mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1165162 - Make OriginAttributes a dictionary, and make it accessible as both a jsval and a canonical string. r=gabor,r=bholley,sr=sicking
This commit is contained in:
parent
42151b7774
commit
eea636ee0c
@ -10,13 +10,32 @@
|
||||
#include "nsIObjectOutputStream.h"
|
||||
#include "nsScriptSecurityManager.h"
|
||||
|
||||
#include "mozilla/dom/ToJSValue.h"
|
||||
|
||||
namespace mozilla {
|
||||
|
||||
void
|
||||
BasePrincipal::OriginAttributes::CreateSuffix(nsACString& aStr)
|
||||
{
|
||||
aStr.Truncate();
|
||||
MOZ_RELEASE_ASSERT(mAppId != nsIScriptSecurityManager::UNKNOWN_APP_ID);
|
||||
int attrCount = 0;
|
||||
|
||||
if (mAppId != nsIScriptSecurityManager::NO_APP_ID) {
|
||||
aStr.Append(attrCount++ ? "&appId=" : "!appId=");
|
||||
aStr.AppendInt(mAppId);
|
||||
}
|
||||
|
||||
if (mInBrowser) {
|
||||
aStr.Append(attrCount++ ? "&inBrowser=1" : "!inBrowser=1");
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
BasePrincipal::OriginAttributes::Serialize(nsIObjectOutputStream* aStream) const
|
||||
{
|
||||
aStream->Write32(mAppId);
|
||||
aStream->WriteBoolean(mIsInBrowserElement);
|
||||
aStream->WriteBoolean(mInBrowser);
|
||||
}
|
||||
|
||||
nsresult
|
||||
@ -25,7 +44,7 @@ BasePrincipal::OriginAttributes::Deserialize(nsIObjectInputStream* aStream)
|
||||
nsresult rv = aStream->Read32(&mAppId);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
rv = aStream->ReadBoolean(&mIsInBrowserElement);
|
||||
rv = aStream->ReadBoolean(&mInBrowser);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
return NS_OK;
|
||||
@ -104,6 +123,22 @@ BasePrincipal::GetJarPrefix(nsACString& aJarPrefix)
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::GetOriginAttributes(JSContext* aCx, JS::MutableHandle<JS::Value> aVal)
|
||||
{
|
||||
if (NS_WARN_IF(!ToJSValue(aCx, mOriginAttributes, aVal))) {
|
||||
return NS_ERROR_FAILURE;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes)
|
||||
{
|
||||
mOriginAttributes.CreateSuffix(aOriginAttributes);
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
BasePrincipal::GetAppStatus(uint16_t* aAppStatus)
|
||||
{
|
||||
|
@ -11,6 +11,8 @@
|
||||
#include "nsIScriptSecurityManager.h"
|
||||
#include "nsJSPrincipals.h"
|
||||
|
||||
#include "mozilla/dom/SystemDictionariesBinding.h"
|
||||
|
||||
class nsIObjectOutputStream;
|
||||
class nsIObjectInputStream;
|
||||
|
||||
@ -39,6 +41,8 @@ public:
|
||||
NS_IMETHOD SetCsp(nsIContentSecurityPolicy* aCsp) override;
|
||||
NS_IMETHOD GetIsNullPrincipal(bool* aIsNullPrincipal) override;
|
||||
NS_IMETHOD GetJarPrefix(nsACString& aJarPrefix) final;
|
||||
NS_IMETHOD GetOriginAttributes(JSContext* aCx, JS::MutableHandle<JS::Value> aVal) final;
|
||||
NS_IMETHOD GetOriginSuffix(nsACString& aOriginSuffix) final;
|
||||
NS_IMETHOD GetAppStatus(uint16_t* aAppStatus) final;
|
||||
NS_IMETHOD GetAppId(uint32_t* aAppStatus) final;
|
||||
NS_IMETHOD GetIsInBrowserElement(bool* aIsInBrowserElement) final;
|
||||
@ -48,33 +52,36 @@ public:
|
||||
|
||||
static BasePrincipal* Cast(nsIPrincipal* aPrin) { return static_cast<BasePrincipal*>(aPrin); }
|
||||
|
||||
struct OriginAttributes {
|
||||
// NB: If you add any members here, you need to update Serialize/Deserialize
|
||||
// and bump the CIDs of all the principal implementations that invoke those
|
||||
// methods.
|
||||
uint32_t mAppId;
|
||||
bool mIsInBrowserElement;
|
||||
struct OriginAttributes : public dom::OriginAttributesDictionary {
|
||||
OriginAttributes() {}
|
||||
OriginAttributes(uint32_t aAppId, bool aInBrowser)
|
||||
{
|
||||
mAppId = aAppId;
|
||||
mInBrowser = aInBrowser;
|
||||
}
|
||||
|
||||
OriginAttributes() : mAppId(nsIScriptSecurityManager::NO_APP_ID), mIsInBrowserElement(false) {}
|
||||
OriginAttributes(uint32_t aAppId, bool aIsInBrowserElement)
|
||||
: mAppId(aAppId), mIsInBrowserElement(aIsInBrowserElement) {}
|
||||
bool operator==(const OriginAttributes& aOther) const
|
||||
{
|
||||
return mAppId == aOther.mAppId &&
|
||||
mIsInBrowserElement == aOther.mIsInBrowserElement;
|
||||
mInBrowser == aOther.mInBrowser;
|
||||
}
|
||||
bool operator!=(const OriginAttributes& aOther) const
|
||||
{
|
||||
return !(*this == aOther);
|
||||
}
|
||||
|
||||
// Serializes non-default values into the suffix format, i.e.
