**
|
2010-07-02 18:15:13 -07:00
|
|
|
* A read-only string version of the policy for debugging.
|
2010-01-21 10:41:24 -08:00
|
|
|
*/
|
2010-07-02 18:15:13 -07:00
|
|
|
readonly attribute AString policy;
|
2010-01-21 10:41:24 -08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether this policy allows in-page script.
|
2012-10-15 13:54:58 -07:00
|
|
|
* @param shouldReportViolation
|
|
|
|
* Whether or not the use of inline script should be reported.
|
|
|
|
* This function always returns "true" for report-only policies, but when
|
|
|
|
* the report-only policy is violated, shouldReportViolation is true as
|
|
|
|
* well.
|
|
|
|
* @return
|
|
|
|
* Whether or not the effects of the inline script should be allowed
|
|
|
|
* (block the compilation if false).
|
2010-01-21 10:41:24 -08:00
|
|
|
*/
|
2012-10-15 13:54:58 -07:00
|
|
|
boolean getAllowsInlineScript(out boolean shouldReportViolation);
|
2010-01-21 10:41:24 -08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* whether this policy allows eval and eval-like functions
|
|
|
|
* such as setTimeout("code string", time).
|
2012-10-15 13:54:58 -07:00
|
|
|
* @param shouldReportViolation
|
|
|
|
* Whether or not the use of eval should be reported.
|
|
|
|
* This function always returns "true" for report-only policies, but when
|
|
|
|
* the report-only policy is violated, shouldReportViolation is true as
|
|
|
|
* well.
|
|
|
|
* @return
|
|
|
|
* Whether or not the effects of the eval call should be allowed
|
|
|
|
* (block the call if false).
|
2010-01-21 10:41:24 -08:00
|
|
|
*/
|
2012-10-15 13:54:58 -07:00
|
|
|
boolean getAllowsEval(out boolean shouldReportViolation);
|
2010-01-21 10:41:24 -08:00
|
|
|
|
2012-08-30 10:58:24 -07:00
|
|
|
/**
|
|
|
|
* Whether this policy allows in-page styles.
|
|
|
|
* This includes <style> tags with text content and style="" attributes in
|
|
|
|
* HTML elements.
|
|
|
|
* @param shouldReportViolation
|
|
|
|
* Whether or not the use of eval should be reported.
|
|
|
|
* This function always returns "true" for report-only policies, but when
|
|
|
|
* the report-only policy is violated, shouldReportViolation is true as
|
|
|
|
* well.
|
|
|
|
* @return
|
|
|
|
* Whether or not the effects of the eval call should be allowed
|
|
|
|
* (block the call if false).
|
|
|
|
*/
|
|
|
|
boolean getAllowsInlineStyle(out boolean shouldReportViolation);
|
|
|
|
|
2011-01-31 10:09:44 -08:00
|
|
|
/**
|
|
|
|
* Log policy violation on the Error Console and send a report if a report-uri
|
|
|
|
* is present in the policy
|
|
|
|
*
|
|
|
|
* @param violationType
|
|
|
|
* one of the VIOLATION_TYPE_* constants, e.g. inline-script or eval
|
|
|
|
* @param sourceFile
|
|
|
|
* name of the source file containing the violation (if available)
|
|
|
|
* @param contentSample
|
|
|
|
* sample of the violating content (to aid debugging)
|
|
|
|
* @param lineNum
|
|
|
|
* source line number of the violation (if available)
|
|
|
|
*/
|
|
|
|
void logViolationDetails(in unsigned short violationType,
|
|
|
|
in AString sourceFile,
|
|
|
|
in AString scriptSample,
|
2012-08-22 08:56:38 -07:00
|
|
|
in int32_t lineNum);
|
2011-01-31 10:09:44 -08:00
|
|
|
|
|
|
|
const unsigned short VIOLATION_TYPE_INLINE_SCRIPT = 1;
|
|
|
|
const unsigned short VIOLATION_TYPE_EVAL = 2;
|
2012-08-30 10:58:24 -07:00
|
|
|
const unsigned short VIOLATION_TYPE_INLINE_STYLE = 3;
|
2011-01-31 10:09:44 -08:00
|
|
|
|
2010-07-02 18:15:13 -07:00
|
|
|
/**
|
|
|
|
* Manually triggers violation report sending given a URI and reason.
