corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1174307 - Add some internal content policy types for the purpose of reflecting them on RequestContext; r=sicking

Browse Source 
These new content policy types will be internal ones that we will map
to external nsContentPolicyTypes before passing them to content policy
implementations.
This commit is contained in:
Ehsan Akhgari
2015-06-12 16:52:07 -04:00
parent a2bd65319b
commit a9a3b0edd7
12 changed files with 187 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
dom/base/nsContentPolicy.cpp
View File

@@ -68,7 +68,7 @@ nsContentPolicy::~nsContentPolicy()
inline nsresult
nsContentPolicy::CheckPolicy(CPMethod policyMethod,
SCPMethod simplePolicyMethod,
uint32_t contentType,
nsContentPolicyType contentType,
nsIURI *contentLocation,
nsIURI *requestingLocation,
nsISupports *requestingContext,
@@ -110,6 +110,9 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
}
}
nsContentPolicyType externalType =
nsContentUtils::InternalContentPolicyTypeToExternal(contentType);
/*
* Enumerate mPolicies and ask each of them, taking the logical AND of
* their permissions.
@@ -120,7 +123,7 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
int32_t count = entries.Count();
for (int32_t i = 0; i < count; i++) {
/* check the appropriate policy */
rv = (entries[i]->*policyMethod)(contentType, contentLocation,
rv = (entries[i]->*policyMethod)(externalType, contentLocation,
requestingLocation, requestingContext,
mimeType, extra, requestPrincipal,
decision);
@@ -166,7 +169,7 @@ nsContentPolicy::CheckPolicy(CPMethod policyMethod,
count = simpleEntries.Count();
for (int32_t i = 0; i < count; i++) {
/* check the appropriate policy */
rv = (simpleEntries[i]->*simplePolicyMethod)(contentType, contentLocation,
rv = (simpleEntries[i]->*simplePolicyMethod)(externalType, contentLocation,
requestingLocation,
topFrameElement, isTopLevel,
mimeType, extra, requestPrincipal,

2
dom/base/nsContentPolicy.h
View File

@@ -49,7 +49,7 @@ class nsContentPolicy : public nsIContentPolicy
//Helper method that applies policyMethod across all policies in mPolicies
// with the given parameters
nsresult CheckPolicy(CPMethod policyMethod, SCPMethod simplePolicyMethod,
uint32_t contentType,
nsContentPolicyType contentType,
nsIURI *aURI, nsIURI *origURI,
nsISupports *requestingContext,
const nsACString &mimeGuess, nsISupports *extra,

54
dom/base/nsContentPolicyUtils.h
View File

@@ -92,28 +92,38 @@ inline const char *
NS_CP_ContentTypeName(uint32_t contentType)
{
switch (contentType) {
CASE_RETURN( TYPE_OTHER );
CASE_RETURN( TYPE_SCRIPT );
CASE_RETURN( TYPE_IMAGE );
CASE_RETURN( TYPE_STYLESHEET );
CASE_RETURN( TYPE_OBJECT );
CASE_RETURN( TYPE_DOCUMENT );
CASE_RETURN( TYPE_SUBDOCUMENT );
CASE_RETURN( TYPE_REFRESH );
CASE_RETURN( TYPE_XBL );
CASE_RETURN( TYPE_PING );
CASE_RETURN( TYPE_XMLHTTPREQUEST );
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
CASE_RETURN( TYPE_DTD );
CASE_RETURN( TYPE_FONT );
CASE_RETURN( TYPE_MEDIA );
CASE_RETURN( TYPE_WEBSOCKET );
CASE_RETURN( TYPE_CSP_REPORT );
CASE_RETURN( TYPE_XSLT );
CASE_RETURN( TYPE_BEACON );
CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_OTHER );
CASE_RETURN( TYPE_SCRIPT );
CASE_RETURN( TYPE_IMAGE );
CASE_RETURN( TYPE_STYLESHEET );
CASE_RETURN( TYPE_OBJECT );
CASE_RETURN( TYPE_DOCUMENT );
CASE_RETURN( TYPE_SUBDOCUMENT );
CASE_RETURN( TYPE_REFRESH );
CASE_RETURN( TYPE_XBL );
CASE_RETURN( TYPE_PING );
CASE_RETURN( TYPE_XMLHTTPREQUEST );
CASE_RETURN( TYPE_OBJECT_SUBREQUEST );
CASE_RETURN( TYPE_DTD );
CASE_RETURN( TYPE_FONT );
CASE_RETURN( TYPE_MEDIA );
CASE_RETURN( TYPE_WEBSOCKET );
CASE_RETURN( TYPE_CSP_REPORT );
CASE_RETURN( TYPE_XSLT );
CASE_RETURN( TYPE_BEACON );
CASE_RETURN( TYPE_FETCH );
CASE_RETURN( TYPE_IMAGESET );
CASE_RETURN( TYPE_WEB_MANIFEST );
CASE_RETURN( TYPE_INTERNAL_SCRIPT );
CASE_RETURN( TYPE_INTERNAL_WORKER );
CASE_RETURN( TYPE_INTERNAL_SHARED_WORKER );
CASE_RETURN( TYPE_INTERNAL_EMBED );
CASE_RETURN( TYPE_INTERNAL_OBJECT );
CASE_RETURN( TYPE_INTERNAL_FRAME );
CASE_RETURN( TYPE_INTERNAL_IFRAME );
CASE_RETURN( TYPE_INTERNAL_AUDIO );
CASE_RETURN( TYPE_INTERNAL_VIDEO );
CASE_RETURN( TYPE_INTERNAL_TRACK );
default:
return "<Unknown Type>";
}

