2000-01-23 04:23:14 +00:00
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
1999-08-20 09:51:02 +00:00
*
1999-11-06 03:43:54 +00:00
* The contents of this file are subject to the Netscape Public
* License Version 1.1 ( the " License " ) ; you may not use this file
* except in compliance with the License . You may obtain a copy of
* the License at http : //www.mozilla.org/NPL/
1999-08-20 09:51:02 +00:00
*
1999-11-06 03:43:54 +00:00
* Software distributed under the License is distributed on an " AS
* IS " basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied . See the License for the specific language governing
* rights and limitations under the License .
1999-08-20 09:51:02 +00:00
*
1999-11-06 03:43:54 +00:00
* The Original Code is mozilla . org code .
*
* The Initial Developer of the Original Code is Netscape
1999-08-20 09:51:02 +00:00
* Communications Corporation . Portions created by Netscape are
2000-01-23 04:23:14 +00:00
* Copyright ( C ) 1998 - 2000 Netscape Communications Corporation . All
1999-11-06 03:43:54 +00:00
* Rights Reserved .
*
2001-07-31 19:05:34 +00:00
* Contributor ( s ) :
2000-02-10 04:56:56 +00:00
* Norris Boyd
2000-03-31 00:31:18 +00:00
* Mitch Stoltz
2000-02-10 04:56:56 +00:00
* Steve Morse
1999-08-20 09:51:02 +00:00
*/
# include "nsScriptSecurityManager.h"
# include "nsIServiceManager.h"
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# include "nsIScriptObjectPrincipal.h"
2001-07-16 02:40:48 +00:00
# include "nsIScriptContext.h"
1999-08-20 09:51:02 +00:00
# include "nsIURL.h"
2000-03-21 04:05:35 +00:00
# include "nsIJARURI.h"
1999-08-20 09:51:02 +00:00
# include "nspr.h"
1999-08-29 21:58:42 +00:00
# include "nsJSPrincipals.h"
1999-09-01 00:54:35 +00:00
# include "nsSystemPrincipal.h"
# include "nsCodebasePrincipal.h"
2000-01-18 21:54:01 +00:00
# include "nsCertificatePrincipal.h"
2000-03-21 04:05:35 +00:00
# include "nsAggregatePrincipal.h"
1999-08-27 08:36:49 +00:00
# include "nsCRT.h"
1999-09-07 02:54:19 +00:00
# include "nsXPIDLString.h"
1999-09-15 20:58:41 +00:00
# include "nsIJSContextStack.h"
1999-10-02 03:41:37 +00:00
# include "nsDOMError.h"
1999-10-28 22:09:03 +00:00
# include "nsDOMCID.h"
1999-11-11 22:10:36 +00:00
# include "jsdbgapi.h"
2000-01-26 08:38:10 +00:00
# include "nsIXPConnect.h"
# include "nsIXPCSecurityManager.h"
2000-02-10 04:56:56 +00:00
# include "nsTextFormatter.h"
# include "nsIIOService.h"
# include "nsIStringBundle.h"
2000-04-26 03:50:07 +00:00
# include "nsNetUtil.h"
2000-05-16 03:40:51 +00:00
# include "nsDirectoryService.h"
2000-08-14 22:38:27 +00:00
# include "nsDirectoryServiceDefs.h"
2000-04-26 03:50:07 +00:00
# include "nsIFile.h"
# include "nsIZipReader.h"
2001-02-23 00:15:04 +00:00
# include "nsIJAR.h"
2000-05-17 02:38:22 +00:00
# include "nsIPluginInstance.h"
2000-08-16 04:01:02 +00:00
# include "nsIXPConnect.h"
2000-09-09 00:53:21 +00:00
# include "nsIScriptGlobalObject.h"
# include "nsIDOMWindowInternal.h"
2001-03-02 00:09:20 +00:00
# include "nscore.h"
2001-03-23 04:22:56 +00:00
# include "nsIDocShell.h"
# include "nsIDocShellTreeItem.h"
2001-04-07 03:33:56 +00:00
# include "nsIPrompt.h"
# include "nsIWindowWatcher.h"
2001-04-17 01:21:44 +00:00
# include "nsIConsoleService.h"
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# include "nsISecurityCheckedComponent.h"
2001-05-11 00:43:27 +00:00
# include "nsIPrefBranchInternal.h"
2000-02-10 04:56:56 +00:00
static NS_DEFINE_IID ( kIIOServiceIID , NS_IIOSERVICE_IID ) ;
static NS_DEFINE_CID ( kIOServiceCID , NS_IOSERVICE_CID ) ;
static NS_DEFINE_IID ( kIStringBundleServiceIID , NS_ISTRINGBUNDLESERVICE_IID ) ;
static NS_DEFINE_IID ( kStringBundleServiceCID , NS_STRINGBUNDLESERVICE_CID ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
static NS_DEFINE_CID ( kPrefServiceCID , NS_PREFSERVICE_CID ) ;
2001-07-31 19:05:34 +00:00
static NS_DEFINE_CID ( kCScriptNameSetRegistryCID ,
1999-10-28 22:09:03 +00:00
NS_SCRIPT_NAMESET_REGISTRY_CID ) ;
2000-04-26 03:50:07 +00:00
static NS_DEFINE_CID ( kZipReaderCID , NS_ZIPREADER_CID ) ;
1999-08-20 09:51:02 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- All values of this enum except the first map to odd numbers so they can be
// stored in a void* without being confused for a pointer value (which is always even).
1999-09-07 20:40:20 +00:00
enum {
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
SCRIPT_SECURITY_UNDEFINED_ACCESS = 0 ,
SCRIPT_SECURITY_CAPABILITY_ONLY = 1 ,
SCRIPT_SECURITY_SAME_ORIGIN_ACCESS = 3 ,
SCRIPT_SECURITY_ALL_ACCESS = 5 ,
SCRIPT_SECURITY_NO_ACCESS = 7
1999-09-07 20:40:20 +00:00
} ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
enum {
CLASS_POLICY_DEFAULT = 1 ,
CLASS_POLICY_SITE
} ;
// Result of this function should not be freed.
static const PRUnichar *
JSValIDToString ( JSContext * aJSContext , const jsval idval ) {
JSString * str = JS_ValueToString ( aJSContext , idval ) ;
if ( ! str )
1999-11-11 22:10:36 +00:00
return nsnull ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_REINTERPRET_CAST ( PRUnichar * , JS_GetStringChars ( str ) ) ;
1999-11-11 22:10:36 +00:00
}
2000-08-22 06:02:14 +00:00
// Convinience method to get the current js context stack.
// Uses cached JSContextStack service instead of calling through
// to the service manager.
JSContext *
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : GetCurrentContextQuick ( )
{
2000-08-22 06:02:14 +00:00
// Get JSContext from stack.
nsresult rv ;
if ( ! mThreadJSContextStack ) {
2000-09-13 23:57:52 +00:00
mThreadJSContextStack = do_GetService ( " @mozilla.org/js/xpc/ContextStack;1 " , & rv ) ;
2000-08-22 06:02:14 +00:00
}
if ( ! mThreadJSContextStack )
return nsnull ;
JSContext * cx ;
if ( NS_FAILED ( mThreadJSContextStack - > Peek ( & cx ) ) )
return nsnull ;
return cx ;
}
1999-11-11 22:10:36 +00:00
/////////////////////////////
// nsScriptSecurityManager //
/////////////////////////////
1999-09-07 20:40:20 +00:00
////////////////////////////////////
// Methods implementing ISupports //
////////////////////////////////////
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_IMPL_THREADSAFE_ISUPPORTS3 ( nsScriptSecurityManager ,
2000-03-29 03:58:50 +00:00
nsIScriptSecurityManager ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsIXPCSecurityManager ,
nsIObserver )
1999-08-20 09:51:02 +00:00
1999-09-07 20:40:20 +00:00
///////////////////////////////////////////////////
// Methods implementing nsIScriptSecurityManager //
///////////////////////////////////////////////////
1999-08-20 09:51:02 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
///////////////// Security Checks /////////////////
1999-08-20 09:51:02 +00:00
NS_IMETHODIMP
2001-05-19 00:33:51 +00:00
nsScriptSecurityManager : : CheckPropertyAccess ( JSContext * aJSContext ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
JSObject * aJSObject ,
const char * aClassName ,
2001-05-19 00:33:51 +00:00
const char * aPropertyName ,
PRUint32 aAction )
{
return CheckPropertyAccessImpl ( aAction , nsnull , aJSContext , aJSObject ,
nsnull , nsnull , nsnull , nsnull ,
aClassName , aPropertyName , nsnull ) ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : CheckConnect ( JSContext * aJSContext ,
nsIURI * aTargetURI ,
const char * aClassName ,
const char * aPropertyName )
2001-03-23 04:22:56 +00:00
{
2001-06-22 02:08:10 +00:00
// Get a context if necessary
if ( ! aJSContext )
{
aJSContext = GetCurrentContextQuick ( ) ;
if ( ! aJSContext )
return NS_OK ; // No JS context, so allow the load
}
nsresult rv = CheckLoadURIFromScript ( aJSContext , aTargetURI ) ;
if ( NS_FAILED ( rv ) ) return rv ;
2001-05-19 00:33:51 +00:00
return CheckPropertyAccessImpl ( nsIXPCSecurityManager : : ACCESS_GET_PROPERTY , nsnull ,
aJSContext , nsnull , nsnull , aTargetURI ,
nsnull , nsnull , aClassName , aPropertyName , nsnull ) ;
2001-03-02 00:09:20 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
nsScriptSecurityManager : : CheckPropertyAccessImpl ( PRUint32 aAction ,
nsIXPCNativeCallContext * aCallContext ,
JSContext * aJSContext , JSObject * aJSObject ,
2001-05-19 00:33:51 +00:00
nsISupports * aObj , nsIURI * aTargetURI ,
nsIClassInfo * aClassInfo ,
2001-07-31 19:05:34 +00:00
jsval aName , const char * aClassName ,
2001-05-11 00:43:27 +00:00
const char * aProperty , void * * aPolicy )
1999-08-20 09:51:02 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsCOMPtr < nsIPrincipal > subjectPrincipal ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( GetSubjectPrincipal ( aJSContext , getter_AddRefs ( subjectPrincipal ) ) ) )
2000-01-08 16:51:54 +00:00
return NS_ERROR_FAILURE ;
2001-03-02 00:09:20 +00:00
2000-01-23 04:23:14 +00:00
PRBool equals ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! subjectPrincipal | |
2001-07-31 19:05:34 +00:00
NS_SUCCEEDED ( subjectPrincipal - > Equals ( mSystemPrincipal , & equals ) ) & & equals )
2000-01-23 04:23:14 +00:00
// We have native code or the system principal: just allow access
return NS_OK ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_mstoltz
if ( aProperty )
printf ( " ### CheckPropertyAccess(%s.%s, %i) " , aClassName , aProperty , aAction ) ;
else
{
2001-06-22 02:08:10 +00:00
nsXPIDLCString classNameStr ;
const char * className ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( aClassInfo )
2001-06-22 02:08:10 +00:00
aClassInfo - > GetClassDescription ( getter_Copies ( classNameStr ) ) ;
className = classNameStr . get ( ) ;
if ( ! className )
className = " UnknownClass " ;
nsCAutoString propertyStr ( className ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
propertyStr + = ' . ' ;
propertyStr . AppendWithConversion ( ( PRUnichar * ) JSValIDToString ( aJSContext , aName ) ) ;
char * property ;
property = propertyStr . ToNewCString ( ) ;
printf ( " ### CanAccess(%s, %i) " , property , aAction ) ;
PR_FREEIF ( property ) ;
}
# endif
//-- Look up the policy for this property/method
PRInt32 secLevel ;
2000-01-23 04:23:14 +00:00
nsCAutoString capability ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( aPolicy & & * aPolicy )
{
# ifdef DEBUG_mstoltz
printf ( " Cached " ) ;
# endif
secLevel = ( PRInt32 ) * aPolicy ;
}
else
{
2001-06-17 05:23:38 +00:00
nsXPIDLCString classNameStr ;
const char * className ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsCAutoString propertyName ( aProperty ) ;
if ( aClassName )
className = aClassName ;
else
//-- Get className and propertyName from aClassInfo and aName, repectively
{
if ( aClassInfo )
2001-06-17 05:23:38 +00:00
aClassInfo - > GetClassDescription ( getter_Copies ( classNameStr ) ) ;
className = classNameStr . get ( ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! className )
className = " UnknownClass " ;
propertyName . AssignWithConversion ( ( PRUnichar * ) JSValIDToString ( aJSContext , aName ) ) ;
}
2001-03-02 00:09:20 +00:00
2001-05-19 00:33:51 +00:00
// if (aPropertyStr), we were called from CheckPropertyAccess or checkConnect,
// so we can assume this is a DOM class. Otherwise, we ask the ClassInfo.
