Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-22 01:35:35 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
4275cd1039
gecko-dev/dom/html/HTMLEmbedElement.cpp
Kris Maglione 4275cd1039 Bug 1406278: Part 1 - Pass subject principal to SetAttribute and friends. r=bz 
In order to tailor certain security checks to the caller that is attempting to
load a particular piece of content, we need to be able to attach an
appropriate triggering principal to the corresponding requests. Since most
HTML content is loaded based on attribute values, that means capturing the
subject principal of the caller who sets those attributes, which means making
it available to AfterSetAttr hooks.

MozReview-Commit-ID: BMDL2Uepg0X

--HG--
extra : rebase_source : 25e438c243700a9368c393e40e3a6002d968d6c8
2017-10-09 14:33:38 -07:00

354 lines
11 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "mozilla/EventStates.h"
#include "mozilla/dom/HTMLEmbedElement.h"
#include "mozilla/dom/HTMLEmbedElementBinding.h"
#include "mozilla/dom/ElementInlines.h"
#include "nsIDocument.h"
#include "nsIPluginDocument.h"
#include "nsIDOMDocument.h"
#include "nsThreadUtils.h"
#include "nsIScriptError.h"
#include "nsIWidget.h"
#include "nsContentUtils.h"
#ifdef XP_MACOSX
#include "mozilla/EventDispatcher.h"
#include "mozilla/dom/Event.h"
#endif
#include "mozilla/dom/HTMLObjectElement.h"
NS_IMPL_NS_NEW_HTML_ELEMENT_CHECK_PARSER(Embed)
namespace mozilla {
namespace dom {
HTMLEmbedElement::HTMLEmbedElement(already_AddRefed<mozilla::dom::NodeInfo>& aNodeInfo,
FromParser aFromParser)
: nsGenericHTMLElement(aNodeInfo)
{
RegisterActivityObserver();
SetIsNetworkCreated(aFromParser == FROM_PARSER_NETWORK);
// By default we're in the loading state
AddStatesSilently(NS_EVENT_STATE_LOADING);
}
HTMLEmbedElement::~HTMLEmbedElement()
{
#ifdef XP_MACOSX
HTMLObjectElement::OnFocusBlurPlugin(this, false);
#endif
UnregisterActivityObserver();
DestroyImageLoadingContent();
}
NS_IMPL_CYCLE_COLLECTION_CLASS(HTMLEmbedElement)
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INHERITED(HTMLEmbedElement,
nsGenericHTMLElement)
nsObjectLoadingContent::Traverse(tmp, cb);
NS_IMPL_CYCLE_COLLECTION_TRAVERSE_END
NS_IMPL_ISUPPORTS_CYCLE_COLLECTION_INHERITED(HTMLEmbedElement,
nsGenericHTMLElement,
nsIRequestObserver,
nsIStreamListener,
nsIFrameLoaderOwner,
nsIObjectLoadingContent,
imgINotificationObserver,
nsIImageLoadingContent,
imgIOnloadBlocker,
nsIChannelEventSink)
NS_IMPL_ELEMENT_CLONE(HTMLEmbedElement)
#ifdef XP_MACOSX
NS_IMETHODIMP
HTMLEmbedElement::PostHandleEvent(EventChainPostVisitor& aVisitor)
{
HTMLObjectElement::HandleFocusBlurPlugin(this, aVisitor.mEvent);
return NS_OK;
}
#endif // #ifdef XP_MACOSX
void
HTMLEmbedElement::AsyncEventRunning(AsyncEventDispatcher* aEvent)
{
nsImageLoadingContent::AsyncEventRunning(aEvent);
}
nsresult
HTMLEmbedElement::BindToTree(nsIDocument *aDocument,
nsIContent *aParent,
nsIContent *aBindingParent,
bool aCompileEventHandlers)
{
nsresult rv = nsGenericHTMLElement::BindToTree(aDocument, aParent,
aBindingParent,
aCompileEventHandlers);
NS_ENSURE_SUCCESS(rv, rv);
rv = nsObjectLoadingContent::BindToTree(aDocument, aParent,
aBindingParent,
aCompileEventHandlers);
NS_ENSURE_SUCCESS(rv, rv);
// Don't kick off load from being bound to a plugin document - the plugin
// document will call nsObjectLoadingContent::InitializeFromChannel() for the
// initial load.
