mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-21 17:25:36 +00:00
ace6d1063f
The inclusions were removed with the following very crude script and the resulting breakage was fixed up by hand. The manual fixups did either revert the changes done by the script, replace a generic header with a more specific one or replace a header with a forward declaration. find . -name "*.idl" | grep -v web-platform | grep -v third_party | while read path; do interfaces=$(grep "^\(class\|interface\).*:.*" "$path" | cut -d' ' -f2) if [ -n "$interfaces" ]; then if [[ "$interfaces" == *$'\n'* ]]; then regexp="\(" for i in $interfaces; do regexp="$regexp$i\|"; done regexp="${regexp%%\\\|}\)" else regexp="$interfaces" fi interface=$(basename "$path") rg -l "#include.*${interface%%.idl}.h" . | while read path2; do hits=$(grep -v "#include.*${interface%%.idl}.h" "$path2" | grep -c "$regexp" ) if [ $hits -eq 0 ]; then echo "Removing ${interface} from ${path2}" grep -v "#include.*${interface%%.idl}.h" "$path2" > "$path2".tmp mv -f "$path2".tmp "$path2" fi done fi done Differential Revision: https://phabricator.services.mozilla.com/D55442 --HG-- extra : moz-landing-system : lando
222 lines
7.9 KiB
C++
222 lines
7.9 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef nsCSPContext_h___
|
|
#define nsCSPContext_h___
|
|
|
|
#include "mozilla/dom/nsCSPUtils.h"
|
|
#include "mozilla/dom/SecurityPolicyViolationEvent.h"
|
|
#include "mozilla/StaticPrefs_security.h"
|
|
#include "nsIChannel.h"
|
|
#include "nsIChannelEventSink.h"
|
|
#include "nsIContentSecurityPolicy.h"
|
|
#include "nsIInterfaceRequestor.h"
|
|
#include "nsIStreamListener.h"
|
|
#include "nsIWeakReferenceUtils.h"
|
|
#include "nsXPCOM.h"
|
|
|
|
#define NS_CSPCONTEXT_CONTRACTID "@mozilla.org/cspcontext;1"
|
|
// 09d9ed1a-e5d4-4004-bfe0-27ceb923d9ac
|
|
#define NS_CSPCONTEXT_CID \
|
|
{ \
|
|
0x09d9ed1a, 0xe5d4, 0x4004, { \
|
|
0xbf, 0xe0, 0x27, 0xce, 0xb9, 0x23, 0xd9, 0xac \
|
|
} \
|
|
}
|
|
|
|
class nsINetworkInterceptController;
|
|
class nsIEventTarget;
|
|
struct ConsoleMsgQueueElem;
|
|
|
|
namespace mozilla {
|
|
namespace dom {
|
|
class Element;
|
|
}
|
|
namespace ipc {
|
|
class ContentSecurityPolicy;
|
|
}
|
|
} // namespace mozilla
|
|
|
|
class nsCSPContext : public nsIContentSecurityPolicy {
|
|
public:
|
|
NS_DECL_ISUPPORTS
|
|
NS_DECL_NSICONTENTSECURITYPOLICY
|
|
NS_DECL_NSISERIALIZABLE
|
|
|
|
protected:
|
|
virtual ~nsCSPContext();
|
|
|
|
public:
|
|
nsCSPContext();
|
|
|
|
static bool Equals(nsIContentSecurityPolicy* aCSP,
|
|
nsIContentSecurityPolicy* aOtherCSP);
|
|
|
|
// Init a CSP from a different CSP
|
|
nsresult InitFromOther(nsCSPContext* otherContext);
|
|
|
|
/**
|
|
* SetRequestContextWithDocument() needs to be called before the
|
|
* innerWindowID is initialized on the document. Use this function
|
|
* to call back to flush queued up console messages and initialize
|
|
* the innerWindowID. Node, If SetRequestContextWithPrincipal() was
|
|
* called then we do not have a innerWindowID anyway and hence
|
|
* we can not flush messages to the correct console.
|
|
*/
|
|
void flushConsoleMessages();
|
|
|
|
void logToConsole(const char* aName, const nsTArray<nsString>& aParams,
|
|
const nsAString& aSourceName, const nsAString& aSourceLine,
|
|
uint32_t aLineNumber, uint32_t aColumnNumber,
|
|
uint32_t aSeverityFlag);
|
|
|
|
/**
|
|
* Construct SecurityPolicyViolationEventInit structure.
|
|
*
|
|
* @param aBlockedURI
|
|
* A nsIURI: the source of the violation.
|
|
* @param aOriginalUri
|
|
* The original URI if the blocked content is a redirect, else null
|
|
* @param aViolatedDirective
|
|
* the directive that was violated (string).