2001-08-02 20:32:48 +00:00
secLevel = GetSecurityLevel ( subjectPrincipal ,
2001-05-19 00:33:51 +00:00
( aProperty | | IsDOMClass ( aClassInfo ) ) ,
className , propertyName , aAction , capability , aPolicy ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
2001-03-02 00:09:20 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult rv ;
2001-03-02 00:09:20 +00:00
switch ( secLevel )
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
case SCRIPT_SECURITY_ALL_ACCESS :
2001-03-23 04:22:56 +00:00
# ifdef DEBUG_mstoltz
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
printf ( " Level: AllAccess " ) ;
2001-03-23 04:22:56 +00:00
# endif
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
rv = NS_OK ;
break ;
case SCRIPT_SECURITY_SAME_ORIGIN_ACCESS :
2001-03-02 00:09:20 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_mstoltz
printf ( " Level: SameOrigin " ) ;
# endif
2001-05-19 00:33:51 +00:00
nsCOMPtr < nsIPrincipal > objectPrincipal ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( aJSObject )
{
2001-07-31 19:05:34 +00:00
if ( NS_FAILED ( GetObjectPrincipal ( aJSContext ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_REINTERPRET_CAST ( JSObject * , aJSObject ) ,
getter_AddRefs ( objectPrincipal ) ) ) )
return NS_ERROR_FAILURE ;
2001-05-19 00:33:51 +00:00
}
else if ( aTargetURI )
{
if ( NS_FAILED ( GetCodebasePrincipal ( aTargetURI , getter_AddRefs ( objectPrincipal ) ) ) )
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
else
2001-05-19 00:33:51 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
rv = NS_ERROR_DOM_SECURITY_ERR ;
2001-05-19 00:33:51 +00:00
break ;
}
rv = CheckSameOrigin ( aJSContext , subjectPrincipal , objectPrincipal ,
aAction = = nsIXPCSecurityManager : : ACCESS_SET_PROPERTY ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
break ;
2001-03-02 00:09:20 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
case SCRIPT_SECURITY_CAPABILITY_ONLY :
2001-03-02 00:09:20 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_mstoltz
printf ( " Level: Capability " ) ;
# endif
PRBool capabilityEnabled = PR_FALSE ;
rv = IsCapabilityEnabled ( capability , & capabilityEnabled ) ;
if ( NS_FAILED ( rv ) | | ! capabilityEnabled )
rv = NS_ERROR_DOM_SECURITY_ERR ;
else
rv = NS_OK ;
break ;
2001-03-02 00:09:20 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
default :
1999-08-29 21:58:42 +00:00
// Default is no access
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_mstoltz
printf ( " Level: NoAccess (%i) " , secLevel ) ;
# endif
rv = NS_ERROR_DOM_SECURITY_ERR ;
1999-08-29 21:58:42 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if NS_SUCCEEDED ( rv )
2000-09-20 23:38:28 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_mstoltz
printf ( " GRANTED. \n " ) ;
# endif
return rv ;
2000-09-20 23:38:28 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//--See if the object advertises a non-default level of access
// using nsISecurityCheckedComponent
nsCOMPtr < nsISecurityCheckedComponent > checkedComponent =
do_QueryInterface ( aObj ) ;
1999-11-16 05:07:31 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsXPIDLCString objectSecurityLevel ;
if ( checkedComponent )
{
nsCOMPtr < nsIXPConnectWrappedNative > wrapper ;
nsCOMPtr < nsIInterfaceInfo > interfaceInfo ;
const nsIID * objIID ;
rv = aCallContext - > GetCalleeWrapper ( getter_AddRefs ( wrapper ) ) ;
if ( NS_SUCCEEDED ( rv ) )
rv = wrapper - > FindInterfaceWithMember ( aName , getter_AddRefs ( interfaceInfo ) ) ;
if ( NS_SUCCEEDED ( rv ) )
rv = interfaceInfo - > GetIIDShared ( & objIID ) ;
if ( NS_SUCCEEDED ( rv ) )
{
switch ( aAction )
{
case nsIXPCSecurityManager : : ACCESS_GET_PROPERTY :
checkedComponent - > CanGetProperty ( objIID ,
JSValIDToString ( aJSContext , aName ) ,
getter_Copies ( objectSecurityLevel ) ) ;
break ;
case nsIXPCSecurityManager : : ACCESS_SET_PROPERTY :
checkedComponent - > CanSetProperty ( objIID ,
JSValIDToString ( aJSContext , aName ) ,
getter_Copies ( objectSecurityLevel ) ) ;
break ;
case nsIXPCSecurityManager : : ACCESS_CALL_METHOD :
checkedComponent - > CanCallMethod ( objIID ,
JSValIDToString ( aJSContext , aName ) ,
getter_Copies ( objectSecurityLevel ) ) ;
}
}
}
2001-05-11 00:43:27 +00:00
rv = CheckXPCPermissions ( aJSContext , aObj , objectSecurityLevel ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
" Permission denied to access property " ) ;
# ifdef DEBUG_mstoltz
if ( NS_SUCCEEDED ( rv ) )
printf ( " CheckXPCPerms GRANTED. \n " ) ;
else
printf ( " CheckXPCPerms DENIED. \n " ) ;
# endif
return rv ;
}
1999-12-01 22:23:22 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : CheckSameOrigin ( JSContext * aCx , nsIPrincipal * aSubject ,
2001-05-11 00:43:27 +00:00
nsIPrincipal * aObject , PRUint32 aAction )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
/*
* * Get origin of subject and object and compare .
*/
if ( aSubject = = aObject )
1999-09-15 04:05:43 +00:00
return NS_OK ;
1999-11-16 05:07:31 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
PRBool isSameOrigin = PR_FALSE ;
if ( NS_FAILED ( aSubject - > Equals ( aObject , & isSameOrigin ) ) )
1999-11-16 05:07:31 +00:00
return NS_ERROR_FAILURE ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( isSameOrigin )
1999-11-16 05:07:31 +00:00
return NS_OK ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// Allow access to about:blank
nsCOMPtr < nsICodebasePrincipal > objectCodebase = do_QueryInterface ( aObject ) ;
if ( objectCodebase )
2000-01-12 01:42:37 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsXPIDLCString origin ;
if ( NS_FAILED ( objectCodebase - > GetOrigin ( getter_Copies ( origin ) ) ) )
1999-11-16 05:07:31 +00:00
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( nsCRT : : strcasecmp ( origin , " about:blank " ) = = 0 )
1999-11-16 05:07:31 +00:00
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
/*
* * If we failed the origin tests it still might be the case that we
* * are a signed script and have permissions to do this operation .
* * Check for that here
*/
PRBool capabilityEnabled = PR_FALSE ;
const char * cap = aAction = = nsIXPCSecurityManager : : ACCESS_SET_PROPERTY ?
" UniversalBrowserWrite " : " UniversalBrowserRead " ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( IsCapabilityEnabled ( cap , & capabilityEnabled ) ) )
1999-11-16 05:07:31 +00:00
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( capabilityEnabled )
return NS_OK ;
/*
* * Access tests failed , so now report error .
*/
return NS_ERROR_DOM_PROP_ACCESS_DENIED ;
1999-11-16 05:07:31 +00:00
}
2001-07-31 19:05:34 +00:00
PRBool
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : IsDOMClass ( nsIClassInfo * aClassInfo )
1999-11-16 05:07:31 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! aClassInfo )
return PR_FALSE ;
PRUint32 classFlags ;
nsresult rv = aClassInfo - > GetFlags ( & classFlags ) ;
2001-05-11 00:53:21 +00:00
return NS_SUCCEEDED ( rv ) & & ( classFlags & nsIClassInfo : : DOM_OBJECT ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
2000-02-23 22:34:40 +00:00
2001-08-02 20:32:48 +00:00
PRInt32
nsScriptSecurityManager : : GetSecurityLevel ( nsIPrincipal * principal ,
2001-05-19 00:33:51 +00:00
PRBool aIsDOM ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
const char * aClassName ,
const char * aPropertyName ,
PRUint32 aAction ,
nsCString & capability ,
void * * aPolicy )
{
nsresult rv ;
PRInt32 secLevel = SCRIPT_SECURITY_NO_ACCESS ;
//-- See if we have a security policy for this class, otherwise use the default
void * classPolicy = nsnull ;
if ( mClassPolicies )
{
nsCStringKey classKey ( aClassName ) ;
classPolicy = mClassPolicies - > Get ( & classKey ) ;
}
if ( classPolicy )
{
//-- Look up the security policy for this property
nsCAutoString prefName ;
if ( NS_FAILED ( GetPrefName ( principal , aClassName , aPropertyName ,
2001-05-11 00:43:27 +00:00
classPolicy , prefName ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return SCRIPT_SECURITY_NO_ACCESS ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsISecurityPref > securityPref = do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( ! securityPref )
return SCRIPT_SECURITY_NO_ACCESS ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
char * secLevelString ;
2001-08-02 20:32:48 +00:00
rv = securityPref - > SecurityGetCharPref ( prefName , & secLevelString ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( rv ) )
{
prefName + = ( aAction = = nsIXPCSecurityManager : : ACCESS_SET_PROPERTY ? " .set " : " .get " ) ;
2001-08-02 20:32:48 +00:00
rv = securityPref - > SecurityGetCharPref ( prefName , & secLevelString ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( rv ) ) //-- No site policy for this property; look for a default policy
{
if ( NS_FAILED ( GetPrefName ( principal , aClassName , aPropertyName ,
2001-08-02 20:32:48 +00:00
( void * ) CLASS_POLICY_DEFAULT , prefName ) ) )
2001-05-11 00:43:27 +00:00
return SCRIPT_SECURITY_NO_ACCESS ;
2001-08-02 20:32:48 +00:00
rv = securityPref - > SecurityGetCharPref ( prefName , & secLevelString ) ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( rv ) )
{
prefName + = ( aAction = = nsIXPCSecurityManager : : ACCESS_SET_PROPERTY ? " .set " : " .get " ) ;
2001-08-02 20:32:48 +00:00
rv = securityPref - > SecurityGetCharPref ( prefName , & secLevelString ) ;
2001-05-11 00:43:27 +00:00
}
}
2001-07-31 19:05:34 +00:00
if ( NS_SUCCEEDED ( rv ) & & secLevelString )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
if ( PL_strcmp ( secLevelString , " sameOrigin " ) = = 0 )
secLevel = SCRIPT_SECURITY_SAME_ORIGIN_ACCESS ;
else if ( PL_strcmp ( secLevelString , " allAccess " ) = = 0 )
secLevel = SCRIPT_SECURITY_ALL_ACCESS ;
else if ( PL_strcmp ( secLevelString , " noAccess " ) = = 0 )
secLevel = SCRIPT_SECURITY_NO_ACCESS ;
2001-07-31 19:05:34 +00:00
else
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
// string should be the name of a capability
capability = secLevelString ;
secLevelString = nsnull ;
secLevel = SCRIPT_SECURITY_CAPABILITY_ONLY ;
}
if ( secLevelString )
PR_Free ( secLevelString ) ;
return secLevel ;
}
}
//-- No policy for this property.
// Use the default policy: sameOrigin for DOM, noAccess for everything else
2001-05-19 00:33:51 +00:00
if ( aIsDOM )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
secLevel = SCRIPT_SECURITY_SAME_ORIGIN_ACCESS ;
if ( ! classPolicy & & aPolicy )
2001-07-31 19:05:34 +00:00
//-- If there's no stored policy for this property,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// we can annotate the class's aPolicy field and avoid checking
// policy prefs next time.
* aPolicy = ( void * ) secLevel ;
return secLevel ;
return SCRIPT_SECURITY_UNDEFINED_ACCESS ;
}
2000-03-23 04:37:37 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
struct nsDomainEntry
{
nsDomainEntry ( const char * anOrigin , const char * aPolicy ,
2001-07-31 19:05:34 +00:00
int aPolicyLength )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
: mNext ( nsnull ) , mOrigin ( anOrigin ) , mPolicy ( aPolicy , aPolicyLength )
{ }
PRBool Matches ( const char * anOrigin )
{
int len = nsCRT : : strlen ( anOrigin ) ;
int thisLen = mOrigin . Length ( ) ;
if ( len < thisLen )
return PR_FALSE ;
if ( mOrigin . RFindChar ( ' : ' , PR_FALSE , thisLen - 1 , 1 ) ! = - 1 )
//-- Policy applies to all URLs of this scheme, compare scheme only
return mOrigin . EqualsWithConversion ( anOrigin , PR_TRUE , thisLen ) ;
//-- Policy applies to a particular host; compare scheme://host.domain
if ( ! mOrigin . Equals ( anOrigin + ( len - thisLen ) ) )
return PR_FALSE ;
if ( len = = thisLen )
return PR_TRUE ;
char charBefore = anOrigin [ len - thisLen - 1 ] ;
return ( charBefore = = ' . ' | | charBefore = = ' : ' | | charBefore = = ' / ' ) ;
}
nsDomainEntry * mNext ;
nsCString mOrigin ;
nsCString mPolicy ;
} ;
nsresult
nsScriptSecurityManager : : GetPrefName ( nsIPrincipal * principal ,
const char * aClassName , const char * aPropertyName ,
void * aClassPolicy , nsCString & result )
{
static const char * defaultStr = " default " ;
result = " capability.policy. " ;
if ( aClassPolicy ! = ( void * ) CLASS_POLICY_SITE )
//-- No per-site policy; use the policy named "default"
result + = defaultStr ;
else //-- Look up the name of the relevant per-site policy
{
PRBool equals = PR_TRUE ;
if ( principal & & NS_FAILED ( principal - > Equals ( mSystemPrincipal , & equals ) ) )
return NS_ERROR_FAILURE ;
if ( equals )
result + = defaultStr ;
else
{
nsCOMPtr < nsICodebasePrincipal > codebase = do_QueryInterface ( principal ) ;
if ( ! codebase )
return NS_ERROR_FAILURE ;
nsresult rv ;
nsXPIDLCString origin ;
if ( NS_FAILED ( rv = codebase - > GetOrigin ( getter_Copies ( origin ) ) ) )
return rv ;
nsCString * policy = nsnull ;
if ( mOriginToPolicyMap )
{
const char * s = origin ;
const char * nextToLastDot = nsnull ;
const char * lastDot = nsnull ;
const char * colon = nsnull ;
const char * p = s ;
while ( * p )
{
if ( * p = = ' . ' )
{
nextToLastDot = lastDot ;
lastDot = p ;
}
if ( ! colon & & * p = = ' : ' )
colon = p ;
p + + ;
}
nsCStringKey key ( nextToLastDot ? nextToLastDot + 1 : s ) ;
nsDomainEntry * de = ( nsDomainEntry * ) mOriginToPolicyMap - > Get ( & key ) ;
if ( ! de )
{
nsCAutoString scheme ( s , colon - s + 1 ) ;
nsCStringKey schemeKey ( scheme ) ;
de = ( nsDomainEntry * ) mOriginToPolicyMap - > Get ( & schemeKey ) ;
}
while ( de )
{
if ( de - > Matches ( s ) )
{
policy = & de - > mPolicy ;
break ;
}
de = de - > mNext ;
}
}
if ( policy )
result + = * policy ;
else
result + = defaultStr ;
}
}
result + = ' . ' ;
result + = aClassName ;
result + = ' . ' ;
result + = aPropertyName ;
return NS_OK ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : CheckLoadURIFromScript ( JSContext * cx , nsIURI * aURI )
{
// Get principal of currently executing script.
nsCOMPtr < nsIPrincipal > principal ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( GetSubjectPrincipal ( cx , getter_AddRefs ( principal ) ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_FAILURE ;
// Native code can load all URIs.
