2018-11-30 19:52:05 +00:00
|
|
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
2018-11-30 15:39:55 +00:00
|
|
|
// vim: ft=cpp tw=80 sw=2 et ts=8
|
2012-05-21 11:12:37 +00:00
|
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
2000-05-05 05:28:49 +00:00
|
|
|
|
2015-06-17 18:12:23 +00:00
|
|
|
/*
|
2006-03-30 08:03:04 +00:00
|
|
|
* Implementation of the "@mozilla.org/layout/content-policy;1" contract.
|
|
|
|
*/
|
|
|
|
|
2015-05-19 18:15:34 +00:00
|
|
|
#include "mozilla/Logging.h"
|
2004-05-13 18:34:18 +00:00
|
|
|
|
2000-05-05 05:28:49 +00:00
|
|
|
#include "nsISupports.h"
|
2002-09-03 23:36:13 +00:00
|
|
|
#include "nsXPCOM.h"
|
2000-05-05 05:28:49 +00:00
|
|
|
#include "nsContentPolicyUtils.h"
|
2015-09-20 21:55:44 +00:00
|
|
|
#include "mozilla/dom/nsCSPService.h"
|
2000-05-05 05:28:49 +00:00
|
|
|
#include "nsContentPolicy.h"
|
2004-05-13 18:34:18 +00:00
|
|
|
#include "nsIURI.h"
|
2015-06-17 18:12:23 +00:00
|
|
|
#include "nsIDocShell.h"
|
2004-07-27 17:15:53 +00:00
|
|
|
#include "nsIDOMWindow.h"
|
2019-04-09 23:15:02 +00:00
|
|
|
#include "nsIBrowserChild.h"
|
2004-09-01 17:12:18 +00:00
|
|
|
#include "nsIContent.h"
|
2017-02-03 03:49:07 +00:00
|
|
|
#include "nsIImageLoadingContent.h"
|
2015-06-17 18:12:23 +00:00
|
|
|
#include "nsILoadContext.h"
|
2006-03-22 15:26:35 +00:00
|
|
|
#include "nsCOMArray.h"
|
2015-07-01 13:56:00 +00:00
|
|
|
#include "nsContentUtils.h"
|
2015-09-11 22:48:43 +00:00
|
|
|
#include "mozilla/dom/nsMixedContentBlocker.h"
|
2017-03-29 02:20:32 +00:00
|
|
|
#include "nsIContentSecurityPolicy.h"
|
|
|
|
#include "mozilla/dom/TabGroup.h"
|
2017-06-21 10:14:01 +00:00
|
|
|
#include "mozilla/TaskCategory.h"
|
2000-05-05 05:28:49 +00:00
|
|
|
|
2015-06-17 18:12:23 +00:00
|
|
|
using mozilla::LogLevel;
|
|
|
|
|
2014-04-27 07:06:00 +00:00
|
|
|
NS_IMPL_ISUPPORTS(nsContentPolicy, nsIContentPolicy)
|
2000-05-05 05:28:49 +00:00
|
|
|
|
2015-11-23 19:09:25 +00:00
|
|
|
static mozilla::LazyLogModule gConPolLog("nsContentPolicy");
|
2004-05-13 18:34:18 +00:00
|
|
|
|
2000-05-05 05:28:49 +00:00
|
|
|
nsresult NS_NewContentPolicy(nsIContentPolicy **aResult) {
|
|
|
|
*aResult = new nsContentPolicy;
|
|
|
|
NS_ADDREF(*aResult);
|
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2006-03-22 15:26:35 +00:00
|
|
|
nsContentPolicy::nsContentPolicy() : mPolicies(NS_CONTENTPOLICY_CATEGORY) {}
|
2000-05-05 05:28:49 +00:00
|
|
|
|
|
|
|
nsContentPolicy::~nsContentPolicy() {}
|
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
#ifdef DEBUG
|
|
|
|
