Back to index

lightning-sunbird  0.9+nobinonly
nsContentBlocker.cpp
Go to the documentation of this file.
00001 /* ***** BEGIN LICENSE BLOCK *****
00002  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
00003  *
00004  * The contents of this file are subject to the Mozilla Public License Version
00005  * 1.1 (the "License"); you may not use this file except in compliance with
00006  * the License. You may obtain a copy of the License at
00007  * http://www.mozilla.org/MPL/
00008  *
00009  * Software distributed under the License is distributed on an "AS IS" basis,
00010  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
00011  * for the specific language governing rights and limitations under the
00012  * License.
00013  *
00014  * The Original Code is content blocker code.
00015  *
00016  * The Initial Developer of the Original Code is
00017  * Michiel van Leeuwen <mvl@exedo.nl>.
00018  * Portions created by the Initial Developer are Copyright (C) 2004
00019  * the Initial Developer. All Rights Reserved.
00020  *
00021  * Contributor(s):
00022  *
00023  * Alternatively, the contents of this file may be used under the terms of
00024  * either the GNU General Public License Version 2 or later (the "GPL"), or
00025  * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
00026  * in which case the provisions of the GPL or the LGPL are applicable instead
00027  * of those above. If you wish to allow use of your version of this file only
00028  * under the terms of either the GPL or the LGPL, and not to allow others to
00029  * use your version of this file under the terms of the MPL, indicate your
00030  * decision by deleting the provisions above and replace them with the notice
00031  * and other provisions required by the GPL or the LGPL. If you do not delete
00032  * the provisions above, a recipient may use your version of this file under
00033  * the terms of any one of the MPL, the GPL or the LGPL.
00034  *
00035  * ***** END LICENSE BLOCK ***** */
00036 #include "nsContentBlocker.h"
00037 #include "nsIDocument.h"
00038 #include "nsIContent.h"
00039 #include "nsINodeInfo.h"
00040 #include "nsIURI.h"
00041 #include "nsIServiceManager.h"
00042 #include "nsIScriptGlobalObject.h"
00043 #include "nsIDOMWindow.h"
00044 #include "nsIDOMDocument.h"
00045 #include "nsIDocShellTreeItem.h"
00046 #include "nsIPrefService.h"
00047 #include "nsIPrefBranch.h"
00048 #include "nsIDocShell.h"
00049 #include "nsString.h"
00050 #include "nsContentPolicyUtils.h"
00051 
00052 // Possible behavior pref values
00053 // Those map to the nsIPermissionManager values where possible
00054 #define BEHAVIOR_ACCEPT nsIPermissionManager::ALLOW_ACTION
00055 #define BEHAVIOR_REJECT nsIPermissionManager::DENY_ACTION
00056 #define BEHAVIOR_NOFOREIGN 3
00057 
00058 // From nsIContentPolicy
00059 static const char *kTypeString[NUMBER_OF_TYPES] = {"other", 
00060                                                    "script",
00061                                                    "image",
00062                                                    "stylesheet",
00063                                                    "object",
00064                                                    "document",
00065                                                    "subdocument",
00066                                                    "refresh"};
00067 
00068 
00069 NS_IMPL_ISUPPORTS3(nsContentBlocker, 
00070                    nsIContentPolicy,
00071                    nsIObserver,
00072                    nsSupportsWeakReference)
00073 
00074 nsContentBlocker::nsContentBlocker()
00075 {
00076   memset(mBehaviorPref, BEHAVIOR_ACCEPT, NUMBER_OF_TYPES);
00077 }
00078 
00079 nsresult
00080 nsContentBlocker::Init()
00081 {
00082   nsresult rv;
00083   mPermissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID, &rv);
00084   NS_ENSURE_SUCCESS(rv, rv);
00085 
00086   nsCOMPtr<nsIPrefService> prefService = do_GetService(NS_PREFSERVICE_CONTRACTID, &rv);
00087   NS_ENSURE_SUCCESS(rv, rv);
00088 
00089   nsCOMPtr<nsIPrefBranch> prefBranch;
00090   rv = prefService->GetBranch("permissions.default.", getter_AddRefs(prefBranch));
00091   NS_ENSURE_SUCCESS(rv, rv);
00092 
00093   // Migrate old image blocker pref
00094   nsCOMPtr<nsIPrefBranch> oldPrefBranch;
00095   oldPrefBranch = do_QueryInterface(prefService);
00096   PRInt32 oldPref;
00097   rv = oldPrefBranch->GetIntPref("network.image.imageBehavior", &oldPref);
00098   if (NS_SUCCEEDED(rv) && oldPref) {
00099     PRInt32 newPref;
00100     switch (oldPref) {
00101       default:
00102         newPref = BEHAVIOR_ACCEPT;
00103         break;
00104       case 1:
00105         newPref = BEHAVIOR_NOFOREIGN;
00106         break;
00107       case 2:
00108         newPref = BEHAVIOR_REJECT;
00109         break;
00110     }
00111     prefBranch->SetIntPref("image", newPref);
00112     oldPrefBranch->ClearUserPref("network.image.imageBehavior");
00113   }
00114 
00115 
00116   // The branch is not a copy of the prefservice, but a new object, because
00117   // it is a non-default branch. Adding obeservers to it will only work if
00118   // we make sure that the object doesn't die. So, keep a reference to it.