2001-07-31 19:05:34 +00:00
if ( ! principal )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_OK ;
// The system principal can load all URIs.
PRBool equals = PR_FALSE ;
if ( NS_FAILED ( principal - > Equals ( mSystemPrincipal , & equals ) ) )
return NS_ERROR_FAILURE ;
if ( equals )
return NS_OK ;
// Otherwise, principal should have a codebase that we can use to
// do the remaining tests.
nsCOMPtr < nsICodebasePrincipal > codebase = do_QueryInterface ( principal ) ;
2001-07-31 19:05:34 +00:00
if ( ! codebase )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_FAILURE ;
nsCOMPtr < nsIURI > uri ;
2001-07-31 19:05:34 +00:00
if ( NS_FAILED ( codebase - > GetURI ( getter_AddRefs ( uri ) ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_FAILURE ;
if ( NS_SUCCEEDED ( CheckLoadURI ( uri , aURI , nsIScriptSecurityManager : : STANDARD ) ) )
return NS_OK ;
2001-07-31 19:05:34 +00:00
// See if we're attempting to load a file: URI. If so, let a
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// UniversalFileRead capability trump the above check.
PRBool isFile = PR_FALSE ;
PRBool isRes = PR_FALSE ;
2001-07-31 19:05:34 +00:00
if ( NS_FAILED ( aURI - > SchemeIs ( " file " , & isFile ) ) | |
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_FAILED ( aURI - > SchemeIs ( " resource " , & isRes ) ) )
return NS_ERROR_FAILURE ;
if ( isFile | | isRes )
{
PRBool enabled ;
if ( NS_FAILED ( IsCapabilityEnabled ( " UniversalFileRead " , & enabled ) ) )
return NS_ERROR_FAILURE ;
if ( enabled )
return NS_OK ;
}
// Report error.
nsXPIDLCString spec ;
if ( NS_FAILED ( aURI - > GetSpec ( getter_Copies ( spec ) ) ) )
return NS_ERROR_FAILURE ;
JS_ReportError ( cx , " illegal URL method '%s' " , ( const char * ) spec ) ;
return NS_ERROR_DOM_BAD_URI ;
}
2001-08-02 20:32:48 +00:00
nsresult
nsScriptSecurityManager : : GetBaseURIScheme ( nsIURI * aURI , char * * aScheme )
{
nsresult rv ;
nsCOMPtr < nsIURI > uri ( aURI ) ;
//-- get the source scheme
nsXPIDLCString scheme ;
rv = uri - > GetScheme ( getter_Copies ( scheme ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
//-- If uri is a view-source URI, drill down to the base URI
nsXPIDLCString path ;
while ( PL_strcmp ( scheme , " view-source " ) = = 0 )
{
rv = uri - > GetPath ( getter_Copies ( path ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
rv = NS_NewURI ( getter_AddRefs ( uri ) , path , nsnull ) ;
if ( NS_FAILED ( rv ) ) return rv ;
rv = uri - > GetScheme ( getter_Copies ( scheme ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
}
//-- If uri is a jar URI, drill down again
nsCOMPtr < nsIJARURI > jarURI ;
PRBool isJAR = PR_FALSE ;
while ( ( jarURI = do_QueryInterface ( uri ) ) )
{
jarURI - > GetJARFile ( getter_AddRefs ( uri ) ) ;
isJAR = PR_TRUE ;
}
if ( ! uri ) return NS_ERROR_FAILURE ;
if ( isJAR )
{
rv = uri - > GetScheme ( getter_Copies ( scheme ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
}
* aScheme = PL_strdup ( scheme ) ;
NS_ASSERTION ( * aScheme , " GetBaseURIScheme returning null scheme " ) ;
return NS_OK ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_IMETHODIMP
nsScriptSecurityManager : : CheckLoadURI ( nsIURI * aSourceURI , nsIURI * aTargetURI ,
PRUint32 aFlags )
{
2001-08-02 20:32:48 +00:00
nsresult rv ;
//-- get the source scheme
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsXPIDLCString sourceScheme ;
2001-08-02 20:32:48 +00:00
rv = GetBaseURIScheme ( aSourceURI , getter_Copies ( sourceScheme ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
2001-04-17 01:21:44 +00:00
// Some loads are not allowed from mail/news messages
2001-07-31 19:05:34 +00:00
if ( ( aFlags & nsIScriptSecurityManager : : DISALLOW_FROM_MAIL ) & &
2001-04-17 01:21:44 +00:00
( nsCRT : : strcasecmp ( sourceScheme , " mailbox " ) = = 0 | |
nsCRT : : strcasecmp ( sourceScheme , " imap " ) = = 0 | |
nsCRT : : strcasecmp ( sourceScheme , " news " ) = = 0 ) )
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_DOM_BAD_URI ;
2001-04-17 01:21:44 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
2001-08-02 20:32:48 +00:00
//-- get the target scheme
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsXPIDLCString targetScheme ;
2001-08-02 20:32:48 +00:00
rv = GetBaseURIScheme ( aTargetURI , getter_Copies ( targetScheme ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
2001-07-31 19:05:34 +00:00
2000-10-13 22:59:47 +00:00
if ( nsCRT : : strcasecmp ( targetScheme , sourceScheme ) = = 0 )
2000-03-21 04:05:35 +00:00
{
2000-01-12 01:42:37 +00:00
// every scheme can access another URI from the same scheme
1999-08-29 21:58:42 +00:00
return NS_OK ;
}
2000-01-12 01:42:37 +00:00
2001-08-02 20:32:48 +00:00
//-- If the schemes don't match, the policy is specified in this table.
2001-04-17 01:21:44 +00:00
enum Action { AllowProtocol , DenyProtocol , PrefControlled , ChromeProtocol , AboutProtocol } ;
2001-08-02 20:32:48 +00:00
static const struct
{
2000-03-11 06:32:42 +00:00
const char * name ;
Action action ;
2001-08-02 20:32:48 +00:00
} protocolList [ ] =
{
2000-10-13 22:59:47 +00:00
//-- Keep the most commonly used protocols at the top of the list
// to increase performance
2001-04-17 01:21:44 +00:00
{ " http " , AllowProtocol } ,
2000-10-13 22:59:47 +00:00
{ " file " , PrefControlled } ,
2001-04-17 01:21:44 +00:00
{ " https " , AllowProtocol } ,
2000-10-13 22:59:47 +00:00
{ " chrome " , ChromeProtocol } ,
2001-04-17 01:21:44 +00:00
{ " mailbox " , DenyProtocol } ,
{ " pop " , AllowProtocol } ,
{ " imap " , DenyProtocol } ,
{ " pop3 " , DenyProtocol } ,
{ " news " , AllowProtocol } ,
{ " javascript " , AllowProtocol } ,
{ " ftp " , AllowProtocol } ,
{ " about " , AboutProtocol } ,
{ " mailto " , AllowProtocol } ,
{ " aim " , AllowProtocol } ,
{ " data " , AllowProtocol } ,
{ " keyword " , DenyProtocol } ,
2001-05-15 22:47:21 +00:00
{ " resource " , ChromeProtocol } ,
2001-04-17 01:21:44 +00:00
{ " gopher " , AllowProtocol } ,
{ " datetime " , DenyProtocol } ,
{ " finger " , AllowProtocol } ,
{ " res " , DenyProtocol }
2000-03-11 06:32:42 +00:00
} ;
2001-04-17 01:21:44 +00:00
nsXPIDLCString targetSpec ;
2001-05-11 00:43:27 +00:00
const char * targetPage ;
2001-08-02 20:32:48 +00:00
for ( unsigned i = 0 ; i < sizeof ( protocolList ) / sizeof ( protocolList [ 0 ] ) ; i + + )
{
if ( nsCRT : : strcasecmp ( targetScheme , protocolList [ i ] . name ) = = 0 )
{
2000-06-01 23:57:48 +00:00
PRBool doCheck = PR_FALSE ;
2001-08-02 20:32:48 +00:00
switch ( protocolList [ i ] . action )
{
2000-03-11 06:32:42 +00:00
case AllowProtocol :
// everyone can access these schemes.
return NS_OK ;
2000-08-22 02:06:52 +00:00
case PrefControlled :
// Allow access if pref is false
2001-08-02 20:32:48 +00:00
{
nsCOMPtr < nsISecurityPref > securityPref =
do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( ! securityPref )
return NS_ERROR_FAILURE ;
securityPref - > SecurityGetBoolPref ( " security.checkloaduri " , & doCheck ) ;
return doCheck ? ReportErrorToConsole ( aTargetURI ) : NS_OK ;
}
2000-10-13 22:59:47 +00:00
case ChromeProtocol :
2001-05-15 22:47:21 +00:00
if ( aFlags & nsIScriptSecurityManager : : ALLOW_CHROME )
return NS_OK ;
// resource: and chrome: are equivalent, securitywise
if ( ( PL_strcmp ( sourceScheme , " chrome " ) = = 0 ) | |
( PL_strcmp ( sourceScheme , " resource " ) = = 0 ) )
return NS_OK ;
return ReportErrorToConsole ( aTargetURI ) ;
2001-04-17 01:21:44 +00:00
case AboutProtocol :
2001-08-02 20:32:48 +00:00
// Allow loading 'safe' about pages, otherwise deny
if ( NS_FAILED ( aTargetURI - > GetSpec ( getter_Copies ( targetSpec ) ) ) )
2001-04-17 01:21:44 +00:00
return NS_ERROR_FAILURE ;
2001-05-11 00:43:27 +00:00
targetPage = targetSpec . get ( ) + sizeof ( " about: " ) - 1 ;
2001-07-31 19:05:34 +00:00
return ( PL_strcmp ( targetPage , " blank " ) = = 0 ) | |
2001-05-11 00:43:27 +00:00
( PL_strcmp ( targetPage , " " ) = = 0 ) | |
( PL_strcmp ( targetPage , " mozilla " ) = = 0 ) | |
( PL_strcmp ( targetPage , " credits " ) = = 0 ) ?
2001-04-17 01:21:44 +00:00
NS_OK : ReportErrorToConsole ( aTargetURI ) ;
2000-03-11 06:32:42 +00:00
case DenyProtocol :
// Deny access
2001-04-17 01:21:44 +00:00
return ReportErrorToConsole ( aTargetURI ) ;
2000-03-11 06:32:42 +00:00
}
1999-09-07 02:54:19 +00:00
}
1999-09-07 20:40:20 +00:00
}
2000-03-11 06:32:42 +00:00
// If we reach here, we have an unknown protocol. Warn, but allow.
// This is risky from a security standpoint, but allows flexibility
// in installing new protocol handlers after initial ship.
2001-04-17 01:21:44 +00:00
NS_WARN_IF_FALSE ( PR_FALSE , " unknown protocol in nsScriptSecurityManager::CheckLoadURI " ) ;
2000-03-11 06:32:42 +00:00
return NS_OK ;
1999-09-01 00:54:35 +00:00
}
2001-07-31 19:05:34 +00:00
nsresult
2001-04-17 01:21:44 +00:00
nsScriptSecurityManager : : ReportErrorToConsole ( nsIURI * aTarget )
{
nsXPIDLCString spec ;
nsresult rv = aTarget - > GetSpec ( getter_Copies ( spec ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsAutoString msg ;
msg . AssignWithConversion ( " The link to " ) ;
msg . AppendWithConversion ( spec ) ;
msg . AppendWithConversion ( " was blocked by the security manager. \n Remote content may not link to local content. " ) ;
// Report error in JS console
nsCOMPtr < nsIConsoleService > console ( do_GetService ( " @mozilla.org/consoleservice;1 " ) ) ;
if ( console )
{
PRUnichar * messageUni = msg . ToNewUnicode ( ) ;
if ( ! messageUni )
return NS_ERROR_FAILURE ;
console - > LogStringMessage ( messageUni ) ;
nsMemory : : Free ( messageUni ) ;
}
2001-05-15 06:43:12 +00:00
# ifdef DEBUG
char * messageCstr = msg . ToNewCString ( ) ;
if ( ! messageCstr )
return NS_ERROR_FAILURE ;
fprintf ( stderr , " %s \n " , messageCstr ) ;
PR_Free ( messageCstr ) ;
2001-04-17 01:21:44 +00:00
# endif
//-- Always returns an error
return NS_ERROR_DOM_BAD_URI ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : CheckLoadURIStr ( const char * aSourceURIStr , const char * aTargetURIStr ,
PRUint32 aFlags )
{
nsCOMPtr < nsIURI > source ;
nsresult rv = NS_NewURI ( getter_AddRefs ( source ) , aSourceURIStr , nsnull ) ;
NS_ENSURE_SUCCESS ( rv , rv ) ;
nsCOMPtr < nsIURI > target ;
rv = NS_NewURI ( getter_AddRefs ( target ) , aTargetURIStr , nsnull ) ;
NS_ENSURE_SUCCESS ( rv , rv ) ;
return CheckLoadURI ( source , target , aFlags ) ;
}
2000-06-21 00:21:50 +00:00
NS_IMETHODIMP
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : CheckFunctionAccess ( JSContext * aCx , void * aFunObj ,
2000-06-21 00:21:50 +00:00
void * aTargetObj )
{
2001-03-23 04:22:56 +00:00
//-- This check is called for event handlers
2000-08-22 02:06:52 +00:00
nsCOMPtr < nsIPrincipal > subject ;
2001-07-31 19:05:34 +00:00
nsresult rv = GetFunctionObjectPrincipal ( aCx , ( JSObject * ) aFunObj ,
2001-03-23 04:22:56 +00:00
getter_AddRefs ( subject ) ) ;
2001-05-15 04:44:54 +00:00
//-- If subject is null, get a principal from the function object's scope.
if ( NS_SUCCEEDED ( rv ) & & ! subject )
rv = GetObjectPrincipal ( aCx , ( JSObject * ) aFunObj , getter_AddRefs ( subject ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
if ( ! subject ) return NS_ERROR_FAILURE ;
2000-06-21 00:21:50 +00:00
2001-03-23 04:22:56 +00:00
PRBool isSystem ;
2001-07-31 19:05:34 +00:00
if ( NS_SUCCEEDED ( subject - > Equals ( mSystemPrincipal , & isSystem ) ) & & isSystem )
2001-03-23 04:22:56 +00:00
// This is the system principal: just allow access
return NS_OK ;
// Check if the principal the function was compiled under is
2000-06-21 00:21:50 +00:00
// allowed to execute scripts.