|
|
* @param aSourceFile
|
|
* name of the file containing the inline script violation
|
|
* @param aScriptSample
|
|
* a sample of the violating inline script
|
|
* @param aLineNum
|
|
* source line number of the violation (if available)
|
|
* @param aColumnNum
|
|
* source column number of the violation (if available)
|
|
* @param aViolationEventInit
|
|
* The output
|
|
*/
|
|
nsresult GatherSecurityPolicyViolationEventData(
|
|
nsIURI* aBlockedURI, const nsACString& aBlockedString,
|
|
nsIURI* aOriginalURI, nsAString& aViolatedDirective,
|
|
uint32_t aViolatedPolicyIndex, nsAString& aSourceFile,
|
|
nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum,
|
|
mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit);
|
|
|
|
nsresult SendReports(
|
|
const mozilla::dom::SecurityPolicyViolationEventInit& aViolationEventInit,
|
|
uint32_t aViolatedPolicyIndex);
|
|
|
|
nsresult FireViolationEvent(
|
|
mozilla::dom::Element* aTriggeringElement,
|
|
nsICSPEventListener* aCSPEventListener,
|
|
const mozilla::dom::SecurityPolicyViolationEventInit&
|
|
aViolationEventInit);
|
|
|
|
enum BlockedContentSource {
|
|
eUnknown,
|
|
eInline,
|
|
eEval,
|
|
eSelf,
|
|
};
|
|
|
|
nsresult AsyncReportViolation(
|
|
mozilla::dom::Element* aTriggeringElement,
|
|
nsICSPEventListener* aCSPEventListener, nsIURI* aBlockedURI,
|
|
BlockedContentSource aBlockedContentSource, nsIURI* aOriginalURI,
|
|
const nsAString& aViolatedDirective, uint32_t aViolatedPolicyIndex,
|
|
const nsAString& aObserverSubject, const nsAString& aSourceFile,
|
|
const nsAString& aScriptSample, uint32_t aLineNum, uint32_t aColumnNum);
|
|
|
|
// Hands off! Don't call this method unless you know what you
|
|
// are doing. It's only supposed to be called from within
|
|
// the principal destructor to avoid a tangling pointer.
|
|
void clearLoadingPrincipal() { mLoadingPrincipal = nullptr; }
|
|
|
|
nsWeakPtr GetLoadingContext() { return mLoadingContext; }
|
|
|
|
static uint32_t ScriptSampleMaxLength() {
|
|
return std::max(
|
|
mozilla::StaticPrefs::security_csp_reporting_script_sample_max_length(),
|
|
0);
|
|
}
|
|
|
|
private:
|
|
void EnsureIPCPoliciesRead();
|
|
|
|
bool permitsInternal(CSPDirective aDir,
|
|
mozilla::dom::Element* aTriggeringElement,
|
|
nsICSPEventListener* aCSPEventListener,
|
|
nsIURI* aContentLocation, nsIURI* aOriginalURIIfRedirect,
|
|
const nsAString& aNonce, bool aIsPreload, bool aSpecific,
|
|
bool aSendViolationReports,
|
|
bool aSendContentLocationInViolationReports,
|
|
bool aParserCreated);
|
|
|
|
// helper to report inline script/style violations
|
|
void reportInlineViolation(nsContentPolicyType aContentType,
|
|
mozilla::dom::Element* aTriggeringElement,
|
|
nsICSPEventListener* aCSPEventListener,
|
|
const nsAString& aNonce, const nsAString& aContent,
|
|
const nsAString& aViolatedDirective,
|
|
uint32_t aViolatedPolicyIndex,
|
|
uint32_t aLineNumber, uint32_t aColumnNumber);
|
|
|
|
nsString mReferrer;
|
|
uint64_t mInnerWindowID; // used for web console logging
|
|
bool mSkipAllowInlineStyleCheck; // used to allow Devtools to edit styles
|
|
// When deserializing an nsCSPContext instance, we initially just keep the
|
|
// policies unparsed. We will only reconstruct actual CSP policy instances
|
|
// when there's an attempt to use the CSP. Given a better way to serialize/
|
|
// deserialize individual nsCSPPolicy objects, this performance
|
|
// optimization could go away.
|
|
nsTArray<mozilla::ipc::ContentSecurityPolicy> mIPCPolicies;
|
|
nsTArray<nsCSPPolicy*> mPolicies;
|
|
nsCOMPtr<nsIURI> mSelfURI;
|
|
nsCOMPtr<nsILoadGroup> mCallingChannelLoadGroup;
|
|
nsWeakPtr mLoadingContext;
|
|
nsCOMPtr<nsIPrincipal> mLoadingPrincipal;
|
|
|
|
// helper members used to queue up web console messages till
|
|
// the windowID becomes available. see flushConsoleMessages()
|
|
nsTArray<ConsoleMsgQueueElem> mConsoleMsgQueue;
|
|
bool mQueueUpMessages;
|
|
nsCOMPtr<nsIEventTarget> mEventTarget;
|
|
};
|
|
|
|
// Class that listens to violation report transmission and logs errors.
|
|
class CSPViolationReportListener : public nsIStreamListener {
|
|
public:
|
|
NS_DECL_NSISTREAMLISTENER
|
|
NS_DECL_NSIREQUESTOBSERVER
|
|
NS_DECL_ISUPPORTS
|
|
|
|
public:
|
|
CSPViolationReportListener();
|
|
|
|
protected:
|
|
virtual ~CSPViolationReportListener();
|
|
};
|
|
|
|
// The POST of the violation report (if it happens) should not follow
|
|
// redirects, per the spec. hence, we implement an nsIChannelEventSink
|
|
// with an object so we can tell XHR to abort if a redirect happens.
|
|
class CSPReportRedirectSink final : public nsIChannelEventSink,
|
|
public nsIInterfaceRequestor {
|
|
public:
|
|
NS_DECL_NSICHANNELEVENTSINK
|
|
NS_DECL_NSIINTERFACEREQUESTOR
|
|
NS_DECL_ISUPPORTS
|
|
|
|
public:
|
|
CSPReportRedirectSink();
|
|
|
|
void SetInterceptController(
|
|
nsINetworkInterceptController* aInterceptController);
|
|
|
|
protected:
|
|
virtual ~CSPReportRedirectSink();
|
|
|
|
private:
|
|
nsCOMPtr<nsINetworkInterceptController> mInterceptController;
|
|
};
|
|
|
|
#endif /* nsCSPContext_h___ */
|