00119   mPrefBranchInternal = do_QueryInterface(prefBranch, &rv);
00120   NS_ENSURE_SUCCESS(rv, rv);
00121 
00122   rv = mPrefBranchInternal->AddObserver("", this, PR_TRUE);
00123   PrefChanged(prefBranch, nsnull);
00124 
00125   return rv;
00126 }
00127 
00128 #undef  LIMIT
00129 #define LIMIT(x, low, high, default) ((x) >= (low) && (x) <= (high) ? (x) : (default))
00130 
00131 void
00132 nsContentBlocker::PrefChanged(nsIPrefBranch *aPrefBranch,
00133                               const char    *aPref)
00134 {
00135   PRInt32 val;
00136 
00137 #define PREF_CHANGED(_P) (!aPref || !strcmp(aPref, _P))
00138 
00139   for(PRUint32 i = 0; i < NUMBER_OF_TYPES; ++i) {
00140     if (PREF_CHANGED(kTypeString[i]) &&
00141         NS_SUCCEEDED(aPrefBranch->GetIntPref(kTypeString[i], &val)))
00142       mBehaviorPref[i] = LIMIT(val, 1, 3, 1);
00143   }
00144 
00145 }
00146 
00147 // nsIContentPolicy Implementation
00148 NS_IMETHODIMP 
00149 nsContentBlocker::ShouldLoad(PRUint32          aContentType,
00150                              nsIURI           *aContentLocation,
00151                              nsIURI           *aRequestingLocation,
00152                              nsISupports      *aRequestingContext,
00153                              const nsACString &aMimeGuess,
00154                              nsISupports      *aExtra,
00155                              PRInt16          *aDecision)
00156 {
00157   *aDecision = nsIContentPolicy::ACCEPT;
00158   nsresult rv;
00159 
00160   // Ony support NUMBER_OF_TYPES content types. that all there is at the
00161   // moment, but you never know...
00162   if (aContentType > NUMBER_OF_TYPES)
00163     return NS_OK;
00164   
00165   // we can't do anything without this
00166   if (!aContentLocation)
00167     return NS_OK;
00168 
00169   // we only want to check http, https, ftp
00170   // for chrome:// and resources and others, no need to check.
00171   nsCAutoString scheme;
00172   aContentLocation->GetScheme(scheme);
00173   if (!scheme.LowerCaseEqualsLiteral("ftp") &&
00174       !scheme.LowerCaseEqualsLiteral("http") &&
00175       !scheme.LowerCaseEqualsLiteral("https"))
00176     return NS_OK;
00177 
00178   PRBool shouldLoad, fromPrefs;
00179   rv = TestPermission(aContentLocation, aRequestingLocation, aContentType,
00180                       &shouldLoad, &fromPrefs);
00181   NS_ENSURE_SUCCESS(rv, rv);
00182   if (!shouldLoad)
00183     if (fromPrefs)
00184       *aDecision = nsIContentPolicy::REJECT_TYPE;
00185     else
00186       *aDecision = nsIContentPolicy::REJECT_SERVER;
00187 
00188   return NS_OK;
00189 }
00190 
00191 NS_IMETHODIMP
00192 nsContentBlocker::ShouldProcess(PRUint32          aContentType,
00193                                 nsIURI           *aContentLocation,
00194                                 nsIURI           *aRequestingLocation,
00195                                 nsISupports      *aRequestingContext,
00196                                 const nsACString &aMimeGuess,
00197                                 nsISupports      *aExtra,
00198                                 PRInt16          *aDecision)
00199 {
00200   // For loads where aRequestingContext is chrome, we should just
00201   // accept.  Those are most likely toplevel loads in windows, and
00202   // chrome generally knows what it's doing anyway.
00203   nsCOMPtr<nsIDocShellTreeItem> item =
00204     do_QueryInterface(NS_CP_GetDocShellFromContext(aRequestingContext));
00205 
00206   if (item) {
00207     PRInt32 type;
00208     item->GetItemType(&type);
00209     if (type == nsIDocShellTreeItem::typeChrome) {
00210       *aDecision = nsIContentPolicy::ACCEPT;
00211       return NS_OK;
00212     }
00213   }
00214 
00215   // This isn't a load from chrome.  Just do a ShouldLoad() check --
00216   // we want the same answer here
00217   return ShouldLoad(aContentType, aContentLocation, aRequestingLocation,
00218                     aRequestingContext, aMimeGuess, aExtra, aDecision);
00219 }
00220 
00221 nsresult
00222 nsContentBlocker::TestPermission(nsIURI *aCurrentURI,
00223                                  nsIURI *aFirstURI,
00224                                  PRInt32 aContentType,
00225                                  PRBool *aPermission,
00226                                  PRBool *aFromPrefs)
00227 {
00228   *aFromPrefs = PR_FALSE;
00229   // This default will also get used if there is an unknown value in the
00230   // permission list, or if the permission manager returns unknown values.