PRBool result ;
2001-03-23 04:22:56 +00:00
rv = CanExecuteScripts ( aCx , subject , & result ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( rv ) )
2000-06-21 00:21:50 +00:00
return rv ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! result )
2000-06-21 00:21:50 +00:00
return NS_ERROR_DOM_SECURITY_ERR ;
/*
* * Get origin of subject and object and compare .
*/
JSObject * obj = ( JSObject * ) aTargetObj ;
nsCOMPtr < nsIPrincipal > object ;
if ( NS_FAILED ( GetObjectPrincipal ( aCx , obj , getter_AddRefs ( object ) ) ) )
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( subject = = object )
2000-06-21 00:21:50 +00:00
return NS_OK ;
2000-08-22 02:06:52 +00:00
PRBool isSameOrigin = PR_FALSE ;
if ( NS_FAILED ( subject - > Equals ( object , & isSameOrigin ) ) )
return NS_ERROR_FAILURE ;
2000-06-21 00:21:50 +00:00
2000-08-22 02:06:52 +00:00
if ( isSameOrigin )
return NS_OK ;
2000-06-21 00:21:50 +00:00
// Allow access to about:blank
nsCOMPtr < nsICodebasePrincipal > objectCodebase = do_QueryInterface ( object ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( objectCodebase )
{
2000-06-21 00:21:50 +00:00
nsXPIDLCString origin ;
if ( NS_FAILED ( objectCodebase - > GetOrigin ( getter_Copies ( origin ) ) ) )
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( nsCRT : : strcasecmp ( origin , " about:blank " ) = = 0 )
2000-06-21 00:21:50 +00:00
return NS_OK ;
}
/*
* * Access tests failed . Fail silently without a JS exception .
*/
return NS_ERROR_DOM_SECURITY_ERR ;
}
1999-09-01 00:54:35 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
nsScriptSecurityManager : : GetRootDocShell ( JSContext * cx , nsIDocShell * * result )
1999-09-15 20:58:41 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult rv ;
* result = nsnull ;
nsCOMPtr < nsIDocShell > docshell ;
nsCOMPtr < nsIScriptContext > scriptContext = ( nsIScriptContext * ) JS_GetContextPrivate ( cx ) ;
if ( ! scriptContext ) return NS_ERROR_FAILURE ;
2001-06-20 03:27:48 +00:00
nsCOMPtr < nsIScriptGlobalObject > globalObject ;
scriptContext - > GetGlobalObject ( getter_AddRefs ( globalObject ) ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! globalObject ) return NS_ERROR_FAILURE ;
rv = globalObject - > GetDocShell ( getter_AddRefs ( docshell ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsCOMPtr < nsIDocShellTreeItem > docshellTreeItem = do_QueryInterface ( docshell , & rv ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsCOMPtr < nsIDocShellTreeItem > rootItem ;
rv = docshellTreeItem - > GetRootTreeItem ( getter_AddRefs ( rootItem ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
1999-09-15 20:58:41 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return rootItem - > QueryInterface ( NS_GET_IID ( nsIDocShell ) , ( void * * ) result ) ;
1999-09-01 00:54:35 +00:00
}
2000-01-18 21:54:01 +00:00
NS_IMETHODIMP
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : CanExecuteScripts ( JSContext * cx ,
nsIPrincipal * principal ,
PRBool * result )
2000-01-18 21:54:01 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( principal = = mSystemPrincipal )
2000-01-18 21:54:01 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// Even if JavaScript is disabled, we must still execute system scripts
* result = PR_TRUE ;
return NS_OK ;
2000-01-18 21:54:01 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- See if the current window allows JS execution
nsCOMPtr < nsIDocShell > docshell ;
nsresult rv ;
rv = GetRootDocShell ( cx , getter_AddRefs ( docshell ) ) ;
if ( NS_SUCCEEDED ( rv ) )
{
rv = docshell - > GetAllowJavascript ( result ) ;
if ( NS_FAILED ( rv ) ) return rv ;
if ( ! * result )
2001-08-02 20:32:48 +00:00
return NS_OK ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
2001-08-02 20:32:48 +00:00
//-- See if JS is disabled globally (via prefs)
* result = mIsJavaScriptEnabled ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ( mIsJavaScriptEnabled ! = mIsMailJavaScriptEnabled ) & & docshell )
{
// Is this script running from mail?
2001-08-02 20:32:48 +00:00
PRUint32 appType ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
rv = docshell - > GetAppType ( & appType ) ;
if ( NS_FAILED ( rv ) ) return rv ;
if ( appType = = nsIDocShell : : APP_TYPE_MAIL )
* result = mIsMailJavaScriptEnabled ;
2001-08-02 20:32:48 +00:00
}
if ( ! * result )
return NS_OK ;
//-- Check for a per-site policy
static const char jsPrefGroupName [ ] = " javascript " ;
static const char jsEnabledName [ ] = " enabled " ;
nsCStringKey jsKey ( jsPrefGroupName ) ;
void * policy = mClassPolicies ? mClassPolicies - > Get ( & jsKey ) : nsnull ;
if ( policy )
{
nsCAutoString prefName ;
rv = GetPrefName ( principal , jsPrefGroupName , jsEnabledName , policy , prefName ) ;
//-- early return?
nsCOMPtr < nsISecurityPref > securityPref = do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( NS_SUCCEEDED ( rv ) & & securityPref )
{
PRBool jsEnabledForSite ;
rv = securityPref - > SecurityGetBoolPref ( prefName , & jsEnabledForSite ) ;
if ( NS_FAILED ( rv ) & & ( policy = = ( void * ) CLASS_POLICY_SITE ) )
//-- No site policy for this property; look for a default policy
{
rv = GetPrefName ( principal , jsPrefGroupName , jsEnabledName ,
( void * ) CLASS_POLICY_DEFAULT , prefName ) ;
if ( NS_SUCCEEDED ( rv ) )
rv = securityPref - > SecurityGetBoolPref ( prefName , & jsEnabledForSite ) ;
}
if ( NS_SUCCEEDED ( rv ) & & ! jsEnabledForSite )
{
* result = PR_FALSE ;
return NS_OK ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
}
2001-08-02 20:32:48 +00:00
//-- Nobody vetoed, so allow the JS to run.
* result = PR_TRUE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_OK ;
}
2001-07-31 19:05:34 +00:00
///////////////// Principals ///////////////////////
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_IMETHODIMP
nsScriptSecurityManager : : GetSubjectPrincipal ( nsIPrincipal * * result )
{
JSContext * cx = GetCurrentContextQuick ( ) ;
if ( ! cx )
{
* result = nsnull ;
return NS_OK ;
}
return GetSubjectPrincipal ( cx , result ) ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : GetSystemPrincipal ( nsIPrincipal * * result )
{
if ( ! mSystemPrincipal )
{
mSystemPrincipal = new nsSystemPrincipal ( ) ;
if ( ! mSystemPrincipal )
return NS_ERROR_OUT_OF_MEMORY ;
NS_ADDREF ( mSystemPrincipal ) ;
}
* result = mSystemPrincipal ;
NS_ADDREF ( * result ) ;
return NS_OK ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : GetCertificatePrincipal ( const char * aCertID ,
nsIPrincipal * * result )
{
nsresult rv ;
//-- Create a certificate principal
nsCertificatePrincipal * certificate = new nsCertificatePrincipal ( ) ;
if ( ! certificate )
return NS_ERROR_OUT_OF_MEMORY ;
NS_ADDREF ( certificate ) ;
if ( NS_FAILED ( certificate - > Init ( aCertID ) ) )
{
NS_RELEASE ( certificate ) ;
return NS_ERROR_FAILURE ;
}
nsCOMPtr < nsIPrincipal > principal = do_QueryInterface ( ( nsBasePrincipal * ) certificate , & rv ) ;
NS_RELEASE ( certificate ) ;
if ( NS_FAILED ( rv ) ) return rv ;
if ( mPrincipals )
{
2000-01-18 21:54:01 +00:00
// Check to see if we already have this principal.
nsIPrincipalKey key ( principal ) ;
2000-03-21 04:05:35 +00:00
nsCOMPtr < nsIPrincipal > fromTable = ( nsIPrincipal * ) mPrincipals - > Get ( & key ) ;
2001-07-31 19:05:34 +00:00
if ( fromTable )
2000-03-21 04:05:35 +00:00
principal = fromTable ;
2000-01-18 21:54:01 +00:00
}
2000-03-21 04:05:35 +00:00
//-- Bundle this certificate principal into an aggregate principal
nsAggregatePrincipal * agg = new nsAggregatePrincipal ( ) ;
if ( ! agg ) return NS_ERROR_OUT_OF_MEMORY ;
rv = agg - > SetCertificate ( principal ) ;
if ( NS_FAILED ( rv ) ) return rv ;
principal = do_QueryInterface ( ( nsBasePrincipal * ) agg , & rv ) ;
if ( NS_FAILED ( rv ) ) return rv ;
2000-01-18 21:54:01 +00:00
* result = principal ;
NS_ADDREF ( * result ) ;
return NS_OK ;
}
2001-01-27 01:42:20 +00:00
nsresult
nsScriptSecurityManager : : CreateCodebasePrincipal ( nsIURI * aURI , nsIPrincipal * * result )
1999-09-01 00:54:35 +00:00
{
2001-01-27 01:42:20 +00:00
nsresult rv = NS_OK ;
1999-11-11 22:10:36 +00:00
nsCodebasePrincipal * codebase = new nsCodebasePrincipal ( ) ;
1999-09-01 00:54:35 +00:00
if ( ! codebase )
return NS_ERROR_OUT_OF_MEMORY ;
2000-01-18 21:54:01 +00:00
NS_ADDREF ( codebase ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( codebase - > Init ( aURI ) ) )
{
1999-11-11 22:10:36 +00:00
NS_RELEASE ( codebase ) ;
1999-09-01 00:54:35 +00:00
return NS_ERROR_FAILURE ;
1999-11-11 22:10:36 +00:00
}
2001-01-27 01:42:20 +00:00
rv = CallQueryInterface ( ( nsBasePrincipal * ) codebase , result ) ;
1999-11-11 22:10:36 +00:00
NS_RELEASE ( codebase ) ;
2001-01-27 01:42:20 +00:00
return rv ;
}
NS_IMETHODIMP
nsScriptSecurityManager : : GetCodebasePrincipal ( nsIURI * aURI ,
nsIPrincipal * * result )
{
nsresult rv ;
nsCOMPtr < nsIPrincipal > principal ;
rv = CreateCodebasePrincipal ( aURI , getter_AddRefs ( principal ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
1999-11-11 22:10:36 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( mPrincipals )
{
2001-01-27 01:42:20 +00:00
//-- Check to see if we already have this principal.
1999-11-11 22:10:36 +00:00
nsIPrincipalKey key ( principal ) ;
2000-03-31 00:31:18 +00:00
nsCOMPtr < nsIPrincipal > fromTable = ( nsIPrincipal * ) mPrincipals - > Get ( & key ) ;
2001-07-31 19:05:34 +00:00
if ( fromTable )
2000-03-31 00:31:18 +00:00
principal = fromTable ;
2001-01-27 01:42:20 +00:00
else //-- Check to see if we have a more general principal
{
nsCOMPtr < nsICodebasePrincipal > codebasePrin = do_QueryInterface ( principal ) ;
nsXPIDLCString originUrl ;
rv = codebasePrin - > GetOrigin ( getter_Copies ( originUrl ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsCOMPtr < nsIURI > newURI ;
rv = NS_NewURI ( getter_AddRefs ( newURI ) , originUrl , nsnull ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsCOMPtr < nsIPrincipal > principal2 ;
rv = CreateCodebasePrincipal ( newURI , getter_AddRefs ( principal2 ) ) ;
if ( NS_FAILED ( rv ) ) return rv ;
nsIPrincipalKey key2 ( principal2 ) ;
fromTable = ( nsIPrincipal * ) mPrincipals - > Get ( & key2 ) ;
2001-07-31 19:05:34 +00:00
if ( fromTable )
2001-01-27 01:42:20 +00:00
principal = fromTable ;
}
1999-11-11 22:10:36 +00:00
}
2000-03-31 00:31:18 +00:00
//-- Bundle this codebase principal into an aggregate principal
nsAggregatePrincipal * agg = new nsAggregatePrincipal ( ) ;
if ( ! agg ) return NS_ERROR_OUT_OF_MEMORY ;
rv = agg - > SetCodebase ( principal ) ;
if ( NS_FAILED ( rv ) ) return rv ;
principal = do_QueryInterface ( ( nsBasePrincipal * ) agg , & rv ) ;
if ( NS_FAILED ( rv ) ) return rv ;
1999-11-11 22:10:36 +00:00
* result = principal ;
1999-09-01 00:54:35 +00:00
NS_ADDREF ( * result ) ;
1999-08-29 21:58:42 +00:00
return NS_OK ;
1999-08-20 09:51:02 +00:00
}
2001-03-23 04:22:56 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : GetScriptPrincipal ( JSContext * cx ,
2000-04-14 03:14:53 +00:00
JSScript * script ,
2001-07-31 19:05:34 +00:00
nsIPrincipal * * result )
2000-04-14 03:14:53 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! script )
{
2000-04-14 03:14:53 +00:00
* result = nsnull ;
return NS_OK ;
}
JSPrincipals * jsp = JS_GetScriptPrincipals ( cx , script ) ;
if ( ! jsp ) {
// Script didn't have principals -- shouldn't happen.
