mirror of
https://github.com/mozilla/gecko-dev.git
synced 2025-01-02 06:17:28 +00:00
7cd400a26f
17977 [DOGFOOD] Reading documents using document.body 17538 document.lastModified is exposed 17537 document.images vulnerabilities 16036 [DOGFOOD] document.Element exposes the DOM of documents from 15757 [DOGFOOD] Injecting JS code using setAttribute and getElemen 15550 Injecting text in documents from any domain using createText 15067 [DOGFOOD] getElementsByTagName() allows reading of arbitrary * Create an array of dom property policy types and initialize it when the script security manager is created. * Move some implementation code to a new shared implementation base class. * Implement privilege enabling, disabling and reverting * Implement stack walking for checking privileges. r=mstoltz@netscape.com * Modify nsIPref to support security policy work. r=neeti@netscape.com
72 lines
2.2 KiB
Plaintext
72 lines
2.2 KiB
Plaintext
/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
|
|
*
|
|
* The contents of this file are subject to the Netscape Public
|
|
* License Version 1.1 (the "License"); you may not use this file
|
|
* except in compliance with the License. You may obtain a copy of
|
|
* the License at http://www.mozilla.org/NPL/
|
|
*
|
|
* Software distributed under the License is distributed on an "AS
|
|
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
|
|
* implied. See the License for the specific language governing
|
|
* rights and limitations under the License.
|
|
*
|
|
* The Original Code is mozilla.org code.
|
|
*
|
|
* The Initial Developer of the Original Code is Netscape
|
|
* Communications Corporation. Portions created by Netscape are
|
|
* Copyright (C) 1999 Netscape Communications Corporation. All
|
|
* Rights Reserved.
|
|
*
|
|
* Contributor(s):
|
|
*/
|
|
|
|
#include "nsISupports.idl"
|
|
#include "nsIPrincipal.idl"
|
|
|
|
interface nsIScriptContext;
|
|
interface nsIURI;
|
|
|
|
[uuid(58df5780-8006-11d2-bd91-00805f8ae3f4)]
|
|
interface nsIScriptSecurityManager : nsISupports
|
|
{
|
|
/**
|
|
* Checks whether the currently executing script can access the given
|
|
* property.
|
|
*
|
|
* @param cx The current active script context
|
|
* @param obj The object that is being accessed
|
|
* @param prop The property being accessed
|
|
* @param isWrite True if write access is being attempted
|
|
* @return True if access is granted
|
|
*/
|
|
boolean CheckScriptAccess(in nsIScriptContext cx, in voidStar obj,
|
|
[const] in string prop, in boolean isWrite);
|
|
|
|
boolean CheckURI(in nsIScriptContext cx, in nsIURI uri);
|
|
|
|
boolean HasSubjectPrincipal();
|
|
|
|
nsIPrincipal GetSubjectPrincipal();
|
|
|
|
nsIPrincipal GetSystemPrincipal();
|
|
|
|
nsIPrincipal CreateCodebasePrincipal(in nsIURI aURI);
|
|
|
|
boolean CanExecuteScripts(in nsIPrincipal principal);
|
|
|
|
boolean CanExecuteFunction(in voidStar jsFunction);
|
|
|
|
boolean IsCapabilityEnabled(in string capability);
|
|
|
|
void EnableCapability(in string capability);
|
|
|
|
void RevertCapability(in string capability);
|
|
|
|
void DisableCapability(in string capability);
|
|
};
|
|
|
|
%{C++
|
|
#define NS_SCRIPTSECURITYMANAGER_PROGID "component://netscape/scriptsecuritymanager"
|
|
#define NS_SCRIPTSECURITYMANAGER_CLASSNAME "scriptsecuritymanager"
|
|
%}
|