00231   *aPermission = PR_TRUE;
00232 
00233   // check the permission list first; if we find an entry, it overrides
00234   // default prefs.
00235   // Don't forget the aContentType ranges from 1..8, while the
00236   // array is indexed 0..7
00237   PRUint32 permission;
00238   nsresult rv = mPermissionManager->TestPermission(aCurrentURI, 
00239                                                    kTypeString[aContentType - 1],
00240                                                    &permission);
00241   NS_ENSURE_SUCCESS(rv, rv);
00242 
00243   // If there is nothing on the list, use the default.
00244   if (!permission) {
00245     permission = mBehaviorPref[aContentType - 1];
00246     *aFromPrefs = PR_TRUE;
00247   }
00248 
00249   // Use the fact that the nsIPermissionManager values map to 
00250   // the BEHAVIOR_* values above.
00251   switch (permission) {
00252   case BEHAVIOR_ACCEPT:
00253     *aPermission = PR_TRUE;
00254     break;
00255   case BEHAVIOR_REJECT:
00256     *aPermission = PR_FALSE;
00257     break;
00258 
00259   case BEHAVIOR_NOFOREIGN:
00260     // Third party checking
00261 
00262     // Need a requesting uri for third party checks to work.
00263     if (!aFirstURI)
00264       return NS_OK;
00265 
00266     PRBool trustedSource = PR_FALSE;
00267     rv = aFirstURI->SchemeIs("chrome", &trustedSource);
00268     NS_ENSURE_SUCCESS(rv,rv);
00269     if (!trustedSource) {
00270       rv = aFirstURI->SchemeIs("resource", &trustedSource);
00271       NS_ENSURE_SUCCESS(rv,rv);
00272     }
00273     if (trustedSource)
00274       return NS_OK;
00275 
00276     // compare tails of names checking to see if they have a common domain
00277     // we do this by comparing the tails of both names where each tail 
00278     // includes at least one dot
00279     
00280     // A more generic method somewhere would be nice
00281 
00282     nsCAutoString currentHost;
00283     rv = aCurrentURI->GetAsciiHost(currentHost);
00284     NS_ENSURE_SUCCESS(rv, rv);
00285 
00286     // Search for two dots, starting at the end.
00287     // If there are no two dots found, ++dot will turn to zero,
00288     // that will return the entire string.
00289     PRInt32 dot = currentHost.RFindChar('.');
00290     dot = currentHost.RFindChar('.', dot-1);
00291     ++dot;
00292 
00293     // Get the domain, ie the last part of the host (www.domain.com -> domain.com)
00294     // This will break on co.uk
00295     const nsCSubstring &tail =
00296       Substring(currentHost, dot, currentHost.Length() - dot);
00297 
00298     nsCAutoString firstHost;
00299     rv = aFirstURI->GetAsciiHost(firstHost);
00300     NS_ENSURE_SUCCESS(rv, rv);
00301 
00302     // If the tail is longer then the whole firstHost, it will never match
00303     if (firstHost.Length() < tail.Length()) {
00304       *aPermission = PR_FALSE;
00305       return NS_OK;
00306     }
00307     
00308     // Get the last part of the firstUri with the same length as |tail|
00309     const nsCSubstring &firstTail = 
00310       Substring(firstHost, firstHost.Length() - tail.Length(), tail.Length());
00311 
00312     // Check that both tails are the same, and that just before the tail in
00313     // |firstUri| there is a dot. That means both url are in the same domain
00314     if ((firstHost.Length() > tail.Length() && 
00315          firstHost.CharAt(firstHost.Length() - tail.Length() - 1) != '.') || 
00316         !tail.Equals(firstTail)) {
00317       *aPermission = PR_FALSE;
00318     }
00319     break;
00320   }
00321   
00322   return NS_OK;
00323 }
00324 
00325 NS_IMETHODIMP
00326 nsContentBlocker::Observe(nsISupports     *aSubject,
00327                           const char      *aTopic,
00328                           const PRUnichar *aData)
00329 {
00330   NS_ASSERTION(!strcmp(NS_PREFBRANCH_PREFCHANGE_TOPIC_ID, aTopic),
00331                "unexpected topic - we only deal with pref changes!");
00332 
00333   if (mPrefBranchInternal)
00334     PrefChanged(mPrefBranchInternal, NS_LossyConvertUTF16toASCII(aData).get());
00335   return NS_OK;
00336 }