2000-01-08 16:51:54 +00:00
return NS_ERROR_FAILURE ;
2000-04-14 03:14:53 +00:00
}
nsJSPrincipals * nsJSPrin = NS_STATIC_CAST ( nsJSPrincipals * , jsp ) ;
* result = nsJSPrin - > nsIPrincipalPtr ;
2001-05-15 04:44:54 +00:00
if ( ! * result )
2000-01-08 16:51:54 +00:00
return NS_ERROR_FAILURE ;
2000-04-14 03:14:53 +00:00
NS_ADDREF ( * result ) ;
return NS_OK ;
2000-01-08 16:51:54 +00:00
2000-04-14 03:14:53 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : GetFunctionObjectPrincipal ( JSContext * cx ,
2000-04-14 03:14:53 +00:00
JSObject * obj ,
2001-07-31 19:05:34 +00:00
nsIPrincipal * * result )
2000-04-14 03:14:53 +00:00
{
JSFunction * fun = ( JSFunction * ) JS_GetPrivate ( cx , obj ) ;
JSScript * script = JS_GetFunctionScript ( cx , fun ) ;
2001-05-30 02:22:22 +00:00
nsCOMPtr < nsIPrincipal > scriptPrincipal ;
if ( script )
if ( NS_FAILED ( GetScriptPrincipal ( cx , script , getter_AddRefs ( scriptPrincipal ) ) ) )
return NS_ERROR_FAILURE ;
if ( script & & ( JS_GetFunctionObject ( fun ) ! = obj ) & &
( scriptPrincipal . get ( ) = = mSystemPrincipal ) )
2001-05-11 00:43:27 +00:00
{
2001-05-30 02:22:22 +00:00
// Function is brutally-shared chrome. For this case only,
// get a principal from the object's scope instead of the
// principal compiled into the function.
2001-05-11 00:43:27 +00:00
return GetObjectPrincipal ( cx , obj , result ) ;
}
2001-05-30 02:22:22 +00:00
* result = scriptPrincipal . get ( ) ;
NS_IF_ADDREF ( * result ) ;
return NS_OK ;
2000-04-14 03:14:53 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : GetFramePrincipal ( JSContext * cx ,
2000-04-14 03:14:53 +00:00
JSStackFrame * fp ,
2001-07-31 19:05:34 +00:00
nsIPrincipal * * result )
2000-04-14 03:14:53 +00:00
{
JSObject * obj = JS_GetFrameFunctionObject ( cx , fp ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! obj )
{
2000-04-14 03:14:53 +00:00
// Must be in a top-level script. Get principal from the script.
JSScript * script = JS_GetFrameScript ( cx , fp ) ;
return GetScriptPrincipal ( cx , script , result ) ;
2001-07-31 19:05:34 +00:00
}
2000-04-14 03:14:53 +00:00
return GetFunctionObjectPrincipal ( cx , obj , result ) ;
1999-09-17 20:13:52 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
nsScriptSecurityManager : : GetPrincipalAndFrame ( JSContext * cx ,
2001-07-31 19:05:34 +00:00
nsIPrincipal * * result ,
JSStackFrame * * frameResult )
1999-09-15 04:05:43 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// Get principals from innermost frame of JavaScript or Java.
JSStackFrame * fp = nsnull ; // tell JS_FrameIterator to start at innermost
for ( fp = JS_FrameIterator ( cx , & fp ) ; fp ; fp = JS_FrameIterator ( cx , & fp ) )
{
if ( NS_FAILED ( GetFramePrincipal ( cx , fp , result ) ) )
2000-04-14 03:14:53 +00:00
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( * result )
{
* frameResult = fp ;
return NS_OK ;
1999-11-11 22:10:36 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
2000-04-14 03:14:53 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- If there's no principal on the stack, look at the global object
// and return the innermost frame for annotations.
2001-07-31 19:05:34 +00:00
if ( cx )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
2001-07-31 19:05:34 +00:00
nsCOMPtr < nsIScriptContext > scriptContext =
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_REINTERPRET_CAST ( nsIScriptContext * , JS_GetContextPrivate ( cx ) ) ;
if ( scriptContext )
2000-04-14 03:14:53 +00:00
{
2001-06-20 03:27:48 +00:00
nsCOMPtr < nsIScriptGlobalObject > global ;
scriptContext - > GetGlobalObject ( getter_AddRefs ( global ) ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_ENSURE_TRUE ( global , NS_ERROR_FAILURE ) ;
nsCOMPtr < nsIScriptObjectPrincipal > globalData = do_QueryInterface ( global ) ;
NS_ENSURE_TRUE ( globalData , NS_ERROR_FAILURE ) ;
globalData - > GetPrincipal ( result ) ;
if ( * result )
{
JSStackFrame * inner = nsnull ;
* frameResult = JS_FrameIterator ( cx , & inner ) ;
return NS_OK ;
}
2000-04-14 03:14:53 +00:00
}
2001-07-31 19:05:34 +00:00
}
2000-04-14 03:14:53 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
* result = nsnull ;
1999-11-11 22:10:36 +00:00
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : GetSubjectPrincipal ( JSContext * cx ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsIPrincipal * * result )
{
JSStackFrame * fp ;
2001-05-11 00:43:27 +00:00
return GetPrincipalAndFrame ( cx , result , & fp ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
nsresult
nsScriptSecurityManager : : GetObjectPrincipal ( JSContext * aCx , JSObject * aObj ,
nsIPrincipal * * result )
{
JSObject * parent = aObj ;
do
{
JSClass * jsClass = JS_GetClass ( aCx , parent ) ;
2001-07-31 19:05:34 +00:00
const uint32 privateNsISupports = JSCLASS_HAS_PRIVATE |
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
JSCLASS_PRIVATE_IS_NSISUPPORTS ;
2001-07-31 19:05:34 +00:00
if ( jsClass & & ( jsClass - > flags & ( privateNsISupports ) ) = =
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
privateNsISupports )
{
nsCOMPtr < nsISupports > supports = ( nsISupports * ) JS_GetPrivate ( aCx , parent ) ;
2001-07-31 19:05:34 +00:00
nsCOMPtr < nsIScriptObjectPrincipal > objPrin =
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
do_QueryInterface ( supports ) ;
if ( ! objPrin )
{
/*
* If it ' s a wrapped native , check the underlying native
* instead .
*/
2001-07-31 19:05:34 +00:00
nsCOMPtr < nsIXPConnectWrappedNative > xpcNative =
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
do_QueryInterface ( supports ) ;
if ( xpcNative )
xpcNative - > GetNative ( getter_AddRefs ( supports ) ) ;
objPrin = do_QueryInterface ( supports ) ;
}
if ( objPrin & & NS_SUCCEEDED ( objPrin - > GetPrincipal ( result ) ) )
return NS_OK ;
}
parent = JS_GetParent ( aCx , parent ) ;
} while ( parent ) ;
// Couldn't find a principal for this object.
return NS_ERROR_FAILURE ;
}
nsresult
nsScriptSecurityManager : : SavePrincipal ( nsIPrincipal * aToSave )
{
nsresult rv ;
nsCOMPtr < nsIPrincipal > persistent = aToSave ;
nsCOMPtr < nsIAggregatePrincipal > aggregate = do_QueryInterface ( aToSave , & rv ) ;
if ( NS_SUCCEEDED ( rv ) )
if ( NS_FAILED ( aggregate - > GetPrimaryChild ( getter_AddRefs ( persistent ) ) ) )
return NS_ERROR_FAILURE ;
//-- Save to mPrincipals
2001-07-31 19:05:34 +00:00
if ( ! mPrincipals )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
mPrincipals = new nsSupportsHashtable ( 31 ) ;
if ( ! mPrincipals )
return NS_ERROR_OUT_OF_MEMORY ;
}
nsIPrincipalKey key ( persistent ) ;
mPrincipals - > Put ( & key , persistent ) ;
//-- Save to prefs
nsXPIDLCString idPrefName ;
nsXPIDLCString id ;
nsXPIDLCString grantedList ;
nsXPIDLCString deniedList ;
rv = persistent - > GetPreferences ( getter_Copies ( idPrefName ) ,
getter_Copies ( id ) ,
getter_Copies ( grantedList ) ,
getter_Copies ( deniedList ) ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
nsXPIDLCString grantedPrefName ;
nsXPIDLCString deniedPrefName ;
2001-07-31 19:05:34 +00:00
rv = PrincipalPrefNames ( idPrefName ,
getter_Copies ( grantedPrefName ) ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
getter_Copies ( deniedPrefName ) ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsISecurityPref > securityPref = do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( ! securityPref )
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mIsWritingPrefs = PR_TRUE ;
if ( grantedList )
2001-08-02 20:32:48 +00:00
securityPref - > SecuritySetCharPref ( grantedPrefName , grantedList ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else
2001-08-02 20:32:48 +00:00
securityPref - > SecurityClearUserPref ( grantedPrefName ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( deniedList )
2001-08-02 20:32:48 +00:00
securityPref - > SecuritySetCharPref ( deniedPrefName , deniedList ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else
2001-08-02 20:32:48 +00:00
securityPref - > SecurityClearUserPref ( deniedPrefName ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( grantedList | | deniedList )
2001-08-02 20:32:48 +00:00
securityPref - > SecuritySetCharPref ( idPrefName , id ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else
2001-08-02 20:32:48 +00:00
securityPref - > SecurityClearUserPref ( idPrefName ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mIsWritingPrefs = PR_FALSE ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsIPrefService > prefService ( do_GetService ( NS_PREFSERVICE_CONTRACTID , & rv ) ) ;
NS_ENSURE_SUCCESS ( rv , rv ) ;
return prefService - > SavePrefFile ( nsnull ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
///////////////// Capabilities API /////////////////////
NS_IMETHODIMP
nsScriptSecurityManager : : IsCapabilityEnabled ( const char * capability ,
PRBool * result )
{
nsresult rv ;
JSStackFrame * fp = nsnull ;
JSContext * cx = GetCurrentContextQuick ( ) ;
fp = cx ? JS_FrameIterator ( cx , & fp ) : nsnull ;
2001-06-22 02:08:10 +00:00
if ( ! fp )
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// No script code on stack. Allow execution.
* result = PR_TRUE ;
return NS_OK ;
}
2001-06-22 02:08:10 +00:00
* result = PR_FALSE ;
nsCOMPtr < nsIPrincipal > previousPrincipal ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
do
{
nsCOMPtr < nsIPrincipal > principal ;
if ( NS_FAILED ( GetFramePrincipal ( cx , fp , getter_AddRefs ( principal ) ) ) )
return NS_ERROR_FAILURE ;
if ( ! principal )
continue ;
2001-06-22 02:08:10 +00:00
// If caller has a different principal, stop looking up the stack.
if ( previousPrincipal )
{
PRBool isEqual = PR_FALSE ;
if ( NS_FAILED ( previousPrincipal - > Equals ( principal , & isEqual ) ) | | ! isEqual )
break ;
}
else
previousPrincipal = principal ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
2001-07-31 19:05:34 +00:00
// First check if the principal is even able to enable the
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// given capability. If not, don't look any further.
PRInt16 canEnable ;
rv = principal - > CanEnableCapability ( capability , & canEnable ) ;
2001-06-22 02:08:10 +00:00
if ( NS_FAILED ( rv ) ) return rv ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( canEnable ! = nsIPrincipal : : ENABLE_GRANTED & &
canEnable ! = nsIPrincipal : : ENABLE_WITH_USER_PERMISSION )
return NS_OK ;
// Now see if the capability is enabled.
void * annotation = JS_GetFrameAnnotation ( cx , fp ) ;
2001-06-22 02:08:10 +00:00
rv = principal - > IsCapabilityEnabled ( capability , annotation , result ) ;
if ( NS_FAILED ( rv ) ) return rv ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( * result )
return NS_OK ;
} while ( ( fp = JS_FrameIterator ( cx , & fp ) ) ! = nsnull ) ;
return NS_OK ;
}
# define PROPERTIES_URL "chrome: //communicator/locale/security/security.properties"
nsresult
2001-07-31 19:05:34 +00:00
Localize ( char * genericString , nsString & result )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
nsresult ret ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
/* create a URL for the string resource file */
nsIIOService * pNetService = nsnull ;
ret = nsServiceManager : : GetService ( kIOServiceCID , kIIOServiceIID ,
( nsISupports * * ) & pNetService ) ;
if ( NS_FAILED ( ret ) )
{
NS_WARNING ( " cannot get net service \n " ) ;
return ret ;
}
nsIURI * uri = nsnull ;
ret = pNetService - > NewURI ( PROPERTIES_URL , nsnull , & uri ) ;
if ( NS_FAILED ( ret ) )
{
NS_WARNING ( " cannot create URI \n " ) ;
nsServiceManager : : ReleaseService ( kIOServiceCID , pNetService ) ;
return ret ;
}
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsIURI * url = nsnull ;
ret = uri - > QueryInterface ( NS_GET_IID ( nsIURI ) , ( void * * ) & url ) ;
nsServiceManager : : ReleaseService ( kIOServiceCID , pNetService ) ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( ret ) )
{
2000-10-28 22:17:53 +00:00
NS_WARNING ( " cannot create URL \n " ) ;
2000-02-10 04:56:56 +00:00
return ret ;
}
2001-07-31 19:05:34 +00:00
2000-02-10 04:56:56 +00:00
/* create a bundle for the localization */
nsIStringBundleService * pStringService = nsnull ;
ret = nsServiceManager : : GetService ( kStringBundleServiceCID ,
kIStringBundleServiceIID , ( nsISupports * * ) & pStringService ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( ret ) )
{
2000-10-28 22:17:53 +00:00
NS_WARNING ( " cannot get string service \n " ) ;
2000-02-10 04:56:56 +00:00
return ret ;
}
char * spec = nsnull ;
ret = url - > GetSpec ( & spec ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( ret ) )
{
2000-10-28 22:17:53 +00:00
NS_WARNING ( " cannot get url spec \n " ) ;
2000-02-10 04:56:56 +00:00
nsServiceManager : : ReleaseService ( kStringBundleServiceCID , pStringService ) ;
nsCRT : : free ( spec ) ;
return ret ;
}
nsIStringBundle * bundle = nsnull ;
2001-04-27 21:30:24 +00:00
ret = pStringService - > CreateBundle ( spec , & bundle ) ;
2000-02-10 04:56:56 +00:00
nsCRT : : free ( spec ) ;
nsServiceManager : : ReleaseService ( kStringBundleServiceCID , pStringService ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( ret ) )
{
2000-10-28 22:17:53 +00:00
NS_WARNING ( " cannot create instance \n " ) ;
2000-02-10 04:56:56 +00:00
return ret ;
}
2001-07-31 19:05:34 +00:00
2000-02-10 04:56:56 +00:00
/* localize the given string */
2000-04-01 00:39:02 +00:00
nsAutoString strtmp ;
strtmp . AssignWithConversion ( genericString ) ;
2000-02-10 04:56:56 +00:00
PRUnichar * ptrv = nsnull ;
2001-06-30 11:02:25 +00:00
ret = bundle - > GetStringFromName ( strtmp . get ( ) , & ptrv ) ;
2000-02-10 04:56:56 +00:00
NS_RELEASE ( bundle ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( ret ) )
2000-10-28 22:17:53 +00:00
NS_WARNING ( " cannot get string from name \n " ) ;
2000-02-10 04:56:56 +00:00
result = ptrv ;
nsCRT : : free ( ptrv ) ;
return ret ;
}
static PRBool
2000-09-09 00:53:21 +00:00
CheckConfirmDialog ( JSContext * cx , const PRUnichar * szMessage , const PRUnichar * szCheckMessage ,
2001-07-31 19:05:34 +00:00
PRBool * checkValue )
2000-02-10 04:56:56 +00:00
{
2000-09-09 00:53:21 +00:00
nsresult res ;
//-- Get a prompter for the current window.
