mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
Bug 1143922 - Make nsContentSecurityManager scriptable (r=sicking)
This commit is contained in:
parent
f95298b366
commit
78ab63d19e
@ -5,6 +5,7 @@
|
|||||||
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||||
|
|
||||||
XPIDL_SOURCES += [
|
XPIDL_SOURCES += [
|
||||||
|
'nsIContentSecurityManager.idl',
|
||||||
'nsIContentSecurityPolicy.idl'
|
'nsIContentSecurityPolicy.idl'
|
||||||
]
|
]
|
||||||
|
|
||||||
|
43
dom/interfaces/security/nsIContentSecurityManager.idl
Normal file
43
dom/interfaces/security/nsIContentSecurityManager.idl
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
||||||
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||||||
|
|
||||||
|
#include "nsISupports.idl"
|
||||||
|
|
||||||
|
interface nsIChannel;
|
||||||
|
interface nsIStreamListener;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* nsIContentSecurityManager
|
||||||
|
* Describes an XPCOM component used to perform security checks
|
||||||
|
* right before opnening a channel.
|
||||||
|
*/
|
||||||
|
|
||||||
|
[scriptable, uuid(70eaa956-1077-41f6-bef8-d722cea31245)]
|
||||||
|
interface nsIContentSecurityManager : nsISupports
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Checks whether a channel is allowed to access the given URI and
|
||||||
|
* whether the channel should be openend or should be blocked consulting
|
||||||
|
* internal security checks like Same Origin Policy, Content Security
|
||||||
|
* Policy, Mixed Content Blocker, etc.
|
||||||
|
*
|
||||||
|
* If security checks within performSecurityCheck fail, the function
|
||||||
|
* throws an exception.
|
||||||
|
*
|
||||||
|
* @param aChannel
|
||||||
|
* The channel about to be openend
|
||||||
|
* @param aStreamListener
|
||||||
|
* The Streamlistener of the channel potentially wrapped
|
||||||
|
* into CORSListenerProxy.
|
||||||
|
* @return
|
||||||
|
* The StreamListener of the channel wrapped into CORSListenerProxy.
|
||||||
|
*
|
||||||
|
* @throws NS_ERROR_DOM_BAD_URI
|
||||||
|
* If accessing the URI is not allowed (e.g. prohibted by SOP)
|
||||||
|
* @throws NS_ERROR_CONTENT_BLOCKED
|
||||||
|
* If any of the security policies (CSP, Mixed content) is violated
|
||||||
|
*/
|
||||||
|
nsIStreamListener performSecurityCheck(in nsIChannel aChannel,
|
||||||
|
in nsIStreamListener aStreamListener);
|
||||||
|
};
|
@ -8,6 +8,8 @@
|
|||||||
|
|
||||||
#include "mozilla/dom/Element.h"
|
#include "mozilla/dom/Element.h"
|
||||||
|
|
||||||
|
NS_IMPL_ISUPPORTS(nsContentSecurityManager, nsIContentSecurityManager)
|
||||||
|
|
||||||
nsresult
|
nsresult
|
||||||
ValidateSecurityFlags(nsILoadInfo* aLoadInfo)
|
ValidateSecurityFlags(nsILoadInfo* aLoadInfo)
|
||||||
{
|
{
|
||||||
@ -345,3 +347,19 @@ nsContentSecurityManager::doContentSecurityCheck(nsIChannel* aChannel,
|
|||||||
// all security checks passed - lets allow the load
|
// all security checks passed - lets allow the load
|
||||||
return NS_OK;