# define WARN_IF_URI_UNINITIALIZED(uri, name) \
|
|
|
|
PR_BEGIN_MACRO \
|
|
|
|
if ((uri)) { \
|
2012-09-02 02:35:17 +00:00
|
|
|
nsAutoCString spec; \
|
2004-05-13 18:34:18 +00:00
|
|
|
(uri)->GetAsciiSpec(spec); \
|
|
|
|
if (spec.IsEmpty()) { \
|
|
|
|
NS_WARNING(name " is uninitialized, fix caller"); \
|
|
|
|
} \
|
|
|
|
} \
|
|
|
|
PR_END_MACRO
|
2000-05-05 05:28:49 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
#else // ! defined(DEBUG)
|
|
|
|
|
|
|
|
# define WARN_IF_URI_UNINITIALIZED(uri, name)
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
#endif // defined(DEBUG)
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
inline nsresult nsContentPolicy::CheckPolicy(CPMethod policyMethod,
|
|
|
|
nsIURI *contentLocation,
|
2018-03-29 10:16:23 +00:00
|
|
|
nsILoadInfo *loadInfo,
|
2004-05-13 18:34:18 +00:00
|
|
|
const nsACString &mimeType,
|
2012-08-22 15:56:38 +00:00
|
|
|
int16_t *decision) {
|
2018-03-29 10:16:23 +00:00
|
|
|
nsContentPolicyType contentType = loadInfo->InternalContentPolicyType();
|
|
|
|
nsCOMPtr<nsISupports> requestingContext = loadInfo->GetLoadingContext();
|
|
|
|
nsCOMPtr<nsIPrincipal> requestPrincipal = loadInfo->TriggeringPrincipal();
|
|
|
|
nsCOMPtr<nsIURI> requestingLocation;
|
|
|
|
nsCOMPtr<nsIPrincipal> loadingPrincipal = loadInfo->LoadingPrincipal();
|
|
|
|
if (loadingPrincipal) {
|
|
|
|
loadingPrincipal->GetURI(getter_AddRefs(requestingLocation));
|
|
|
|
}
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
// sanity-check passed-through parameters
|
2018-04-28 19:50:58 +00:00
|
|
|
MOZ_ASSERT(decision, "Null out pointer");
|
2004-05-13 18:34:18 +00:00
|
|
|
WARN_IF_URI_UNINITIALIZED(contentLocation, "Request URI");
|
|
|
|
WARN_IF_URI_UNINITIALIZED(requestingLocation, "Requesting URI");
|
|
|
|
|
2004-07-27 17:15:53 +00:00
|
|
|
#ifdef DEBUG
|
|
|
|
{
|
2018-05-30 02:58:49 +00:00
|
|
|
nsCOMPtr<nsINode> node(do_QueryInterface(requestingContext));
|
2004-07-27 17:15:53 +00:00
|
|
|
nsCOMPtr<nsIDOMWindow> window(do_QueryInterface(requestingContext));
|
2019-04-09 22:39:01 +00:00
|
|
|
nsCOMPtr<nsIBrowserChild> browserChild(
|
|
|
|
do_QueryInterface(requestingContext));
|
|
|
|
NS_ASSERTION(!requestingContext || node || window || browserChild,
|
|
|
|
"Context should be a DOM node, DOM window or a browserChild!");
|
2004-07-27 17:15:53 +00:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2004-09-01 17:12:18 +00:00
|
|
|
/*
|
|
|
|
* There might not be a requestinglocation. This can happen for
|
|
|
|
* iframes with an image as src. Get the uri from the dom node.