nsCOMPtr < nsIPrompt > prompter ;
nsCOMPtr < nsIScriptContext > scriptContext = ( nsIScriptContext * ) JS_GetContextPrivate ( cx ) ;
if ( scriptContext )
{
2001-06-20 03:27:48 +00:00
nsCOMPtr < nsIScriptGlobalObject > globalObject ;
scriptContext - > GetGlobalObject ( getter_AddRefs ( globalObject ) ) ;
2000-09-09 00:53:21 +00:00
NS_ASSERTION ( globalObject , " script context has no global object " ) ;
nsCOMPtr < nsIDOMWindowInternal > domWin = do_QueryInterface ( globalObject ) ;
if ( domWin )
domWin - > GetPrompter ( getter_AddRefs ( prompter ) ) ;
}
if ( ! prompter )
{
2001-04-07 03:33:56 +00:00
//-- Couldn't get prompter from the current window, so get the prompt service.
nsCOMPtr < nsIWindowWatcher > wwatch ( do_GetService ( " @mozilla.org/embedcomp/window-watcher;1 " ) ) ;
if ( wwatch )
wwatch - > GetNewPrompter ( 0 , getter_AddRefs ( prompter ) ) ;
}
if ( ! prompter )
{
* checkValue = 0 ;
return PR_FALSE ;
2000-02-10 04:56:56 +00:00
}
2001-07-31 19:05:34 +00:00
2000-02-10 04:56:56 +00:00
PRInt32 buttonPressed = 1 ; /* in case user exits dialog by clicking X */
2001-04-21 00:26:18 +00:00
nsAutoString dialogTitle ;
if ( NS_FAILED ( res = Localize ( " Titleline " , dialogTitle ) ) )
2000-02-10 04:56:56 +00:00
return PR_FALSE ;
2001-06-30 11:02:25 +00:00
res = prompter - > ConfirmEx ( dialogTitle . get ( ) , szMessage ,
2001-04-21 00:26:18 +00:00
( nsIPrompt : : BUTTON_TITLE_YES * nsIPrompt : : BUTTON_POS_0 ) +
( nsIPrompt : : BUTTON_TITLE_NO * nsIPrompt : : BUTTON_POS_1 ) ,
2001-05-06 15:03:55 +00:00
nsnull , nsnull , nsnull , szCheckMessage , checkValue , & buttonPressed ) ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_FAILED ( res ) )
2000-02-10 04:56:56 +00:00
* checkValue = 0 ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( * checkValue ! = 0 & & * checkValue ! = 1 )
2000-02-10 04:56:56 +00:00
* checkValue = 0 ; /* this should never happen but it is happening!!! */
return ( buttonPressed = = 0 ) ;
}
2000-05-16 03:40:51 +00:00
NS_IMETHODIMP
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : RequestCapability ( nsIPrincipal * aPrincipal ,
2000-05-16 03:40:51 +00:00
const char * capability , PRInt16 * canEnable )
{
if ( NS_FAILED ( aPrincipal - > CanEnableCapability ( capability , canEnable ) ) )
return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( * canEnable = = nsIPrincipal : : ENABLE_WITH_USER_PERMISSION )
{
2000-05-16 03:40:51 +00:00
// Prompt user for permission to enable capability.
static PRBool remember = PR_TRUE ;
nsAutoString query , check ;
if ( NS_FAILED ( Localize ( " EnableCapabilityQuery " , query ) ) )
return NS_ERROR_FAILURE ;
if ( NS_FAILED ( Localize ( " CheckMessage " , check ) ) )
return NS_ERROR_FAILURE ;
char * source ;
if ( NS_FAILED ( aPrincipal - > ToUserVisibleString ( & source ) ) )
return NS_ERROR_FAILURE ;
2001-06-30 11:02:25 +00:00
PRUnichar * message = nsTextFormatter : : smprintf ( query . get ( ) , source ) ;
2000-05-16 03:40:51 +00:00
Recycle ( source ) ;
2000-09-09 00:53:21 +00:00
JSContext * cx = GetCurrentContextQuick ( ) ;
2001-06-30 11:02:25 +00:00
if ( CheckConfirmDialog ( cx , message , check . get ( ) , & remember ) )
2000-05-16 03:40:51 +00:00
* canEnable = nsIPrincipal : : ENABLE_GRANTED ;
else
* canEnable = nsIPrincipal : : ENABLE_DENIED ;
PR_FREEIF ( message ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( remember )
{
2000-05-16 03:40:51 +00:00
//-- Save principal to prefs and to mPrincipals
if ( NS_FAILED ( aPrincipal - > SetCanEnableCapability ( capability , * canEnable ) ) )
return NS_ERROR_FAILURE ;
if ( NS_FAILED ( SavePrincipal ( aPrincipal ) ) )
return NS_ERROR_FAILURE ;
}
}
return NS_OK ;
}
1999-10-28 22:09:03 +00:00
NS_IMETHODIMP
nsScriptSecurityManager : : EnableCapability ( const char * capability )
1999-09-15 04:05:43 +00:00
{
2000-08-22 06:02:14 +00:00
JSContext * cx = GetCurrentContextQuick ( ) ;
1999-11-11 22:10:36 +00:00
JSStackFrame * fp ;
2000-08-11 03:11:24 +00:00
2001-06-22 02:08:10 +00:00
//-- Error checks for capability string length (200)
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( PL_strlen ( capability ) > 200 )
{
2000-08-11 03:11:24 +00:00
static const char msg [ ] = " Capability name too long " ;
JS_SetPendingException ( cx , STRING_TO_JSVAL ( JS_NewStringCopyZ ( cx , msg ) ) ) ;
return NS_ERROR_FAILURE ;
}
2001-07-31 19:05:34 +00:00
1999-11-11 22:10:36 +00:00
nsCOMPtr < nsIPrincipal > principal ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( GetPrincipalAndFrame ( cx , getter_AddRefs ( principal ) , & fp ) ) )
1999-11-11 22:10:36 +00:00
return NS_ERROR_FAILURE ;
void * annotation = JS_GetFrameAnnotation ( cx , fp ) ;
PRBool enabled ;
2001-07-31 19:05:34 +00:00
if ( NS_FAILED ( principal - > IsCapabilityEnabled ( capability , annotation ,
1999-11-11 22:10:36 +00:00
& enabled ) ) )
return NS_ERROR_FAILURE ;
if ( enabled )
return NS_OK ;
2000-05-16 03:40:51 +00:00
1999-11-11 22:10:36 +00:00
PRInt16 canEnable ;
2000-05-16 03:40:51 +00:00
if ( NS_FAILED ( RequestCapability ( principal , capability , & canEnable ) ) )
1999-11-11 22:10:36 +00:00
return NS_ERROR_FAILURE ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( canEnable ! = nsIPrincipal : : ENABLE_GRANTED )
{
1999-11-11 22:10:36 +00:00
static const char msg [ ] = " enablePrivilege not granted " ;
JS_SetPendingException ( cx , STRING_TO_JSVAL ( JS_NewStringCopyZ ( cx , msg ) ) ) ;
return NS_ERROR_FAILURE ; // XXX better error code?
}
2001-07-31 19:05:34 +00:00
if ( NS_FAILED ( principal - > EnableCapability ( capability , & annotation ) ) )
1999-11-11 22:10:36 +00:00
return NS_ERROR_FAILURE ;
JS_SetFrameAnnotation ( cx , fp , annotation ) ;
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
NS_IMETHODIMP
1999-10-28 22:09:03 +00:00
nsScriptSecurityManager : : RevertCapability ( const char * capability )
1999-09-15 04:05:43 +00:00
{
2000-08-22 06:02:14 +00:00
JSContext * cx = GetCurrentContextQuick ( ) ;
1999-11-11 22:10:36 +00:00
JSStackFrame * fp ;
nsCOMPtr < nsIPrincipal > principal ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( GetPrincipalAndFrame ( cx , getter_AddRefs ( principal ) , & fp ) ) )
1999-11-11 22:10:36 +00:00
return NS_ERROR_FAILURE ;
void * annotation = JS_GetFrameAnnotation ( cx , fp ) ;
principal - > RevertCapability ( capability , & annotation ) ;
JS_SetFrameAnnotation ( cx , fp , annotation ) ;
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
NS_IMETHODIMP
1999-10-28 22:09:03 +00:00
nsScriptSecurityManager : : DisableCapability ( const char * capability )
1999-09-15 04:05:43 +00:00
{
2000-08-22 06:02:14 +00:00
JSContext * cx = GetCurrentContextQuick ( ) ;
1999-11-11 22:10:36 +00:00
JSStackFrame * fp ;
nsCOMPtr < nsIPrincipal > principal ;
2001-05-11 00:43:27 +00:00
if ( NS_FAILED ( GetPrincipalAndFrame ( cx , getter_AddRefs ( principal ) , & fp ) ) )
1999-11-11 22:10:36 +00:00
return NS_ERROR_FAILURE ;
void * annotation = JS_GetFrameAnnotation ( cx , fp ) ;
principal - > DisableCapability ( capability , & annotation ) ;
JS_SetFrameAnnotation ( cx , fp , annotation ) ;
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//////////////// Master Certificate Functions ///////////////////////////////////////
2000-04-26 03:50:07 +00:00
NS_IMETHODIMP
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : SetCanEnableCapability ( const char * certificateID ,
2000-04-26 03:50:07 +00:00
const char * capability ,
PRInt16 canEnable )
{
nsresult rv ;
nsCOMPtr < nsIPrincipal > subjectPrincipal ;
rv = GetSubjectPrincipal ( getter_AddRefs ( subjectPrincipal ) ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
//-- Get the system certificate
if ( ! mSystemCertificate )
{
nsCOMPtr < nsIFile > systemCertFile ;
2001-07-25 07:54:28 +00:00
nsCOMPtr < nsIProperties > directoryService =
do_GetService ( NS_DIRECTORY_SERVICE_CONTRACTID , & rv ) ;
2000-05-16 03:40:51 +00:00
if ( ! directoryService ) return NS_ERROR_FAILURE ;
2001-07-31 19:05:34 +00:00
rv = directoryService - > Get ( NS_XPCOM_CURRENT_PROCESS_DIR , NS_GET_IID ( nsIFile ) ,
2000-05-16 03:40:51 +00:00
getter_AddRefs ( systemCertFile ) ) ;
2000-04-26 03:50:07 +00:00
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
2000-06-02 22:22:11 +00:00
# ifdef XP_MAC
// On Mac, this file will be located in the Essential Files folder
systemCertFile - > Append ( " Essential Files " ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
# endif
2000-04-26 03:50:07 +00:00
systemCertFile - > Append ( " systemSignature.jar " ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
2001-02-23 00:15:04 +00:00
nsCOMPtr < nsIZipReader > systemCertZip ;
2001-07-31 19:05:34 +00:00
rv = nsComponentManager : : CreateInstance ( kZipReaderCID , nsnull ,
2000-04-26 03:50:07 +00:00
NS_GET_IID ( nsIZipReader ) ,
2001-02-23 00:15:04 +00:00
getter_AddRefs ( systemCertZip ) ) ;
2000-04-26 03:50:07 +00:00
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
2001-02-23 00:15:04 +00:00
systemCertZip - > Init ( systemCertFile ) ;
rv = systemCertZip - > Open ( ) ;
2000-05-16 03:40:51 +00:00
if ( NS_SUCCEEDED ( rv ) )
{
2001-03-02 00:09:20 +00:00
nsCOMPtr < nsIJAR > systemCertJar = do_QueryInterface ( systemCertZip , & rv ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
2001-07-31 19:05:34 +00:00
rv = systemCertJar - > GetCertificatePrincipal ( nsnull ,
2000-05-16 03:40:51 +00:00
getter_AddRefs ( mSystemCertificate ) ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
}
2000-04-26 03:50:07 +00:00
}
//-- Make sure the caller's principal is the system certificate
PRBool isEqual = PR_FALSE ;
if ( mSystemCertificate )
{
rv = mSystemCertificate - > Equals ( subjectPrincipal , & isEqual ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
}
if ( ! isEqual )
{
2000-08-22 06:02:14 +00:00
JSContext * cx = GetCurrentContextQuick ( ) ;
2000-04-26 03:50:07 +00:00
if ( ! cx ) return NS_ERROR_FAILURE ;
static const char msg1 [ ] = " Only code signed by the system certificate may call SetCanEnableCapability or Invalidate " ;
static const char msg2 [ ] = " Attempt to call SetCanEnableCapability or Invalidate when no system certificate has been established " ;
2001-07-31 19:05:34 +00:00
JS_SetPendingException ( cx , STRING_TO_JSVAL ( JS_NewStringCopyZ ( cx ,
2000-04-26 03:50:07 +00:00
mSystemCertificate ? msg1 : msg2 ) ) ) ;
return NS_ERROR_FAILURE ;
}
//-- Get the target principal
nsCOMPtr < nsIPrincipal > objectPrincipal ;
rv = GetCertificatePrincipal ( certificateID , getter_AddRefs ( objectPrincipal ) ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
rv = objectPrincipal - > SetCanEnableCapability ( capability , canEnable ) ;
if ( NS_FAILED ( rv ) ) return NS_ERROR_FAILURE ;
return SavePrincipal ( objectPrincipal ) ;
}
////////////////////////////////////////////////
// Methods implementing nsIXPCSecurityManager //
////////////////////////////////////////////////
NS_IMETHODIMP
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : CanCreateWrapper ( JSContext * aJSContext ,
const nsIID & aIID ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsISupports * aObj ,
nsIClassInfo * aClassInfo ,
void * * aPolicy )
{
#if 0
char * iidStr = aIID . ToString ( ) ;
printf ( " ### CanCreateWrapper(%s) " , iidStr ) ;
PR_FREEIF ( iidStr ) ;
# endif
// XXX Special case for nsIXPCException ?
if ( IsDOMClass ( aClassInfo ) )
{
#if 0
printf ( " DOM class - GRANTED. \n " ) ;
# endif
return NS_OK ;
1999-11-20 07:28:34 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//--See if the object advertises a non-default level of access
// using nsISecurityCheckedComponent
nsCOMPtr < nsISecurityCheckedComponent > checkedComponent =
do_QueryInterface ( aObj ) ;
nsXPIDLCString objectSecurityLevel ;
if ( checkedComponent )
checkedComponent - > CanCreateWrapper ( ( nsIID * ) & aIID , getter_Copies ( objectSecurityLevel ) ) ;
2001-05-11 00:43:27 +00:00
return CheckXPCPermissions ( aJSContext , aObj , objectSecurityLevel ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
" Permission denied to create wrapper for object " ) ;
1999-11-20 07:28:34 +00:00
}
2000-05-16 03:40:51 +00:00
NS_IMETHODIMP
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : CanCreateInstance ( JSContext * aJSContext ,
const nsCID & aCID )
2000-05-16 03:40:51 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//XXX Special cases needed: exceptions?