|
return NS_OK;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
// ==== nsIContentSecurityManager implementation =====
|
||||||
|
|
||||||
|
NS_IMETHODIMP
|
||||||
|
nsContentSecurityManager::PerformSecurityCheck(nsIChannel* aChannel,
|
||||||
|
nsIStreamListener* aStreamListener,
|
||||||
|
nsIStreamListener** outStreamListener)
|
||||||
|
{
|
||||||
|
nsCOMPtr<nsIStreamListener> inAndOutListener = aStreamListener;
|
||||||
|
nsresult rv = doContentSecurityCheck(aChannel, inAndOutListener);
|
||||||
|
NS_ENSURE_SUCCESS(rv, rv);
|
||||||
|
|
||||||
|
inAndOutListener.forget(outStreamListener);
|
||||||
|
return NS_OK;
|
||||||
|
}
|
||||||
|
@ -7,18 +7,31 @@
|
|||||||
#ifndef nsContentSecurityManager_h___
|
#ifndef nsContentSecurityManager_h___
|
||||||
#define nsContentSecurityManager_h___
|
#define nsContentSecurityManager_h___
|
||||||
|
|
||||||
|
#include "nsIContentSecurityManager.h"
|
||||||
#include "nsIChannel.h"
|
#include "nsIChannel.h"
|
||||||
|
|
||||||
class nsIStreamListener;
|
class nsIStreamListener;
|
||||||
|
|
||||||
class nsContentSecurityManager
|
#define NS_CONTENTSECURITYMANAGER_CONTRACTID "@mozilla.org/contentsecuritymanager;1"
|
||||||
{
|
// cdcc1ab8-3cea-4e6c-a294-a651fa35227f
|
||||||
private:
|
#define NS_CONTENTSECURITYMANAGER_CID \
|
||||||
nsContentSecurityManager() {}
|
{ 0xcdcc1ab8, 0x3cea, 0x4e6c, \
|
||||||
virtual ~nsContentSecurityManager() {}
|
{ 0xa2, 0x94, 0xa6, 0x51, 0xfa, 0x35, 0x22, 0x7f } }
|
||||||
|
|
||||||
|
class nsContentSecurityManager : public nsIContentSecurityManager
|
||||||
|
{
|
||||||
public:
|
public:
|
||||||
|
NS_DECL_ISUPPORTS
|
||||||
|
NS_DECL_NSICONTENTSECURITYMANAGER
|
||||||
|
|
||||||
|
nsContentSecurityManager() {}
|
||||||
|
|
||||||
static nsresult doContentSecurityCheck(nsIChannel* aChannel,
|
static nsresult doContentSecurityCheck(nsIChannel* aChannel,
|
||||||
nsCOMPtr<nsIStreamListener>& aInAndOutListener);
|
nsCOMPtr<nsIStreamListener>& aInAndOutListener);
|
||||||
|
|
||||||
|
private:
|
||||||
|
virtual ~nsContentSecurityManager() {}
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
#endif /* nsContentSecurityManager_h___ */
|
#endif /* nsContentSecurityManager_h___ */
|
||||||
|
@ -217,6 +217,7 @@ static void Shutdown();
|
|||||||
#ifdef MOZ_GAMEPAD
|
#ifdef MOZ_GAMEPAD
|
||||||
#include "mozilla/dom/GamepadServiceTest.h"
|
#include "mozilla/dom/GamepadServiceTest.h"
|
||||||
#endif
|
#endif
|
||||||
|
#include "mozilla/dom/nsContentSecurityManager.h"
|
||||||
#include "mozilla/dom/nsCSPService.h"
|
#include "mozilla/dom/nsCSPService.h"
|
||||||
#include "mozilla/dom/nsCSPContext.h"
|
#include "mozilla/dom/nsCSPContext.h"
|
||||||
#include "nsICellBroadcastService.h"
|
#include "nsICellBroadcastService.h"
|
||||||
@ -652,6 +653,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(FakeSpeechRecognitionService)
|
