gecko-dev/dom/security/nsContentSecurityManager.h
Jonas Allmann adabaeabe2 Bug 1541858, AssertEvalNotUsingSystemPrincipal into the ContentSecurityManager and also call it for worker code r=ckerschb
Bug 1541858 - Extended eval()-Assertion whitelist, r=ckerschb

Differential Revision: https://phabricator.services.mozilla.com/D28052

--HG--
extra : moz-landing-system : lando
2019-04-18 13:54:43 +00:00

52 lines
1.8 KiB
C++

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#ifndef nsContentSecurityManager_h___
#define nsContentSecurityManager_h___
#include "nsIContentSecurityManager.h"
#include "nsIChannel.h"
#include "nsIChannelEventSink.h"
class nsIStreamListener;
#define NS_CONTENTSECURITYMANAGER_CONTRACTID \
"@mozilla.org/contentsecuritymanager;1"
// cdcc1ab8-3cea-4e6c-a294-a651fa35227f
#define NS_CONTENTSECURITYMANAGER_CID \
{ \
0xcdcc1ab8, 0x3cea, 0x4e6c, { \
0xa2, 0x94, 0xa6, 0x51, 0xfa, 0x35, 0x22, 0x7f \
} \
}
class nsContentSecurityManager : public nsIContentSecurityManager,
public nsIChannelEventSink {
public:
NS_DECL_ISUPPORTS
NS_DECL_NSICONTENTSECURITYMANAGER
NS_DECL_NSICHANNELEVENTSINK
nsContentSecurityManager() {}
static nsresult doContentSecurityCheck(
nsIChannel* aChannel, nsCOMPtr<nsIStreamListener>& aInAndOutListener);
static bool AllowTopLevelNavigationToDataURI(nsIChannel* aChannel);
static bool AllowInsecureRedirectToDataURI(nsIChannel* aNewChannel);
static void AssertEvalNotUsingSystemPrincipal(nsIPrincipal* subjectPrincipal,
JSContext* cx);
private:
static nsresult CheckChannel(nsIChannel* aChannel);
static nsresult CheckFTPSubresourceLoad(nsIChannel* aChannel);
virtual ~nsContentSecurityManager() {}
};
#endif /* nsContentSecurityManager_h___ */