28
dom/base/nsContentUtils.cpp
View File

@@ -7812,3 +7812,31 @@ nsContentUtils::GetWindowRoot(nsIDocument* aDoc)
}
return nullptr;
}
/* static */
nsContentPolicyType
nsContentUtils::InternalContentPolicyTypeToExternal(nsContentPolicyType aType)
{
switch (aType) {
case nsIContentPolicy::TYPE_INTERNAL_SCRIPT:
case nsIContentPolicy::TYPE_INTERNAL_WORKER:
case nsIContentPolicy::TYPE_INTERNAL_SHARED_WORKER:
return nsIContentPolicy::TYPE_SCRIPT;
case nsIContentPolicy::TYPE_INTERNAL_EMBED:
case nsIContentPolicy::TYPE_INTERNAL_OBJECT:
return nsIContentPolicy::TYPE_OBJECT;
case nsIContentPolicy::TYPE_INTERNAL_FRAME:
case nsIContentPolicy::TYPE_INTERNAL_IFRAME:
return nsIContentPolicy::TYPE_SUBDOCUMENT;
case nsIContentPolicy::TYPE_INTERNAL_AUDIO:
case nsIContentPolicy::TYPE_INTERNAL_VIDEO:
case nsIContentPolicy::TYPE_INTERNAL_TRACK:
return nsIContentPolicy::TYPE_MEDIA;
default:
return aType;
}
}

5
dom/base/nsContentUtils.h
View File

@@ -916,6 +916,11 @@ public:
*/
static nsIContentPolicy *GetContentPolicy();
/**
* Map internal content policy types to external ones.
*/
static nsContentPolicyType InternalContentPolicyTypeToExternal(nsContentPolicyType aType);
/**
* Quick helper to determine whether there are any mutation listeners
* of a given type that apply to this content or any of its ancestors.

3
dom/base/nsDataDocumentContentPolicy.cpp
View File

@@ -43,6 +43,9 @@ nsDataDocumentContentPolicy::ShouldLoad(uint32_t aContentType,
nsIPrincipal *aRequestPrincipal,
int16_t *aDecision)
{
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
*aDecision = nsIContentPolicy::ACCEPT;
// Look for the document. In most cases, aRequestingContext is a node.
nsCOMPtr<nsIDocument> doc;

2
dom/base/nsIContentPolicy.idl
View File

@@ -20,7 +20,7 @@ interface nsIPrincipal;
* by launching a dialog to prompt the user for something).
*/
[scriptable,uuid(cb978019-0c5b-4067-abb6-c914461208c1)]
[scriptable,uuid(b545899e-42bd-434c-8fec-a0af3448ea15)]
interface nsIContentPolicy : nsIContentPolicyBase
{
/**

82
dom/base/nsIContentPolicyBase.idl
View File

@@ -24,7 +24,7 @@ typedef unsigned long nsContentPolicyType;
* by launching a dialog to prompt the user for something).
*/
[scriptable,uuid(4f2655e8-6365-4583-8510-732bff2186c5)]
[scriptable,uuid(11b8d725-7c2b-429e-b51f-8b5b542d5009)]
interface nsIContentPolicyBase : nsISupports
{
/**
@@ -57,6 +57,10 @@ interface nsIContentPolicyBase : nsISupports
* Implementations of nsIContentPolicy should treat this the same way they
* treat unknown types, because existing users of TYPE_OTHER may be converted
* to use new content types.
*
* Note that the TYPE_INTERNAL_* constants are never passed to content
* policy implementations. They are mapped to other TYPE_* constants, and
* are only intended for internal usage inside Gecko.
*/
const nsContentPolicyType TYPE_OTHER = 1;
@@ -177,6 +181,82 @@ interface nsIContentPolicyBase : nsISupports
*/
const nsContentPolicyType TYPE_WEB_MANIFEST = 22;
/**
* Indicates an internal constant for scripts loaded through script
* elements.
*
* This will be mapped to TYPE_SCRIPT before being passed to content policy
* implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_SCRIPT = 23;
/**
* Indicates an internal constant for scripts loaded through a dedicated
* worker.
*
* This will be mapped to TYPE_SCRIPT before being passed to content policy
* implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_WORKER = 24;
/**
* Indicates an internal constant for scripts loaded through a shared
* worker.
*
* This will be mapped to TYPE_SCRIPT before being passed to content policy
* implementations.
*/
const nsContentPolicyType TYPE_INTERNAL_SHARED_WORKER = 25;
/**
* Indicates an internal constant for content loaded from embed elements.
*
* This will be mapped to TYPE_OBJECT.
*/
const nsContentPolicyType TYPE_INTERNAL_EMBED = 26;
/**
* Indicates an internal constant for content loaded from object elements.
*
* This will be mapped to TYPE_OBJECT.
*/
const nsContentPolicyType TYPE_INTERNAL_OBJECT = 27;
/**
* Indicates an internal constant for content loaded from frame elements.
*
* This will be mapped to TYPE_SUBDOCUMENT.
*/
const nsContentPolicyType TYPE_INTERNAL_FRAME = 28;
/**
* Indicates an internal constant for content loaded from iframe elements.
*
* This will be mapped to TYPE_SUBDOCUMENT.
*/
const nsContentPolicyType TYPE_INTERNAL_IFRAME = 29;
/**
* Indicates an internal constant for content loaded from audio elements.
*
* This will be mapped to TYPE_MEDIA.
*/
const nsContentPolicyType TYPE_INTERNAL_AUDIO = 30;
/**
* Indicates an internal constant for content loaded from video elements.
*
* This will be mapped to TYPE_MEDIA.
*/
const nsContentPolicyType TYPE_INTERNAL_VIDEO = 31;
/**
* Indicates an internal constant for content loaded from track elements.
*
* This will be mapped to TYPE_MEDIA.
*/
const nsContentPolicyType TYPE_INTERNAL_TRACK = 32;
/* When adding new content types, please update nsContentBlocker,
* NS_CP_ContentTypeName, nsCSPContext, all nsIContentPolicy
* implementations, and other things that are not listed here that are