|||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(PocketSphinxSpeechRecognitionService)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(PocketSphinxSpeechRecognitionService)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsContentSecurityManager)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsCSPContext)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsCSPContext)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(CSPService)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(CSPService)
|
||||||
NS_GENERIC_FACTORY_CONSTRUCTOR(nsMixedContentBlocker)
|
NS_GENERIC_FACTORY_CONSTRUCTOR(nsMixedContentBlocker)
|
||||||
@ -797,6 +799,7 @@ NS_DEFINE_NAMED_CID(NS_GEOLOCATION_CID);
|
|||||||
NS_DEFINE_NAMED_CID(NS_AUDIOCHANNEL_SERVICE_CID);
|
NS_DEFINE_NAMED_CID(NS_AUDIOCHANNEL_SERVICE_CID);
|
||||||
NS_DEFINE_NAMED_CID(NS_DATASTORE_SERVICE_CID);
|
NS_DEFINE_NAMED_CID(NS_DATASTORE_SERVICE_CID);
|
||||||
NS_DEFINE_NAMED_CID(NS_FOCUSMANAGER_CID);
|
NS_DEFINE_NAMED_CID(NS_FOCUSMANAGER_CID);
|
||||||
|
NS_DEFINE_NAMED_CID(NS_CONTENTSECURITYMANAGER_CID);
|
||||||
NS_DEFINE_NAMED_CID(CSPSERVICE_CID);
|
NS_DEFINE_NAMED_CID(CSPSERVICE_CID);
|
||||||
NS_DEFINE_NAMED_CID(NS_CSPCONTEXT_CID);
|
NS_DEFINE_NAMED_CID(NS_CSPCONTEXT_CID);
|
||||||
NS_DEFINE_NAMED_CID(NS_MIXEDCONTENTBLOCKER_CID);
|
NS_DEFINE_NAMED_CID(NS_MIXEDCONTENTBLOCKER_CID);
|
||||||
@ -1115,6 +1118,7 @@ static const mozilla::Module::CIDEntry kLayoutCIDs[] = {
|
|||||||
#ifdef MOZ_WEBSPEECH
|
#ifdef MOZ_WEBSPEECH
|
||||||
{ &kNS_SYNTHVOICEREGISTRY_CID, true, nullptr, nsSynthVoiceRegistryConstructor },
|
{ &kNS_SYNTHVOICEREGISTRY_CID, true, nullptr, nsSynthVoiceRegistryConstructor },
|
||||||
#endif
|
#endif
|
||||||
|
{ &kNS_CONTENTSECURITYMANAGER_CID, false, nullptr, nsContentSecurityManagerConstructor },
|
||||||
{ &kCSPSERVICE_CID, false, nullptr, CSPServiceConstructor },
|
{ &kCSPSERVICE_CID, false, nullptr, CSPServiceConstructor },
|
||||||
{ &kNS_CSPCONTEXT_CID, false, nullptr, nsCSPContextConstructor },
|
{ &kNS_CSPCONTEXT_CID, false, nullptr, nsCSPContextConstructor },
|
||||||
{ &kNS_MIXEDCONTENTBLOCKER_CID, false, nullptr, nsMixedContentBlockerConstructor },
|
{ &kNS_MIXEDCONTENTBLOCKER_CID, false, nullptr, nsMixedContentBlockerConstructor },
|
||||||
@ -1284,6 +1288,7 @@ static const mozilla::Module::ContractIDEntry kLayoutContracts[] = {
|
|||||||
#ifdef MOZ_WEBSPEECH
|
#ifdef MOZ_WEBSPEECH
|
||||||
{ NS_SYNTHVOICEREGISTRY_CONTRACTID, &kNS_SYNTHVOICEREGISTRY_CID },
|
{ NS_SYNTHVOICEREGISTRY_CONTRACTID, &kNS_SYNTHVOICEREGISTRY_CID },
|
||||||
#endif
|
#endif
|
||||||
|
{ NS_CONTENTSECURITYMANAGER_CONTRACTID, &kNS_CONTENTSECURITYMANAGER_CID },
|
||||||
{ CSPSERVICE_CONTRACTID, &kCSPSERVICE_CID },
|
{ CSPSERVICE_CONTRACTID, &kCSPSERVICE_CID },
|
||||||
{ NS_CSPCONTEXT_CONTRACTID, &kNS_CSPCONTEXT_CID },
|
{ NS_CSPCONTEXT_CONTRACTID, &kNS_CSPCONTEXT_CID },
|
||||||
{ NS_MIXEDCONTENTBLOCKER_CONTRACTID, &kNS_MIXEDCONTENTBLOCKER_CID },
|
{ NS_MIXEDCONTENTBLOCKER_CONTRACTID, &kNS_MIXEDCONTENTBLOCKER_CID },
|
||||||
|
Loading…
Reference in New Issue
Block a user