nsCOMPtr<nsIPluginDocument> pluginDoc = do_QueryInterface(aDocument);
if (!pluginDoc) {
void (HTMLEmbedElement::*start)() = &HTMLEmbedElement::StartObjectLoad;
nsContentUtils::AddScriptRunner(NewRunnableMethod(
"dom::HTMLEmbedElement::BindToTree", this, start));
}
return NS_OK;
}
void
HTMLEmbedElement::UnbindFromTree(bool aDeep,
bool aNullParent)
{
#ifdef XP_MACOSX
// When a page is reloaded (when an nsIDocument's content is removed), the
// focused element isn't necessarily sent an eBlur event. See
// nsFocusManager::ContentRemoved(). This means that a widget may think it
// still contains a focused plugin when it doesn't -- which in turn can
// disable text input in the browser window. See bug 1137229.
HTMLObjectElement::OnFocusBlurPlugin(this, false);
#endif
nsObjectLoadingContent::UnbindFromTree(aDeep, aNullParent);
nsGenericHTMLElement::UnbindFromTree(aDeep, aNullParent);
}
nsresult
HTMLEmbedElement::AfterSetAttr(int32_t aNamespaceID, nsAtom* aName,
const nsAttrValue* aValue,
const nsAttrValue* aOldValue,
nsIPrincipal* aSubjectPrincipal,
bool aNotify)
{
if (aValue) {
nsresult rv = AfterMaybeChangeAttr(aNamespaceID, aName, aNotify);
NS_ENSURE_SUCCESS(rv, rv);
}
return nsGenericHTMLElement::AfterSetAttr(aNamespaceID, aName, aValue,
aOldValue, aSubjectPrincipal, aNotify);
}
nsresult
HTMLEmbedElement::OnAttrSetButNotChanged(int32_t aNamespaceID,
nsAtom* aName,
const nsAttrValueOrString& aValue,
bool aNotify)
{
nsresult rv = AfterMaybeChangeAttr(aNamespaceID, aName, aNotify);
NS_ENSURE_SUCCESS(rv, rv);
return nsGenericHTMLElement::OnAttrSetButNotChanged(aNamespaceID, aName,
aValue, aNotify);
}
nsresult
HTMLEmbedElement::AfterMaybeChangeAttr(int32_t aNamespaceID,
nsAtom* aName,
bool aNotify)
{
if (aNamespaceID == kNameSpaceID_None) {
if (aName == nsGkAtoms::src) {
// If aNotify is false, we are coming from the parser or some such place;
// we'll get bound after all the attributes have been set, so we'll do the
// object load from BindToTree.
// Skip the LoadObject call in that case.
// We also don't want to start loading the object when we're not yet in
// a document, just in case that the caller wants to set additional
// attributes before inserting the node into the document.
if (aNotify && IsInComposedDoc() &&
!BlockEmbedOrObjectContentLoading()) {
nsresult rv = LoadObject(aNotify, true);
NS_ENSURE_SUCCESS(rv, rv);
}
}
}
return NS_OK;
}
bool
HTMLEmbedElement::IsHTMLFocusable(bool aWithMouse,
bool *aIsFocusable,
int32_t *aTabIndex)
{
// Has plugin content: let the plugin decide what to do in terms of
// internal focus from mouse clicks
if (aTabIndex) {
*aTabIndex = TabIndex();
}
*aIsFocusable = true;
// Let the plugin decide, so override.