|
|
|
|
* The URI may be null, in which case "self" is sent.
|
|
|
|
* @param blockedURI
|
|
|
|
* the URI that violated the policy
|
|
|
|
* @param violatedDirective
|
|
|
|
* the directive that was violated.
|
2011-01-31 10:09:44 -08:00
|
|
|
* @param scriptSample
|
|
|
|
* a sample of the violating inline script
|
|
|
|
* @param lineNum
|
|
|
|
* source line number of the violation (if available)
|
2012-10-15 13:54:58 -07:00
|
|
|
* @return
|
2010-07-02 18:15:13 -07:00
|
|
|
* nothing.
|
|
|
|
*/
|
2011-01-31 10:09:44 -08:00
|
|
|
void sendReports(in AString blockedURI,
|
|
|
|
in AString violatedDirective,
|
|
|
|
in AString scriptSample,
|
2012-08-22 08:56:38 -07:00
|
|
|
in int32_t lineNum);
|
2010-07-02 18:15:13 -07:00
|
|
|
|
2010-01-21 10:41:24 -08:00
|
|
|
/**
|
|
|
|
* Called after the CSP object is created to fill in the appropriate request
|
|
|
|
* and request header information needed in case a report needs to be sent.
|
|
|
|
*/
|
|
|
|
void scanRequestData(in nsIHttpChannel aChannel);
|
|
|
|
|
|
|
|
/**
|
2010-07-02 18:15:13 -07:00
|
|
|
* Updates the policy currently stored in the CSP to be "refined" or
|
2010-01-21 10:41:24 -08:00
|
|
|
* tightened by the one specified in the string policyString.
|
|
|
|
*/
|
2013-01-09 10:57:03 -08:00
|
|
|
void refinePolicy(in AString policyString, in nsIURI selfURI, in boolean specCompliant);
|
2010-01-21 10:41:24 -08:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Verifies ancestry as permitted by the policy.
|
|
|
|
*
|
|
|
|
* Calls to this may trigger violation reports when queried, so
|
|
|
|
* this value should not be cached.
|
|
|
|
*
|
|
|
|
* @param docShell
|
|
|
|
* containing the protected resource
|
|
|
|
* @return
|
|
|
|
* true if the frame's ancestors are all permitted by policy
|
|
|
|
*/
|
|
|
|
boolean permitsAncestry(in nsIDocShell docShell);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delegate method called by the service when sub-elements of the protected
|
|
|
|
* document are being loaded. Given a bit of information about the request,
|
|
|
|
* decides whether or not the policy is satisfied.
|
|
|
|
*
|
|
|
|
* Calls to this may trigger violation reports when queried, so
|
|
|
|
* this value should not be cached.
|
|
|
|
*/
|
|
|
|
short shouldLoad(in unsigned long aContentType,
|
|
|
|
in nsIURI aContentLocation,
|
|
|
|
in nsIURI aRequestOrigin,
|
|
|
|
in nsISupports aContext,
|
|
|
|
in ACString aMimeTypeGuess,
|
|
|
|
in nsISupports aExtra);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Delegate method called by the service when sub-elements of the protected
|
|
|
|
* document are being processed. Given a bit of information about the request,
|
|
|
|
* decides whether or not the policy is satisfied.
|
|
|
|
*/
|
|
|
|
short shouldProcess(in unsigned long aContentType,
|
|
|
|
in nsIURI aContentLocation,
|
|
|
|
in nsIURI aRequestOrigin,
|
|
|
|
in nsISupports aContext,
|
|
|
|
in ACString aMimeType,
|
|
|
|
in nsISupports aExtra);
|
|
|
|
|
|
|
|
};
|