|
||||
// |!key1=value1&key2=value2|. If there are no non-default attributes, this
|
||||
// returns an empty string.
|
||||
void CreateSuffix(nsACString& aStr);
|
||||
|
||||
void Serialize(nsIObjectOutputStream* aStream) const;
|
||||
nsresult Deserialize(nsIObjectInputStream* aStream);
|
||||
};
|
||||
|
||||
const OriginAttributes& OriginAttributesRef() { return mOriginAttributes; }
|
||||
uint32_t AppId() const { return mOriginAttributes.mAppId; }
|
||||
bool IsInBrowserElement() const { return mOriginAttributes.mIsInBrowserElement; }
|
||||
bool IsInBrowserElement() const { return mOriginAttributes.mInBrowser; }
|
||||
|
||||
protected:
|
||||
virtual ~BasePrincipal() {}
|
||||
|
@ -20,7 +20,7 @@ interface nsIContentSecurityPolicy;
|
||||
[ptr] native JSPrincipals(JSPrincipals);
|
||||
[ptr] native PrincipalArray(nsTArray<nsCOMPtr<nsIPrincipal> >);
|
||||
|
||||
[scriptable, builtinclass, uuid(7e024afa-afd4-48e7-ba11-1c7b9620b1b2)]
|
||||
[scriptable, builtinclass, uuid(74fb6760-4ae7-4ec7-8ac7-06817c60a93a)]
|
||||
interface nsIPrincipal : nsISerializable
|
||||
{
|
||||
/**
|
||||
@ -157,6 +157,37 @@ interface nsIPrincipal : nsISerializable
|
||||
*/
|
||||
readonly attribute AUTF8String jarPrefix;
|
||||
|
||||
/**
|
||||
* A dictionary of the non-default origin attributes associated with this
|
||||
* nsIPrincipal.
|
||||
*
|
||||
* Attributes are tokens that are taken into account when determining whether
|
||||
* two principals are same-origin - if any attributes differ, the principals
|
||||
* are cross-origin, even if the scheme, host, and port are the same.
|
||||
* Attributes should also be considered for all security and bucketing decisions,
|
||||
* even those which make non-standard comparisons (like cookies, which ignore
|
||||
* scheme, or quotas, which ignore subdomains).
|
||||
*
|
||||
* If you're looking for an easy-to-use canonical stringification of the origin
|
||||
* attributes, see |originSuffix| below.
|
||||
*/
|
||||
[implicit_jscontext]
|
||||
readonly attribute jsval originAttributes;
|
||||
|
||||
/**
|
||||
* A string of the form !key1=value1&key2=value2, where each pair represents
|
||||
* an attribute with a non-default value. If all attributes have default
|
||||
* values, this is the empty string.
|
||||
*
|
||||
* The value of .originSuffix is automatically serialized into .origin, so any
|
||||
* consumers using that are automatically origin-attribute-aware. Consumers with
|
||||
* special requirements must inspect and compare .originSuffix manually.
|
||||
*
|
||||
* originsuffix are intended to be a replacement for jarPrefix, which will
|
||||
* eventually be removed.
|
||||
*/
|
||||
readonly attribute AUTF8String originSuffix;
|
||||
|
||||
/**
|
||||
* The base domain of the codebase URI to which this principal pertains
|
||||
* (generally the document URI), handling null principals and
|
||||
|
22
dom/webidl/SystemDictionaries.webidl
Normal file
22
dom/webidl/SystemDictionaries.webidl
Normal file
@ -0,0 +1,22 @@
|
||||
/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||||
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||||
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||||
* You can obtain one at http://mozilla.org/MPL/2.0/.
|
||||
*
|
||||
* Copyright © 2012 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C
|
||||
* liability, trademark and document use rules apply.
|
||||
*/
|
||||
|
||||
/*
|
||||
* Used by principals and the script security manager to represent origin
|
||||
* attributes.
|
||||
*
|
||||
* IMPORTANT: If you add any members here, you need to update the
|
||||
* CreateSuffix, Serialize, and Deserialize implementations in BasePrincipal,
|
||||
* and bump the CIDs of all the principal implementations that invoke those
|
||||
* methods.
|
||||
*/
|
||||
dictionary OriginAttributesDictionary {
|
||||
unsigned long appId = 0;
|
||||
boolean inBrowser = false;
|
||||
};
|
@ -509,6 +509,7 @@ WEBIDL_FILES = [
|
||||
'SVGViewElement.webidl',
|
||||
'SVGZoomAndPan.webidl',
|
||||
'SVGZoomEvent.webidl',
|
||||
'SystemDictionaries.webidl',
|
||||
'Telephony.webidl',
|
||||
'TelephonyCall.webidl',
|
||||
'TelephonyCallGroup.webidl',
|
||||
|
Loading…
Reference in New Issue
Block a user