#if 0
char * cidStr = aCID . ToString ( ) ;
printf ( " ### CanCreateInstance(%s) " , cidStr ) ;
PR_FREEIF ( cidStr ) ;
# endif
2000-05-16 03:40:51 +00:00
2001-05-11 00:43:27 +00:00
return CheckXPCPermissions ( aJSContext , nsnull , nsnull ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
" Permission denied to create instance of class " ) ;
}
NS_IMETHODIMP
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : CanGetService ( JSContext * aJSContext ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
const nsCID & aCID )
{
#if 0
char * cidStr = aCID . ToString ( ) ;
printf ( " ### CanGetService(%s) " , cidStr ) ;
PR_FREEIF ( cidStr ) ;
# endif
2001-05-11 00:43:27 +00:00
return CheckXPCPermissions ( aJSContext , nsnull , nsnull ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
" Permission denied to get service " ) ;
}
/* void CanAccess (in PRUint32 aAction, in nsIXPCNativeCallContext aCallContext, in JSContextPtr aJSContext, in JSObjectPtr aJSObject, in nsISupports aObj, in nsIClassInfo aClassInfo, in JSVal aName, inout voidPtr aPolicy); */
2001-07-31 19:05:34 +00:00
NS_IMETHODIMP
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : CanAccess ( PRUint32 aAction ,
nsIXPCNativeCallContext * aCallContext ,
JSContext * aJSContext ,
JSObject * aJSObject ,
nsISupports * aObj ,
nsIClassInfo * aClassInfo ,
jsval aName ,
void * * aPolicy )
{
2001-05-19 00:33:51 +00:00
return CheckPropertyAccessImpl ( aAction , aCallContext , aJSContext ,
aJSObject , aObj , nsnull , aClassInfo ,
aName , nsnull , nsnull , aPolicy ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
nsresult
nsScriptSecurityManager : : CheckXPCPermissions ( JSContext * aJSContext ,
nsISupports * aObj ,
const char * aObjectSecurityLevel ,
const char * aErrorMsg )
{
//-- Check for the all-powerful UniversalXPConnect privilege
PRBool ok = PR_FALSE ;
2001-05-11 00:43:27 +00:00
if ( NS_SUCCEEDED ( IsCapabilityEnabled ( " UniversalXPConnect " , & ok ) ) & & ok )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_OK ;
//-- If the object implements nsISecurityCheckedComponent, it has a non-default policy.
if ( aObjectSecurityLevel )
2000-05-16 03:40:51 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( PL_strcasecmp ( aObjectSecurityLevel , " AllAccess " ) = = 0 )
return NS_OK ;
else if ( PL_strcasecmp ( aObjectSecurityLevel , " NoAccess " ) ! = 0 )
{
PRBool canAccess = PR_FALSE ;
if ( NS_SUCCEEDED ( IsCapabilityEnabled ( aObjectSecurityLevel , & canAccess ) ) & &
canAccess )
return NS_OK ;
}
2000-05-16 03:40:51 +00:00
}
2001-07-31 19:05:34 +00:00
//-- If user allows scripting of plugins by untrusted scripts,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// and the target object is a plugin, allow the access.
if ( aObj )
{
nsresult rv ;
nsCOMPtr < nsIPluginInstance > plugin = do_QueryInterface ( aObj , & rv ) ;
if ( NS_SUCCEEDED ( rv ) )
{
static PRBool prefSet = PR_FALSE ;
static PRBool allowPluginAccess = PR_FALSE ;
if ( ! prefSet )
{
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsISecurityPref > securityPref = do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( ! securityPref )
return NS_ERROR_FAILURE ;
rv = securityPref - > SecurityGetBoolPref ( " security.xpconnect.plugin.unrestricted " ,
& allowPluginAccess ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
prefSet = PR_TRUE ;
}
if ( allowPluginAccess )
return NS_OK ;
}
}
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Access tests failed, so report error
2001-07-31 19:05:34 +00:00
JS_SetPendingException ( aJSContext ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
STRING_TO_JSVAL ( JS_NewStringCopyZ ( aJSContext , aErrorMsg ) ) ) ;
return NS_ERROR_DOM_XPCONNECT_ACCESS_DENIED ;
}
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
/////////////////////////////////////
// Method implementing nsIObserver //
/////////////////////////////////////
NS_IMETHODIMP
nsScriptSecurityManager : : Observe ( nsISupports * aObject , const PRUnichar * aAction ,
const PRUnichar * aPrefName )
{
nsresult rv = NS_OK ;
nsCAutoString prefNameStr ;
prefNameStr . AssignWithConversion ( aPrefName ) ;
char * prefName = prefNameStr . ToNewCString ( ) ;
if ( ! prefName )
return NS_ERROR_OUT_OF_MEMORY ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsISecurityPref > securityPref = do_QueryReferent ( mPrefBranchWeakRef ) ;
if ( ! securityPref )
return NS_ERROR_FAILURE ;
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
static const char jsPrefix [ ] = " javascript. " ;
if ( PL_strncmp ( prefName , jsPrefix , sizeof ( jsPrefix ) - 1 ) = = 0 )
2001-08-02 20:32:48 +00:00
JSEnabledPrefChanged ( securityPref ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else if ( ( PL_strncmp ( prefName , sPrincipalPrefix , sizeof ( sPrincipalPrefix ) - 1 ) = = 0 ) & &
! mIsWritingPrefs )
{
static const char id [ ] = " id " ;
char * lastDot = PL_strrchr ( prefName , ' . ' ) ;
//-- This check makes sure the string copy below doesn't overwrite its bounds
if ( PL_strlen ( lastDot ) > = sizeof ( id ) )
{
PL_strcpy ( lastDot + 1 , id ) ;
const char * * idPrefArray = ( const char * * ) & prefName ;
2001-08-02 20:32:48 +00:00
rv = InitPrincipals ( 1 , idPrefArray , securityPref ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
}
PR_Free ( prefName ) ;
return rv ;
}
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
/////////////////////////////////////////////
// Constructor, Destructor, Initialization //
/////////////////////////////////////////////
nsScriptSecurityManager : : nsScriptSecurityManager ( void )
: mOriginToPolicyMap ( nsnull ) ,
mClassPolicies ( nsnull ) ,
2001-07-31 19:05:34 +00:00
mSystemPrincipal ( nsnull ) , mPrincipals ( nsnull ) ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mIsJavaScriptEnabled ( PR_FALSE ) ,
mIsMailJavaScriptEnabled ( PR_FALSE ) ,
mIsWritingPrefs ( PR_FALSE ) ,
mNameSetRegistered ( PR_FALSE )
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
NS_INIT_REFCNT ( ) ;
InitPrefs ( ) ;
mThreadJSContextStack = do_GetService ( " @mozilla.org/js/xpc/ContextStack;1 " ) ;
2000-05-16 03:40:51 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager : : ~ nsScriptSecurityManager ( void )
{
delete mOriginToPolicyMap ;
delete mClassPolicies ;
NS_IF_RELEASE ( mSystemPrincipal ) ;
delete mPrincipals ;
2001-07-31 19:05:34 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
2001-08-07 03:59:29 +00:00
static nsScriptSecurityManager * ssecMan = NULL ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsScriptSecurityManager *
nsScriptSecurityManager : : GetScriptSecurityManager ( )
1999-10-28 22:09:03 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! ssecMan )
{
ssecMan = new nsScriptSecurityManager ( ) ;
if ( ! ssecMan )
return NULL ;
nsresult rv ;
2001-07-31 19:05:34 +00:00
rv = nsJSPrincipals : : Startup ( ) ;
if ( NS_FAILED ( rv ) )
NS_WARNING ( " can't initialize JS engine security protocol glue! " ) ;
2001-07-25 07:54:28 +00:00
nsCOMPtr < nsIXPConnect > xpc =
do_GetService ( nsIXPConnect : : GetCID ( ) , & rv ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( NS_SUCCEEDED ( rv ) & & xpc )
{
rv = xpc - > SetDefaultSecurityManager (
2001-07-31 19:05:34 +00:00
NS_STATIC_CAST ( nsIXPCSecurityManager * , ssecMan ) ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsIXPCSecurityManager : : HOOK_ALL ) ;
if ( NS_FAILED ( rv ) )
2001-07-31 19:05:34 +00:00
NS_WARNING ( " failed to install xpconnect security manager! " ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
# ifdef DEBUG_jband
else
printf ( " !!!!! xpc security manager registered \n " ) ;
# endif
2000-02-11 04:18:39 +00:00
}
1999-11-11 22:10:36 +00:00
else
2001-07-31 19:05:34 +00:00
NS_WARNING ( " can't get xpconnect to install security manager! " ) ;
2000-02-11 04:18:39 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return ssecMan ;
1999-10-28 22:09:03 +00:00
}
2001-08-07 03:59:29 +00:00
// Currently this nsGenericFactory constructor is used only from FastLoad
// (XPCOM object deserialization) code, when "creating" the system principal
// singleton.
2001-08-07 04:45:27 +00:00
nsSystemPrincipal *
2001-08-07 03:59:29 +00:00
nsScriptSecurityManager : : SystemPrincipalSingletonConstructor ( )
{
nsIPrincipal * sysprin = nsnull ;
if ( ssecMan )
ssecMan - > GetSystemPrincipal ( & sysprin ) ;
return NS_STATIC_CAST ( nsSystemPrincipal * , sysprin ) ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
const char * nsScriptSecurityManager : : sJSEnabledPrefName = " javascript.enabled " ;
const char * nsScriptSecurityManager : : sJSMailEnabledPrefName = " javascript.allow.mailnews " ;
const char * nsScriptSecurityManager : : sPrincipalPrefix = " capability.principal " ;
1999-11-16 05:07:31 +00:00
PR_STATIC_CALLBACK ( PRBool )
DeleteEntry ( nsHashKey * aKey , void * aData , void * closure )
{
2000-02-03 23:28:36 +00:00
nsDomainEntry * entry = ( nsDomainEntry * ) aData ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
do
{
2000-02-03 23:28:36 +00:00
nsDomainEntry * next = entry - > mNext ;
delete entry ;
entry = next ;
} while ( entry ) ;
1999-11-16 05:07:31 +00:00
return PR_TRUE ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-08-02 20:32:48 +00:00
nsScriptSecurityManager : : InitPolicies ( PRUint32 aPrefCount , const char * * aPrefNames ,
nsISecurityPref * aSecurityPref )
1999-11-25 05:28:18 +00:00
{
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
for ( PRUint32 c = 0 ; c < aPrefCount ; c + + )
{
unsigned count = 0 ;
const char * dots [ 5 ] ;
const char * p ;
for ( p = aPrefNames [ c ] ; * p ; p + + )
{
if ( * p = = ' . ' )
{
dots [ count + + ] = p ;
if ( count = = sizeof ( dots ) / sizeof ( dots [ 0 ] ) )
break ;
1999-11-16 05:07:31 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
if ( count < sizeof ( dots ) / sizeof ( dots [ 0 ] ) )
dots [ count ] = p ;
if ( count < 3 )
continue ;
const char * policyName = dots [ 1 ] + 1 ;
int policyLength = dots [ 2 ] - policyName ;
PRBool isDefault = PL_strncmp ( " default " , policyName , policyLength ) = = 0 ;
if ( ! isDefault & & count = = 3 )
{
// capability.policy.<policyname>.sites
const char * sitesName = dots [ 2 ] + 1 ;
int sitesLength = dots [ 3 ] - sitesName ;
if ( PL_strncmp ( " sites " , sitesName , sitesLength ) = = 0 )
{
if ( ! mOriginToPolicyMap )
{
2001-07-31 19:05:34 +00:00
mOriginToPolicyMap =
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
new nsObjectHashtable ( nsnull , nsnull , DeleteEntry , nsnull ) ;
if ( ! mOriginToPolicyMap )
return NS_ERROR_OUT_OF_MEMORY ;
}
char * s ;
2001-08-02 20:32:48 +00:00
if ( NS_FAILED ( aSecurityPref - > SecurityGetCharPref ( aPrefNames [ c ] , & s ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_FAILURE ;
char * q = s ;
char * r = s ;
char * lastDot = nsnull ;
char * nextToLastDot = nsnull ;
PRBool working = PR_TRUE ;
while ( working )
{
if ( * r = = ' ' | | * r = = ' \0 ' )
{
working = ( * r ! = ' \0 ' ) ;
* r = ' \0 ' ;
nsCStringKey key ( nextToLastDot ? nextToLastDot + 1 : q ) ;
2001-07-31 19:05:34 +00:00
nsDomainEntry * value = new nsDomainEntry ( q , policyName ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
policyLength ) ;
if ( ! value )
break ;
2001-07-31 19:05:34 +00:00
nsDomainEntry * de = ( nsDomainEntry * )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mOriginToPolicyMap - > Get ( & key ) ;
if ( ! de )
mOriginToPolicyMap - > Put ( & key , value ) ;
else
{
if ( de - > Matches ( q ) )
{
value - > mNext = de ;
mOriginToPolicyMap - > Put ( & key , value ) ;
2000-02-03 23:28:36 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else
{
while ( de - > mNext )
{
if ( de - > mNext - > Matches ( q ) )
{
value - > mNext = de - > mNext ;
de - > mNext = value ;
break ;
}
de = de - > mNext ;
}
if ( ! de - > mNext )
de - > mNext = value ;
2000-02-03 23:28:36 +00:00
}
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
q = r + 1 ;
lastDot = nextToLastDot = nsnull ;
2000-02-03 23:28:36 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else if ( * r = = ' . ' )
{
nextToLastDot = lastDot ;
lastDot = r ;
}
r + + ;
1999-11-16 05:07:31 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
PR_Free ( s ) ;
1999-11-16 05:07:31 +00:00
}
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
else if ( count > 3 )
{ // capability.policy.<policyname>.<class>.<property>[.(get|set)]
// Store the class name so we know this class has a policy set on it
2001-08-02 20:32:48 +00:00
// Shoving a null into the pref name string is unorthodox
2001-05-19 00:33:51 +00:00
// but it saves a malloc & copy - hash keys require null-terminated strings
* ( char * ) dots [ 3 ] = ' \0 ' ;
nsCStringKey classNameKey ( dots [ 2 ] + 1 ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( ! ( mClassPolicies ) )
mClassPolicies = new nsHashtable ( 31 ) ;
2001-07-31 19:05:34 +00:00
// We don't actually have to store the class name as data in the hashtable,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// since all we check for is whether the key exists.