return true;
}
nsIContent::IMEState
HTMLEmbedElement::GetDesiredIMEState()
{
if (Type() == eType_Plugin) {
return IMEState(IMEState::PLUGIN);
}
return nsGenericHTMLElement::GetDesiredIMEState();
}
int32_t
HTMLEmbedElement::TabIndexDefault()
{
return -1;
}
bool
HTMLEmbedElement::ParseAttribute(int32_t aNamespaceID,
nsAtom *aAttribute,
const nsAString &aValue,
nsAttrValue &aResult)
{
if (aNamespaceID == kNameSpaceID_None) {
if (aAttribute == nsGkAtoms::align) {
return ParseAlignValue(aValue, aResult);
}
if (ParseImageAttribute(aAttribute, aValue, aResult)) {
return true;
}
}
return nsGenericHTMLElement::ParseAttribute(aNamespaceID, aAttribute, aValue,
aResult);
}
static void
MapAttributesIntoRuleBase(const nsMappedAttributes *aAttributes,
GenericSpecifiedValues* aData)
{
nsGenericHTMLElement::MapImageBorderAttributeInto(aAttributes, aData);
nsGenericHTMLElement::MapImageMarginAttributeInto(aAttributes, aData);
nsGenericHTMLElement::MapImageSizeAttributesInto(aAttributes, aData);
nsGenericHTMLElement::MapImageAlignAttributeInto(aAttributes, aData);
}
static void
MapAttributesIntoRuleExceptHidden(const nsMappedAttributes *aAttributes,
GenericSpecifiedValues* aData)
{
MapAttributesIntoRuleBase(aAttributes, aData);
nsGenericHTMLElement::MapCommonAttributesIntoExceptHidden(aAttributes, aData);
}
void
HTMLEmbedElement::MapAttributesIntoRule(const nsMappedAttributes *aAttributes,
GenericSpecifiedValues* aData)
{
MapAttributesIntoRuleBase(aAttributes, aData);
nsGenericHTMLElement::MapCommonAttributesInto(aAttributes, aData);
}
NS_IMETHODIMP_(bool)
HTMLEmbedElement::IsAttributeMapped(const nsAtom *aAttribute) const
{
static const MappedAttributeEntry* const map[] = {
sCommonAttributeMap,
sImageMarginSizeAttributeMap,
sImageBorderAttributeMap,
sImageAlignAttributeMap,
};
return FindAttributeDependence(aAttribute, map);
}
nsMapRuleToAttributesFunc
HTMLEmbedElement::GetAttributeMappingFunction() const
{
return &MapAttributesIntoRuleExceptHidden;
}
void
HTMLEmbedElement::StartObjectLoad(bool aNotify, bool aForceLoad)
{
// BindToTree can call us asynchronously, and we may be removed from the tree
// in the interim
if (!IsInComposedDoc() || !OwnerDoc()->IsActive() ||
BlockEmbedOrObjectContentLoading()) {
return;
}
LoadObject(aNotify, aForceLoad);
SetIsNetworkCreated(false);
}
EventStates
HTMLEmbedElement::IntrinsicState() const
{
return nsGenericHTMLElement::IntrinsicState() | ObjectState();
}
uint32_t
HTMLEmbedElement::GetCapabilities() const
{
return eSupportPlugins | eAllowPluginSkipChannel | eSupportImages | eSupportDocuments;
}
void
HTMLEmbedElement::DestroyContent()
{
nsObjectLoadingContent::DestroyContent();
nsGenericHTMLElement::DestroyContent();
}
nsresult
HTMLEmbedElement::CopyInnerTo(Element* aDest, bool aPreallocateChildren)
{
nsresult rv = nsGenericHTMLElement::CopyInnerTo(aDest, aPreallocateChildren);
NS_ENSURE_SUCCESS(rv, rv);
if (aDest->OwnerDoc()->IsStaticDocument()) {
CreateStaticClone(static_cast<HTMLEmbedElement*>(aDest));
}
return rv;
}
JSObject*
HTMLEmbedElement::WrapNode(JSContext* aCx, JS::Handle<JSObject*> aGivenProto)
{
JSObject* obj;
obj = HTMLEmbedElementBinding::Wrap(aCx, this, aGivenProto);
if (!obj) {
return nullptr;
}
JS::Rooted<JSObject*> rootedObj(aCx, obj);
SetupProtoChain(aCx, rootedObj);
return rootedObj;
}
nsContentPolicyType
HTMLEmbedElement::GetContentPolicyType() const
{
return nsIContentPolicy::TYPE_INTERNAL_EMBED;
}
} // namespace dom
} // namespace mozilla
Reference in New Issue View Git Blame Copy Permalink