2
dom/base/nsISimpleContentPolicy.idl
View File

@@ -28,7 +28,7 @@ interface nsIDOMElement;
* by launching a dialog to prompt the user for something).
*/
[scriptable,uuid(704b4b8e-2287-498a-9c0a-d1bde547a2d4)]
[scriptable,uuid(b181c97c-9d67-4da1-95a0-e0a202e1807c)]
interface nsISimpleContentPolicy : nsIContentPolicyBase
{
/**

3
dom/security/nsCSPService.cpp
View File

@@ -105,6 +105,9 @@ CSPService::ShouldLoad(uint32_t aContentType,
nsIPrincipal *aRequestPrincipal,
int16_t *aDecision)
{
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
if (!aContentLocation) {
return NS_ERROR_FAILURE;
}

3
dom/security/nsMixedContentBlocker.cpp
View File

@@ -339,6 +339,9 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect,
// to them.
MOZ_ASSERT(NS_IsMainThread());
MOZ_ASSERT(aContentType == nsContentUtils::InternalContentPolicyTypeToExternal(aContentType),
"We should only see external content policy types here.");
// Assume active (high risk) content and blocked by default
MixedContentTypes classification = eMixedScript;
// Make decision to block/reject by default

26
extensions/permissions/nsContentBlocker.cpp
View File

@@ -22,7 +22,8 @@
#define BEHAVIOR_NOFOREIGN 3
// From nsIContentPolicy
static const char *kTypeString[] = {"other",
static const char *kTypeString[] = {
"other",
"script",
"image",
"stylesheet",
@@ -43,7 +44,18 @@ static const char *kTypeString[] = {"other",
"beacon",
"fetch",
"imageset",
"manifest"};
"manifest",
"", // TYPE_INTERNAL_SCRIPT
"", // TYPE_INTERNAL_WORKER
"", // TYPE_INTERNAL_SHARED_WORKER
"", // TYPE_INTERNAL_EMBED
"", // TYPE_INTERNAL_OBJECT
"", // TYPE_INTERNAL_FRAME
"", // TYPE_INTERNAL_IFRAME
"", // TYPE_INTERNAL_AUDIO
"", // TYPE_INTERNAL_VIDEO
"" // TYPE_INTERNAL_TRACK
};
#define NUMBER_OF_TYPES MOZ_ARRAY_LENGTH(kTypeString)
uint8_t nsContentBlocker::mBehaviorPref[NUMBER_OF_TYPES];
@@ -119,7 +131,8 @@ nsContentBlocker::PrefChanged(nsIPrefBranch *aPrefBranch,
#define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
for(uint32_t i = 0; i < NUMBER_OF_TYPES; ++i) {
if (PREF_CHANGED(kTypeString[i]) &&
if (*kTypeString[i] &&
PREF_CHANGED(kTypeString[i]) &&
NS_SUCCEEDED(aPrefBranch->GetIntPref(kTypeString[i], &val)))
mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
}
@@ -237,6 +250,13 @@ nsContentBlocker::TestPermission(nsIURI *aCurrentURI,
bool *aFromPrefs)
{
*aFromPrefs = false;
if (!*kTypeString[aContentType - 1]) {
// Disallow internal content policy types, they should not be used here.
*aPermission = false;
return NS_OK;
}
// This default will also get used if there is an unknown value in the
// permission list, or if the permission manager returns unknown values.
*aPermission = true;