void * classPolicy = mClassPolicies - > Get ( & classNameKey ) ;
if ( isDefault & & ! classPolicy )
mClassPolicies - > Put ( & classNameKey , ( void * ) CLASS_POLICY_DEFAULT ) ;
else if ( ! isDefault & & classPolicy ! = ( void * ) CLASS_POLICY_SITE )
mClassPolicies - > Put ( & classNameKey , ( void * ) CLASS_POLICY_SITE ) ;
1999-10-28 22:09:03 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
}
return NS_OK ;
1999-09-15 04:05:43 +00:00
}
2000-05-16 03:40:51 +00:00
nsresult
2001-07-31 19:05:34 +00:00
nsScriptSecurityManager : : PrincipalPrefNames ( const char * pref ,
2000-05-16 03:40:51 +00:00
char * * grantedPref , char * * deniedPref )
{
char * lastDot = PL_strrchr ( pref , ' . ' ) ;
if ( ! lastDot ) return NS_ERROR_FAILURE ;
PRInt32 prefLen = lastDot - pref + 1 ;
* grantedPref = nsnull ;
* deniedPref = nsnull ;
static const char granted [ ] = " granted " ;
* grantedPref = ( char * ) PR_MALLOC ( prefLen + sizeof ( granted ) ) ;
if ( ! grantedPref ) return NS_ERROR_OUT_OF_MEMORY ;
PL_strncpy ( * grantedPref , pref , prefLen ) ;
PL_strcpy ( * grantedPref + prefLen , granted ) ;
static const char denied [ ] = " denied " ;
* deniedPref = ( char * ) PR_MALLOC ( prefLen + sizeof ( denied ) ) ;
if ( ! deniedPref )
{
PR_FREEIF ( * grantedPref ) ;
return NS_ERROR_OUT_OF_MEMORY ;
}
PL_strncpy ( * deniedPref , pref , prefLen ) ;
PL_strcpy ( * deniedPref + prefLen , denied ) ;
return NS_OK ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2001-08-02 20:32:48 +00:00
nsScriptSecurityManager : : InitPrincipals ( PRUint32 aPrefCount , const char * * aPrefNames ,
nsISecurityPref * aSecurityPref )
2000-01-18 21:54:01 +00:00
{
2000-05-16 03:40:51 +00:00
/* This is the principal preference syntax:
2000-07-26 04:53:01 +00:00
* capability . principal . [ codebase | certificate ] . < name > . [ id | granted | denied ]
2000-05-16 03:40:51 +00:00
* For example :
2000-07-26 04:53:01 +00:00
* user_pref ( " capability.principal.certificate.p1.id " , " 12:34:AB:CD " ) ;
2001-07-31 19:05:34 +00:00
* user_pref ( " capability.principal.certificate.p1.granted " , " Capability1 Capability2 " ) ;
2000-07-26 04:53:01 +00:00
* user_pref ( " capability.principal.certificate.p1.denied " , " Capability3 " ) ;
2000-05-16 03:40:51 +00:00
*/
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
static const char idSuffix [ ] = " .id " ;
for ( PRUint32 c = 0 ; c < aPrefCount ; c + + )
{
PRInt32 prefNameLen = PL_strlen ( aPrefNames [ c ] ) - ( sizeof ( idSuffix ) - 1 ) ;
if ( PL_strcasecmp ( aPrefNames [ c ] + prefNameLen , idSuffix ) ! = 0 )
continue ;
2000-05-16 03:40:51 +00:00
2001-08-02 20:32:48 +00:00
nsXPIDLCString id ;
if ( NS_FAILED ( aSecurityPref - > SecurityGetCharPref ( aPrefNames [ c ] , getter_Copies ( id ) ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_ERROR_FAILURE ;
2000-05-16 03:40:51 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsXPIDLCString grantedPrefName ;
nsXPIDLCString deniedPrefName ;
2001-07-31 19:05:34 +00:00
nsresult rv = PrincipalPrefNames ( aPrefNames [ c ] ,
getter_Copies ( grantedPrefName ) ,
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
getter_Copies ( deniedPrefName ) ) ;
if ( rv = = NS_ERROR_OUT_OF_MEMORY )
return rv ;
else if ( NS_FAILED ( rv ) )
continue ;
2000-07-20 01:16:15 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
char * grantedList = nsnull ;
2001-08-02 20:32:48 +00:00
aSecurityPref - > SecurityGetCharPref ( grantedPrefName , & grantedList ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
char * deniedList = nsnull ;
2001-08-02 20:32:48 +00:00
aSecurityPref - > SecurityGetCharPref ( deniedPrefName , & deniedList ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Delete prefs if their value is the empty string
2001-07-31 19:05:34 +00:00
if ( ( ! id | | id [ 0 ] = = ' \0 ' ) | |
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
( ( ! grantedList | | grantedList [ 0 ] = = ' \0 ' ) & & ( ! deniedList | | deniedList [ 0 ] = = ' \0 ' ) ) )
{
2001-08-02 20:32:48 +00:00
aSecurityPref - > SecurityClearUserPref ( aPrefNames [ c ] ) ;
aSecurityPref - > SecurityClearUserPref ( grantedPrefName ) ;
aSecurityPref - > SecurityClearUserPref ( deniedPrefName ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
PR_FREEIF ( grantedList ) ;
PR_FREEIF ( deniedList ) ;
continue ;
2000-01-23 04:23:14 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Create a principal based on the prefs
static const char certificateName [ ] = " capability.principal.certificate " ;
static const char codebaseName [ ] = " capability.principal.codebase " ;
nsCOMPtr < nsIPrincipal > principal ;
2001-07-31 19:05:34 +00:00
if ( PL_strncmp ( aPrefNames [ c ] , certificateName ,
sizeof ( certificateName ) - 1 ) = = 0 )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
nsCertificatePrincipal * certificate = new nsCertificatePrincipal ( ) ;
if ( certificate ) {
NS_ADDREF ( certificate ) ;
2001-07-31 19:05:34 +00:00
if ( NS_SUCCEEDED ( certificate - > InitFromPersistent ( aPrefNames [ c ] , id ,
grantedList , deniedList ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
principal = do_QueryInterface ( ( nsBasePrincipal * ) certificate ) ;
NS_RELEASE ( certificate ) ;
}
2001-07-31 19:05:34 +00:00
} else if ( PL_strncmp ( aPrefNames [ c ] , codebaseName ,
sizeof ( codebaseName ) - 1 ) = = 0 )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
{
nsCodebasePrincipal * codebase = new nsCodebasePrincipal ( ) ;
if ( codebase ) {
NS_ADDREF ( codebase ) ;
2001-07-31 19:05:34 +00:00
if ( NS_SUCCEEDED ( codebase - > InitFromPersistent ( aPrefNames [ c ] , id ,
grantedList , deniedList ) ) )
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
principal = do_QueryInterface ( ( nsBasePrincipal * ) codebase ) ;
NS_RELEASE ( codebase ) ;
}
2000-04-26 03:50:07 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
PR_FREEIF ( grantedList ) ;
PR_FREEIF ( deniedList ) ;
2001-07-31 19:05:34 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
if ( principal )
{
if ( ! mPrincipals )
{
mPrincipals = new nsSupportsHashtable ( 31 ) ;
if ( ! mPrincipals )
return NS_ERROR_OUT_OF_MEMORY ;
}
nsIPrincipalKey key ( principal ) ;
mPrincipals - > Put ( & key , principal ) ;
}
2000-01-23 04:23:14 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
return NS_OK ;
2000-01-18 21:54:01 +00:00
}
2000-01-06 00:59:18 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
inline void
2001-08-02 20:32:48 +00:00
nsScriptSecurityManager : : JSEnabledPrefChanged ( nsISecurityPref * aSecurityPref )
2000-01-06 00:59:18 +00:00
{
2001-08-02 20:32:48 +00:00
if ( NS_FAILED ( aSecurityPref - > SecurityGetBoolPref ( sJSEnabledPrefName ,
& mIsJavaScriptEnabled ) ) )
2000-01-06 00:59:18 +00:00
// Default to enabled.
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mIsJavaScriptEnabled = PR_TRUE ;
2000-01-06 00:59:18 +00:00
2001-08-02 20:32:48 +00:00
if ( NS_FAILED ( aSecurityPref - > SecurityGetBoolPref ( sJSMailEnabledPrefName ,
& mIsMailJavaScriptEnabled ) ) )
2000-01-08 16:51:54 +00:00
// Default to enabled.
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
mIsMailJavaScriptEnabled = PR_TRUE ;
2000-02-10 04:56:56 +00:00
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
nsresult
2000-07-26 04:53:01 +00:00
nsScriptSecurityManager : : InitPrefs ( )
1999-09-15 04:05:43 +00:00
{
1999-11-12 03:07:37 +00:00
nsresult rv ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsIPrefService > prefService ( do_GetService ( NS_PREFSERVICE_CONTRACTID , & rv ) ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_ENSURE_SUCCESS ( rv , rv ) ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsIPrefBranch > prefBranch ;
rv = prefService - > GetBranch ( nsnull , getter_AddRefs ( prefBranch ) ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_ENSURE_SUCCESS ( rv , rv ) ;
2001-08-02 20:32:48 +00:00
mPrefBranchWeakRef = getter_AddRefs ( NS_GetWeakReference ( prefBranch ) ) ;
nsCOMPtr < nsIPrefBranchInternal > prefBranchInternal = do_QueryInterface ( prefBranch , & rv ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
NS_ENSURE_SUCCESS ( rv , rv ) ;
2001-08-02 20:32:48 +00:00
nsCOMPtr < nsISecurityPref > securityPref = do_QueryInterface ( prefBranch ) ;
2000-07-26 04:53:01 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// Set the initial value of the "javascript.enabled" prefs
2001-08-02 20:32:48 +00:00
JSEnabledPrefChanged ( securityPref ) ;
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
// set observer callbacks in case the value of the pref changes
2001-05-11 00:43:27 +00:00
prefBranchInternal - > AddObserver ( sJSEnabledPrefName , this ) ;
prefBranchInternal - > AddObserver ( sJSMailEnabledPrefName , this ) ;
2000-01-23 04:23:14 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
PRUint32 prefCount ;
char * * prefNames ;
2000-01-06 00:59:18 +00:00
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Initialize the policy database from prefs
2001-08-02 20:32:48 +00:00
rv = prefBranch - > GetChildList ( " capability.policy " , & prefCount , & prefNames ) ;
if ( NS_SUCCEEDED ( rv ) & & prefCount > 0 )
{
rv = InitPolicies ( prefCount , ( const char * * ) prefNames , securityPref ) ;
NS_ENSURE_SUCCESS ( rv , rv ) ;
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY ( prefCount , prefNames ) ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Initialize the principals database from prefs
2001-08-02 20:32:48 +00:00
rv = prefBranch - > GetChildList ( sPrincipalPrefix , & prefCount , & prefNames ) ;
if ( NS_SUCCEEDED ( rv ) & & prefCount > 0 )
{
rv = InitPrincipals ( prefCount , ( const char * * ) prefNames , securityPref ) ;
NS_ENSURE_SUCCESS ( rv , rv ) ;
NS_FREE_XPCOM_ALLOCATED_POINTER_ARRAY ( prefCount , prefNames ) ;
}
Landing the XPCDOM_20010329_BRANCH branch, changes mostly done by jband@netscape.com and jst@netscape.com, also some changes done by shaver@mozilla.org, peterv@netscape.com and markh@activestate.com. r= and sr= by vidur@netscape.com, jband@netscape.com, jst@netscpae.com, danm@netscape.com, hyatt@netscape.com, shaver@mozilla.org, dbradley@netscape.com, rpotts@netscape.com.
2001-05-08 16:46:42 +00:00
//-- Set a callback for principal changes
2001-05-11 00:43:27 +00:00
prefBranchInternal - > AddObserver ( sPrincipalPrefix , this ) ;
2000-02-10 04:56:56 +00:00
1999-11-11 22:10:36 +00:00
return NS_OK ;
1999-09-15 04:05:43 +00:00
}