gecko-dev/caps/nsIAddonPolicyService.idl
Shane Caraveo f800952de9 Bug 1581611 Part 1: add content_scripts to the extension content_security_policy r=rpl,bzbarsky
This patch adds support for including content_scripts CSP in the extensions
manifest, along with all interfaces necessary to access the CSP value.  This does not
implement actual use of the CSP for content scripts.

Differential Revision: https://phabricator.services.mozilla.com/D46824

--HG--
extra : moz-landing-system : lando
2019-11-01 06:02:45 +00:00

93 lines
3.1 KiB
Plaintext

/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "nsISupports.idl"
#include "nsIURI.idl"
/**
* This interface allows the security manager to query custom per-addon security
* policy.
*/
[scriptable, uuid(8a034ef9-9d14-4c5d-8319-06c1ab574baa)]
interface nsIAddonPolicyService : nsISupports
{
/**
* Returns the base content security policy, which is applied to all
* extension documents, in addition to any custom policies.
*/
readonly attribute AString baseCSP;
/**
* Returns the default content security policy which applies to extension
* documents which do not specify any custom policies.
*/
readonly attribute AString defaultCSP;
/**
* Returns the content security policy which applies to documents belonging
* to the extension with the given ID. This may be either a custom policy,
* if one was supplied, or the default policy if one was not.
*/
AString getExtensionPageCSP(in AString aAddonId);
/**
* Returns the content security policy which applies to content scripts belonging
* to the extension with the given ID. This may be either a custom policy,
* if one was supplied, or the default policy if one was not.
*/
AString getContentScriptCSP(in AString aAddonId);
/**
* Returns the generated background page as a data-URI, if any. If the addon
* does not have an auto-generated background page, an empty string is
* returned.
*/
ACString getGeneratedBackgroundPageUrl(in ACString aAddonId);
/**
* Returns true if the addon was granted the |aPerm| API permission.
*/
boolean addonHasPermission(in AString aAddonId, in AString aPerm);
/**
* Returns true if unprivileged code associated with the given addon may load
* data from |aURI|. If |aExplicit| is true, the <all_urls> permission and
* permissive host globs are ignored when checking for a match.
*/
boolean addonMayLoadURI(in AString aAddonId, in nsIURI aURI, [optional] in boolean aExplicit);
/**
* Returns the name of the WebExtension with the given ID, or the ID string
* if no matching add-on can be found.
*/
AString getExtensionName(in AString aAddonId);
/**
* Returns true if a given extension:// URI is web-accessible.
*/
boolean extensionURILoadableByAnyone(in nsIURI aURI);
/**
* Maps an extension URI to the ID of the addon it belongs to.
*/
AString extensionURIToAddonId(in nsIURI aURI);
};
/**
* This interface exposes functionality related to add-on content policy
* enforcement.
*/
[scriptable, uuid(7a4fe60b-9131-45f5-83f3-dc63b5d71a5d)]
interface nsIAddonContentPolicy : nsISupports
{
/**
* Checks a custom content security policy string, to ensure that it meets
* minimum security requirements. Returns null for valid policies, or a
* string describing the error for invalid policies.
*/
AString validateAddonCSP(in AString aPolicyString);
};