|
|
|
|
* See bug 254510
|
|
|
|
*/
|
|
|
|
if (!requestingLocation) {
|
2019-01-02 13:05:23 +00:00
|
|
|
nsCOMPtr<Document> doc;
|
2004-09-01 17:12:18 +00:00
|
|
|
nsCOMPtr<nsIContent> node = do_QueryInterface(requestingContext);
|
|
|
|
if (node) {
|
2011-10-18 10:53:36 +00:00
|
|
|
doc = node->OwnerDoc();
|
2004-09-01 17:12:18 +00:00
|
|
|
}
|
2017-03-29 02:20:32 +00:00
|
|
|
if (!doc) {
|
|
|
|
doc = do_QueryInterface(requestingContext);
|
|
|
|
}
|
|
|
|
if (doc) {
|
|
|
|
requestingLocation = doc->GetDocumentURI();
|
|
|
|
}
|
2018-11-30 10:46:48 +00:00
|
|
|
}
|
|
|
|
|
2012-08-22 15:56:38 +00:00
|
|
|
nsContentPolicyType externalType =
|
|
|
|
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
/*
|
|
|
|
* Enumerate mPolicies and ask each of them, taking the logical AND of
|
|
|
|
* their permissions.
|
|
|
|
*/
|
2006-03-22 15:26:35 +00:00
|
|
|
nsresult rv;
|
2017-05-07 02:56:36 +00:00
|
|
|
const nsCOMArray<nsIContentPolicy> &entries = mPolicies.GetCachedEntries();
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2017-03-29 02:20:32 +00:00
|
|
|
nsCOMPtr<nsPIDOMWindowOuter> window;
|
|
|
|
if (nsCOMPtr<nsINode> node = do_QueryInterface(requestingContext)) {
|
|
|
|
window = node->OwnerDoc()->GetWindow();
|
2018-11-30 10:46:48 +00:00
|
|
|
} else {
|
2004-09-01 17:12:18 +00:00
|
|
|
window = do_QueryInterface(requestingContext);
|
2018-11-30 10:46:48 +00:00
|
|
|
}
|
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
if (requestPrincipal) {
|
|
|
|
nsCOMPtr<nsIContentSecurityPolicy> csp;
|
|
|
|
requestPrincipal->GetCsp(getter_AddRefs(csp));
|
2017-03-29 02:20:32 +00:00
|
|
|
if (csp && window) {
|
2017-06-21 10:14:01 +00:00
|
|
|
csp->EnsureEventTarget(
|
|
|
|
window->EventTargetFor(mozilla::TaskCategory::Other));
|
2018-11-30 10:46:48 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2012-08-22 15:56:38 +00:00
|
|
|
int32_t count = entries.Count();
|
|
|
|
for (int32_t i = 0; i < count; i++) {
|
2004-05-13 18:34:18 +00:00
|
|
|
/* check the appropriate policy */
|
2018-03-29 10:16:23 +00:00
|
|
|
rv = (entries[i]->*policyMethod)(contentLocation, loadInfo, mimeType,
|
|
|
|
decision);
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
if (NS_SUCCEEDED(rv) && NS_CP_REJECTED(*decision)) {
|
2017-02-03 03:49:07 +00:00
|
|
|
// If we are blocking an image, we have to let the
|
|
|
|
// ImageLoadingContent know that we blocked the load.
|
|
|
|
if (externalType == nsIContentPolicy::TYPE_IMAGE ||
|
|
|
|
externalType == nsIContentPolicy::TYPE_IMAGESET) {
|
|
|
|
nsCOMPtr<nsIImageLoadingContent> img =
|
|
|
|
do_QueryInterface(requestingContext);
|
|
|
|
if (img) {
|
|
|
|
img->SetBlockedRequest(*decision);
|
2001-05-21 22:40:10 +00:00
|
|
|
}
|
2018-11-30 10:46:48 +00:00
|
|
|
}
|
2004-05-13 18:34:18 +00:00
|
|
|
/* policy says no, no point continuing to check */
|
|
|
|
return NS_OK;
|
2000-05-05 05:28:49 +00:00
|
|
|
}
|
2018-11-30 10:46:48 +00:00
|
|
|
}
|
2000-05-05 05:28:49 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
// everyone returned failure, or no policies: sanitize result
|
|
|
|
*decision = nsIContentPolicy::ACCEPT;
|
2000-05-05 05:28:49 +00:00
|
|
|
return NS_OK;
|
|
|
|
}
|
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
// uses the parameters from ShouldXYZ to produce and log a message
|
|
|
|
// logType must be a literal string constant
|
2016-08-26 06:02:31 +00:00
|
|
|
#define LOG_CHECK(logType) \
|
|
|
|
PR_BEGIN_MACRO \
|
2018-03-29 10:16:23 +00:00
|
|
|
nsCOMPtr<nsIURI> requestingLocation; \
|
|
|
|
nsCOMPtr<nsIPrincipal> loadingPrincipal = loadInfo->LoadingPrincipal(); \
|
|
|
|
if (loadingPrincipal) { \
|
|
|
|
loadingPrincipal->GetURI(getter_AddRefs(requestingLocation)); \
|
|
|
|
} \
|
2016-08-26 06:02:31 +00:00
|
|
|
/* skip all this nonsense if the call failed or logging is disabled */ \
|
|
|
|
if (NS_SUCCEEDED(rv) && MOZ_LOG_TEST(gConPolLog, LogLevel::Debug)) { \
|
|
|
|
const char *resultName; \
|
|
|
|
if (decision) { \
|
|
|
|
resultName = NS_CP_ResponseName(*decision); \
|
|
|
|
} else { \
|
|
|
|
resultName = "(null ptr)"; \
|
|
|
|
} \
|
|
|
|
MOZ_LOG( \
|
|
|
|
gConPolLog, LogLevel::Debug, \
|
|
|
|
("Content Policy: " logType ": <%s> <Ref:%s> result=%s", \
|
|
|
|
contentLocation ? contentLocation->GetSpecOrDefault().get() : "None", \
|
|
|
|
requestingLocation ? requestingLocation->GetSpecOrDefault().get() \
|
|
|
|
: "None", \
|
|
|
|
resultName)); \
|
2018-11-30 10:46:48 +00:00
|
|
|
} \
|
2004-05-13 18:34:18 +00:00
|
|
|
PR_END_MACRO
|
|
|
|
|
2000-05-05 05:28:49 +00:00
|
|
|
NS_IMETHODIMP
|
2018-03-29 10:16:23 +00:00
|
|
|
nsContentPolicy::ShouldLoad(nsIURI *contentLocation, nsILoadInfo *loadInfo,
|
2004-05-13 18:34:18 +00:00
|
|
|
const nsACString &mimeType, int16_t *decision) {
|
|
|
|
// ShouldProcess does not need a content location, but we do
|
2018-04-28 19:50:58 +00:00
|
|
|
MOZ_ASSERT(contentLocation, "Must provide request location");
|
2015-02-20 16:54:12 +00:00
|
|
|
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldLoad, contentLocation,
|
2018-03-29 10:16:23 +00:00
|
|
|
loadInfo, mimeType, decision);
|
2004-05-13 18:34:18 +00:00
|
|
|
LOG_CHECK("ShouldLoad");
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
return rv;
|
2000-05-05 05:28:49 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
NS_IMETHODIMP
|
2018-03-29 10:16:23 +00:00
|
|
|
nsContentPolicy::ShouldProcess(nsIURI *contentLocation, nsILoadInfo *loadInfo,
|
2004-05-13 18:34:18 +00:00
|
|
|
const nsACString &mimeType, int16_t *decision) {
|
2015-02-20 16:54:12 +00:00
|
|
|
nsresult rv = CheckPolicy(&nsIContentPolicy::ShouldProcess, contentLocation,
|
2018-03-29 10:16:23 +00:00
|
|
|
loadInfo, mimeType, decision);
|
2004-05-13 18:34:18 +00:00
|
|
|
LOG_CHECK("ShouldProcess");
|
2018-11-30 10:46:48 +00:00
|
|
|
|
2004-05-13 18:34:18 +00:00
|
|
|
return rv;
|
|
|
|
}
|